Category Archives: Tips and Tricks

The Reign of a New Virus

Biological viruses have plagued humanity since the beginning of human existence. Viruses often use an unknowing host as a means of self replication. Now in the twenty-first century there is a new form of this ancient menace, which preys upon the non-organic, they are computer viruses. Just like biological viruses, computer viruses infect an unknowing host to achieve their own objectives. Anyone who has had a computer virus is aware of the pain that one of these nasty bugs can cause. Those who have had an infected computer, have likely revisited a time they themselves have been sick. Just like an illness, a computer virus will cause a computer to be “bed sick” until the virus is removed. This can cause huge headaches for the user, especially if the contents on one’s computer are valuable or time sensitive.

sick computer Part of our job at iSupportU is removing viruses from client computers and making sure to salvage the clients important data. By understanding how computer viruses work, how they manifest and spread, people can then adjust their computer and internet-browsing habits to avoid infections. We would even venture to say that being a wise computer user is safer than having anti-virus protection. That isn’t to say that anti-virus software is not beneficial to have, but smart browsing habits are your first line of defense. Computer viruses are a lot like human viruses, you have your different types like Chicken Pox, Flu, or Ebola virus. There are many different categories of computer viruses and the term ‘virus’ has been used as a generalization of a computer infections. This broad category can be boiled down into three main categories that are seen the most and they are Trojans, Philshing attacks, and Adware/Spyware.

The first type of infectious software has been coined a ‘Trojan’ from Homer’s poem, The Iliad. In the poem, the Greek army, unable to breach the walls of Troy, left a gift to the Trojans as a sign of defeat in the form of a giant wooden horse. However, unbeknownst to the Trojans, Greek soldiers lay in wait inside the giant wooden horse and, when brought inside the walls of Troy, the Greek soldiers sprang out and opened the gates for the rest of the Greek army to invade. This is exactly what a Trojan computer virus does: it sneaks into a computer and then it gives unauthorized access to an evil doer. Once the Trojan is in, the evil doer can do a whole mess of things, and none of them pleasant. A Trojan can record all the key strokes and mouse inputs of the computer, view exactly what the user is viewing and, worst of all, allow other malicious software to operate on the computer. Just as the name infers, a Trojan virus is one of the more “epic” virus-types out there .

phishing attack The second category of viruses is know as Philshing attacks, these programs or emails are design to “bait” a user in hopes that they will take the bait and give the attacker the information they are looking for. These nasty little bugs find away to sneak onto the host computer much like a trojan by exploiting security flaws, loopholes, or by tricking the user into installing a philshing program. This program will then masquerad as an antivirus program. This usually occurs as a pop up ad stating that the client’s computer is infected with umpteen million viruses and the client must remove it immediately, for a fee, of course, otherwise there will be impending doom. However, this program is the infection itself and its ultimate goal is to trick the user into entering their credit information. Once the credit information has been captured, it is then transmited to “the evil people”, allowing them to make bogus charges to the account. Some timse this attack can come in the form of an email, asking the user to log into their account and for some dire reason. The user will click on the email and it will take them to a page that looks excatly like the real page. The unsuspecting user will enter their login information and before they can realize something is admist, they will have givin away their login information to a website, like Facebook. Once this 3rd party has your login information, they will then proceed to log in to your Facebook. Once on your account, they will either deface the user’s Facebook page with a slew of advertisements or, worse, pretend to be the user and try various ways to extort money from family and friends, generally by fabricating woe-is-me stories. These are the most malicious attacks, because not only do they take advantage of you, but they also take advantage of the trust of your family and friends.

The Third kind of infectious file is known as Adware/Spyware, which is considered by computer technicians and users alike as the most annoying of the bunch. Adware/Spyware uses many different tactics to install itself on a client’s machine. One way is to sneak onto the host computer when the user is browsing the internet, by exploiting security flaws in the internet browser, or loop holes in the operating system. Adware/Spyware may also bundle itself with known good program and when the users goes to install this program, the Adware/Spyware has been slipped into the installer, and thus the user installs both the desired program and the undesired Adware/Spyware. Once the Adware/Spyware is installed on the host machine it can have variety of objectives. It could generate unwanted pop ups ads or redirect the user’s internet browser to an ad website. Usually these pop ups and redirects are at such an aggressive rate that is impossible for the user to do anything else. Some forms of this infection gather information, cataloging what web sites a user visits for the purpose of marketing. This information is then transmited from the client’s machine out to a third party, generally without the user’s knowledge or permission. Once this form of Adware/Spyware is on the system, its affects will generally go unnoticed except for a drop in the computer’s speed, as the program is running in the background.

Our hope with this article is that by informing users of how viruses operate, they will learn to avoid clicking on untrustworthy links, or entering personal information into fake web pages. Also, remember to only download programs from trustworthy manufacturers and websites. Preventing the awful headache of trying to get better again.

Contact iSupportU with any questions about the security of your computers and networks.

CRM & Project Management That Meets Your Business’ Unique Needs

Does your company manage its customer contacts in Outlook or a legacy CRM like ACT? Do you manage your projects with Excel and Word? It’s time to step into 2013 and use a centralized, cloud-based system for your needs.

There are numerous solutions available, most of which are affordable, easy to use, and accessible from any computer. The solution we use at iSupportU and implement for many of our clients is Solve360. Not only is it a Customer Relationship Manager (CRM) but it’s also a project management system. It’s highly customizable, affordable and integrates with a number of business tools including Google Apps. They also have unsurpassed customer service and support!

To find out how Solve360 meets this criteria, check out their Evaluation FAQ page. Spoiler Alert: they pass with flying colors! Check out their 243 5-star reviews in the Google Apps Marketplace.

When determining the best solution for your business, you’ll want to look for the following criteria:

Do you have a clearly-defined set of business processes in place? No technology can replace process, so make sure these are well-defined first.
What is your budget? Some CRM solutions are very expensive and involve license costs. Others offer a low monthly fee.
Can you export your data? This is crucial. You don’t want to put all of your business data in one system only to find out later that you can’t get your data back if you move to another system.
Is there a mobile app? These days, businesses are on-the-go. You’ll want to make sure you can access your CRM and project management system from anywhere.
Is your data secure? Especially, if you’re storing your systems in the cloud you’ll want to make sure that your sensitive information is protected.
What type of uptime does the solution guarantee? If your solution is unreliable you could find your employees twiddling their thumbs with nothing to do if it goes down.
How often are backups performed? If you go with a cloud-based solution, you’ll need to make sure that it includes backups of your data.
Does it have an open API? This is a plus if you want to integrate other business applications or customize the solution down the road.
Does the product have favorable reviews? This is one of the most overlooked and also one of the most important. Do many business use it? Do they like it? Do your research first.

Need some more help finding the best solution for your business? Contact us today!

How to Create a Favicon

You may be asking yourself, what is a favicon? A favicon (short for “favorite icon”) is the small image that is displayed in the top left corner of your browser tab. Favicons are also displayed in the URL bar and in bookmark lists. While a favicon is not a necessity, it is a small bit of graphic design that can make your website instantly recognizable to your users.

A favicon is really nothing more than a 16 pixel by 16 pixel graphic. The catch is that the file has a .ico extension. This used to make creating a favicon somewhat tricky as standard design programs (Photoshop) didn’t offer .ico as an option when saving a graphic. In the past the solution was to create your 16 x16 pixel graphic and then rename it to favicon.ico.

Luckily there is an easier solution – many online services that will help you create a favicon, our favorite is http://www.favicon.cc/. This site will walk you through creating your own favicon from scratch or from an existing image and give you an easy option to download your finished product. One thing to note about using an existing image like your business logo is that the image generation software will sometimes crunch the original file and the end result will be less than desirable. When you only have 16 square pixels to work with, it doesn’t give you much room for things like fades or gradients. A quality favicon is usually comprised of bold solid colors and a simple design. It usually pays off to design your favicon pixel by pixel rather than relying on image compression software. However, if you are short on time and already have a decent graphic to use then you will probably be fine. It often comes down to trial and error to get a really sharp looking favicon.

Once you have your favicon.ico file and you are happy with the way it looks, you will need to upload the file and call it from your HTML. You can upload the .ico file with an FTP program or through your host’s cpanel. It is best practice to upload the favicon.ico file to your root directory, the same level that your index file is located. If your site is hosted on a subdirectory, just upload the file to the root of the subdirectory.

After you have uploaded the file you will need to call it from your HTML in the header section of your page. This can be done anywhere between the open and closing <head> tags. If you have a static site, this will need to be added to every page. If you have a dynamic site like WordPress or Joomla, then you will only need to update the header file (header.php in WordPress).

Here is the code to call your favicon:

<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />

Note that this code will only work if the favicon.ico is located in the root directory – you can edit the href if you have the file in another directory.

Finally, you will need to test to make sure everything is looking good. Open a web browser and point to you URL, you should now see your new favicon. If you don’t see it, try refreshing your browser cache or even try a different browser from what you normally use. Favicons often get cached so try a few browsers before trouble shooting further. If you have tried everything and you just aren’t seeing updates you can force refresh the favicon by adding ?v=2 to the end of the file name in the HTML call. Note, do not rename the file, simply add these 4 characters to your HTML.

<link rel="shortcut icon" href="/favicon.ico?v=2" type="image/x-icon" />

If you do see the favicon, but don’t like the way it looks, go back to the design phase and get creative. Once you have a new design, simply overwrite the file on your host.

Congratulations, you now have a great way for your users to instantly recognize your site! Of course, you can always contact the web team at iSupportU if you’d like us to get your site set up on a favicon.

Google is the king of productivity: Making the most of your apps.

Long gone are the days that Google was thought of as just a search engine. Nowadays, as an established member of the ‘big four’, Google is responsible a huge number of online tools and apps. The continuing integration of this suite of productivity related magic is also helping new users get to grips with the Cloud. We’ve taken a look through two of Google’s most well known tools, and highlighted some simple but little known tricks to get the most out of their magic.

Gmail: If your company isn’t using Gmail, there has to be a really good reason. No other free service allows such a level of control over your communication. It’s automatic access to apps such as Drive (explained below) and the Calendar means it becomes the one stop shop for organising your information.

Our Gmail tip of the day: manage your traffic with the ‘plus’ trick

This is not the plus you are thinking of though! Completely separate from questionable social networks, the plus feature of gmail addresses means you can customize the traffic entering your inbox and manage it how you want to. If your email is setup like mine, you will have something similar to “firstname.lastname”@gmail.com. Adding the ‘+’ symbol and a keyword to the left hand side of your email address can be useful when giving your email address out to large groups or when signing up for newsletters.

For example “firstname.lastname+membership”@gmail.com could be used for your affiliation to a particluar club. Using the amazing filter feature of Gmail, you can tag these emails as soon as they get into your inbox, making organisation that little bit simpler! Other examples are +newsletters for sorting out email lists from personal communications, or +banking for logging into your online accounts.

Give it a try for yourself and see how it can make your life easier!

Drive: Drive is the google answer to Microsoft Office, and a very good one too. Drive gives you the full range of office style tools to allow content creation and editing from the cloud. Access your documents wherever you are. The autosave features are also excellent. Alongside the ease of Cloud access, the ability to share documents with colleagues brings about a whole new era of collaboration. Comments and edits can be made by anyone with access, and ownership is attributed to the correct author, making traceability simple.

Our Drive tip of the day: Set up offline access for your google drive

If you like to work on the go, it’s not realistic to assume you will always have a steady internet connection. Although the synchronization between mobile devices and laptops is excellent, we still cant see many people writing their budget reports on their iphones. We hear from a lot of people who are scared of switching to the cloud in case they cannot use the tools on the road, but this trick solves that problem. Here is where the Google Chrome offline mode comes in handy. Setting up offline mode will allow you to view and edit files, create and rearrange folders, and generally stay productive on the move. When you find a connection again, all these changes will automatically take place!

We’ll be checking in more often over the next few weeks with hints and tips for other useful google tools!

Virus protection for your WordPress Installation

Recent high profile hacks have brought the topic of website security to the fore. No longer is internet safety solely the domain of the CIA and Lulzsec – it’s now also an issue for your own personal site. No-one wants to be the one spreading Viagra messages across the web; your website is your online personality, and clients generally like to know that you can take care of your own website.

With WordPress dominating the new-build website market, vulnerabilities in one website are becoming increasingly worrisome for others on the same platform, but luckily there are a number of simple ways to ensure you minimise the risk of becoming infected:

Risk Reduction

Updates are annoying. Although some may think they serve no purpose other than to consume our lives with pointless website management, most updates have a good reason for being released. The Reuters blog, a high traffic website, started spewing fake interviews with Syrian Rebels across the internet after a hack utilized its outdated and compromised version of WordPress. The update would have taken 20 minutes maximum. So when you see that nagging reminder on your WordPress dashboard asking you to update? Do it! Clicking ‘update’ will take far less time than trawling your website at a later date trying to remedy the situation.

Prevention is always better than a cure; with WordPress, the one-click update process is as user-friendly as it gets. The first step in website security is not computer wizardry, but simple diligence.

Choose your plugins wisely

The beauty of WordPress is in it’s modularity; it will do whatever you want and a whole bunch more. But when you’re adding functionality to your site, whether its a simple Twitter widget or a whole E-commerce platform, choose wisely. Google is great at giving you a whole slew of options for every possible plugin, but there is a simple checklist that can turn your guess into an educated decision:

1. How often is the plugin updated? Look for a plugin that has been updated since the last main WordPress update. An author who is on top of their plugin is more likely to identify any flaws and remedy them before you even download the plugin.

2. Who is the Author? A reputable developer with an updated website and a range of products is more likely to stay on top of bug fixes and updates than a single freelance developer. The functionality may not differ, but the long term support will.

3. What’s the rating? Open source is awesome, and people like to talk. These two tenants of the modern web mean that the WordPress ratings can be trusted to guide you in the right direction when choosing a plugin. What’s the best rating you can get? Ask us! We use a variety of plugins everyday and can quickly evaluate whether the product will do what you need while keeping your site safe.

Clean out the closet

Although WordPress minimises the effort needed to keep your site in good shape, it is not a fit and forget solution. Take a couple of minutes every so often to go through your plugins and see if there is a better solution that solves your problem. Is there a new tool which gives you the functionality you need without anything extra? As always, simple is best; the less extra fluff your site has, the safer it will be from unscrupulous attacks. Often, new core updates to WordPress bring new features with it – Jetpack is a great example. Bringing these things in house reduces your exposure, not to mention reducing the number of plugins you need to juggle.

Anti-virus solutions

When it comes to anti-virus protection, there are a number of steps which need to be taken. Going back to our first point; update. Update your computer’s operating system and your browser, and make sure your local anti-virus protection is running smoothly. Firewalls may seem very 2001, but they are still relevant in ensuring no one is accessing your computer without your knowledge. Browser extensions can function in a similar capacity; for example the Noscript extension for Firefox allows you to control which websites your give a hall pass to. Once you’ve covered these bases, take a look at the Antivirus plugins available in WordPress plugin repository; although not a fix all solution, they may catch some problems before they become serious issues.

Don’t neglect the simple things

With all that being said, there may be an easier place to start. As basic as it sounds, most attacks use some kind of automated system for gaining access to a system. The dictionary attack, for example is a mechanism that iterates through the most common passwords to find yours. Make your security system impervious, and don’t ever use a common password!

Also think about who has access to your site. Does everyone who writes blog posts really need to have administrator permissions? The less people who can get their hands on your site, the fewer accounts that exist – the safer it will be. Updating your anti-virus software is only useful if everyone else is doing it too.

Conclusions

WordPress does a great job at keeping you safe from the nastiest parts of the web, but it also takes a little bit of work on your side too. Stay on top of updates both on your site and more generally on your computer. Make sure you understand what each plugin is bringing to your site, and avoid any unnecessary exposure. A little housekeeping goes a long way, too. iSupportU keeps on top of these maintenance issues every day, and we can tell you where you’re most vulnerable. If you have questions on keeping your site safe in the long run, send us an email or give us a call and we can find a solution that works for you.