SEO considerations for your sites’ images

June 7th, 2017

When working with web platforms like WordPress, there are three letters that induce anxiety in any business owner: SEO (search engine optimization). It’s one of the most confusing aspects of running a modern business, and web apps that rate your SEO with no more than a red or green light don’t make it any easier. Read on to find out whether your site’s images are the cause of that annoying red light.

Do my images really affect my SEO?

One of the reasons images tend to be overlooked when auditing SEO is because it’s easy to forget just how many your website has. Maybe when you first built your site you had a few photos on your homepage, but nowhere else. Over time however, you probably added countless visual elements in blog posts, landing pages and team photos -- drastically increasing the influence of your images on your SEO.

Image resolution and load speed

The first thing to check is how your images affect your site’s speed. If you’re using ultra high-resolution photos, users on mobile devices or satellite data connections will have trouble loading your site. Site load times affect your site’s ranking on Google, so make sure to pare them down to a more reasonable resolution and save them as web-friendly file types (GIF, JPEG and PNG).

Keywords and image title

The days of keyword-stuffing are long gone, but that doesn’t mean you can get away with uploading images with filenames like DSC2558.jpg. Before uploading an image to your site, make sure to name it something relevant to the content, such as gym-trainer-helping-lift.jpg or call-center-customer-service.jpg. This makes it easier for search engines to derive information about the content from the images on a page.

“Alt text” and title text

Even though Google is getting better at recognizing image content without any help from text identifiers, describing your images in your website’s backend is still important for SEO. Every image on your site should have as much text-based information as possible without disrupting the user experience.

To see how this works in WordPress, open up your site dashboard and click on Media. This will display all the images, videos and audio on your site. Select any photo and click “Edit more details.” Whatever you include in the Caption field will be shown below the image, so make sure it corresponds with your content. If it doesn’t work with the content, skip it. In this case user experience takes priority over SEO.

The Alternative Text and Description fields will be shown to visitors only if the image doesn’t load or if they select it manually. They may not seem all that important, but these should be considered non-negotiable for SEO purposes.

Check that your site is doing all these things before requesting another SEO report. If your score changes, start regularly auditing your image optimizations. If you’re still seeing red, there are a number of web- and cloud-based platforms that can help you improve your content. Give us a call today to find out more!

Published with permission from TechAdvisory.org. Source.

Topic Web & Cloud
June 3rd, 2017

Bluetooth technology helps simplify our daily lives -- it allows for hands free communication, a quick and easy way to share content with friends, family, colleagues, and more. In fact, 45 percent of Americans have Bluetooth enabled across multiple devices. This raises the question: Does using Bluetooth leave our doors opened to hacker attacks?

Google paid a settlement fee of $7million for unauthorized data collection from unsecured wireless networks in 2013. While their intention likely wasn’t theft, many disagreed and called them out for Bluesnarfing, a method most hackers are familiar with.

What is it?

Bluesnarfing is the use of Bluetooth connection to steal information from a wireless device, particularly common in smartphones and laptops. Using programming languages that allow them to find Bluetooth devices left continuously on and in “discovery” mode, cybercriminals can attack devices as far as 300 feet away without leaving any trace.

Once a device is compromised, hackers have access to everything on it: contact, emails, passwords, photos, and any other information. To make matters worse, they can also leave victims with costly phone bills by using their phone to tap long distance and 900-number calls.

What preventive measures can you take?

The best way is to disable Bluetooth on your device when you’re not using it, especially in crowded public spaces, a hacker’s sweet spot. Other ways to steer clear of Bluesnarfing include:
  • Switching your Bluetooth to “non-discovery” mode
  • Using at least eight characters in your PIN as every digit adds approximately 10,000 more combinations required to crack it
  • Never accept pairing requests from unknown users
  • Require user approval for connection requests (configurable in your smartphone’s security features)
  • Avoid pairing devices for the first time in public areas
Bluesnarfing isn’t by any means the newest trick in a cybercriminal’s book, but that doesn’t mean it’s any less vicious. If you’d like to know more about how to keep your IT and your devices safe, give us a call and we’ll be happy to advise.
Published with permission from TechAdvisory.org. Source.

Topic Hardware
June 2nd, 2017

There’s a lot of buzz surrounding Google’s latest Android operating system known as “Android O.” Whether it will continue the trademark snack-theme name is yet to be confirmed, but what we do know is users can expect longer battery life and an improved notification system. Besides that, here are six other OS changes you don’t want to miss.

Picture in picture This is one of the so-called "fluid experiences" coming to O devices. You'll be able to watch a YouTube or Netflix video in a small window while using another app. The small window can even be used for a video call. Simply swipe it away when you're done.

Notification dots If an app is trying to get your attention, a dot on the icon will appear. You can pull them down from the top of the screen to view the notification or press down on the app icon to view the notification in place.

Autofill Reminiscent of autofill on computers, this feature will be available for apps on O devices. This makes it easier to log in and set up phones and applications since personal information like your name, address, and credit card details will be automatically filled in.

Better copying and pasting Another component of O device's fluid experience is the enhanced copy-and-paste feature, which will be based on machine learning. You won't have to drag handles to highlight everything you want to copy -- just tap once on names, phone numbers, or addresses and Google will automatically highlight the rest.

Vitals This is the group of optimizations that will improve your device's battery life, startup time and performance, stability and security.

Android for the entry level Normally, the latest operating systems are exclusive to the most powerful phones. However, Google doesn't want to reserve O to state-of-the-art devices. That's why Google developed a variant called Android Go, which aims to provide a seamless Android experience for affordable O phones, including those with fewer components and/or less storage.

Android Go includes a customized set of Google apps that require less memory, storage, and mobile data. Google Play Store will also highlight the apps that will work better on such entry-level phones (regular apps will still be available). The operating system is being designed for O phones with limited memory: anywhere between 512 megabytes and one gigabyte.

The OS will be available this summer. In the meantime, if you want to know more or have any questions about Android O, feel free to contact us today!

Published with permission from TechAdvisory.org. Source.

Topic android
June 1st, 2017

Server and desktop virtualization have been improving computing efficiency and data security for years. But with all the talk about mobile BYOD policies and corporate data protection on smartphones, the National Security Agency (NSA) believes virtualization is the key to true security. Here’s what you need to know:

US government approved

The NSA maintains a program named Commercial Solutions for Classified (CSFC) that tests and approves hardware to assist government entities that are optimizing security. For example, if a public sector network administrator is deciding which mobile devices to purchase for office staff, CSFC has information about which devices are approved for various government roles.

Offices in the intelligence community usually require virtualization hardware and software as a minimum for laptops and tablets. But until now, no smartphones that included the technology have passed the tests. However, a recently released model of the HTC A9 phone includes mobile virtualization functionality that got the green light.

What is mobile virtualization?

Virtualization is an immensely complicated field of technology, but when it comes to mobile devices the process is a little simpler. Like any mobile device management plan, the goal of mobile virtualization is to separate personal data from business data entirely. Current solutions are forced to organize and secure data that is stored in a single drive.

Essentially, current phones have one operating system, which contains a number of folders that can be locked down for business and personal access. But the underlying software running the whole phone still connects everything. So if an employee downloaded malware hidden in a mobile game, it would be possible to spread through the entire system, regardless of how secure individual folders are.

With mobile virtualization however, administrators can separate the operating system from the hardware. This would allow you to partition a phone’s storage into two drives for two operating system installations. Within the business partition, you could forbid users from downloading any apps other than those approved by your business. If employees install something malicious on their personal partition, it has no way of affecting your business data because the two virtualized operating systems have no way of interacting with each other.

Although it’s still in its infancy, the prospect of technology that can essentially combine the software from two devices onto a single smartphone’s hardware is very exciting for the security community. To start preparing your organization for the switch to mobile virtualization, call us today.

Published with permission from TechAdvisory.org. Source.

May 30th, 2017

For businesses, the security of sensitive data is critical. If this information is lost or stolen, it could lead to crippling financial losses, legal disputes, and more importantly, loss of customer trust. And while those of you with Microsoft Office 365 installed have some security and compliance tools, there are still some data protection best practices you need to consider. Here are seven of them:

Take advantage of policy alerts Establishing policy notifications in Office 365’s Compliance Center can help you meet your company’s data security obligations. For instance, policy tips can warn employees about sending confidential information anytime they’re about to send messages to contacts who aren’t listed in the company network. These preemptive warnings can prevent data leaks and also educate users on safer data sharing practices.

Secure mobile devices With the growing trend of using personal smartphones and tablets to access work email, calendar, contacts, and documents, securing mobile devices is now a critical part of protecting your organization’s data. Installing mobile device management features for Office 365 enables you to manage security policies and access rules, and remotely wipe sensitive data from mobile devices if they’re lost or stolen.

Use multi-factor authentication Because of the growing sophistication of today’s cyberattacks, a single password shouldn’t be the only safeguard for Office 365 accounts. To reduce account hijacking instances, you must enable Office 365 multi-factor authentication. This feature makes it more difficult for hackers to access your account since they not only have to guess user passwords but also provide a second authentication factor like a temporary SMS code.

Apply session timeouts Many employees usually forget to log out of their Office 365 accounts and keep their computers or mobile devices unlocked. This could give unauthorized users unfettered access to company accounts, allowing them to compromise sensitive data. But by applying session timeouts to Office 365, email accounts, and internal networks, the system will automatically log users out after 10 minutes, preventing hackers from simply opening company workstations and accessing private information.

Avoid public calendar sharing Office 365 calendar sharing features allows employees to share and sync their schedules with their colleagues. However, publicly sharing this schedule is a bad idea. Enabling public calendar sharing helps attackers understand how your company works, determine who’s away, and identify your most vulnerable users. For instance, if security administrators are publicly listed as “Away on vacation,” an attacker may see this as an opportunity to unleash a slew of malware attacks to corrupt your data before your business can respond.

Employ role-based access controls Another Office 365 feature that will limit the flow of sensitive data across your company is access management. This lets you determine which user (or users) have access to specific files in your company. For example, front-of-house staff won’t be able to read or edit executive-level documents, minimizing data leaks.

Encrypt emails Encrypting classified information is your last line of defense to secure your data. Should hackers intercept your emails, encryption tools will make files unreadable to unauthorized recipients. This is a must-have for Office 365, where files and emails are shared on a regular basis.

While Office 365 offers users the ability to share data and collaborate flexibly, you must be aware of the potential data security risks at all times. When you work with us, we will make sure your business keeps up with ever-changing data security and compliance obligations. And if you need help securing your Office 365, we can help with that too! Simply contact us today.

Published with permission from TechAdvisory.org. Source.

Topic Office
May 27th, 2017

Windows 10’s Fall Creators Update is the next major update that Microsoft will roll out in September. Besides reusing the same "Creators Update" name and focusing on bringing the Windows experience to iOS and Android devices, here are some noteworthy features users can expect.

Timeline It's designed to grant Windows 10 users freedom to switch between multiple devices, including iOS and Android phones. Timeline lets you pick up from where you left off if you're switching between multiple Windows 10 devices. With the Cortana integration, this will even extend to some Microsoft apps on iOS and Android. This useful new feature will be accessible via Window 10’s Task View.

OneDrive Files on Demand This feature allows you to access all your cloud-based files without having to download them in order to optimize your device's storage space. What’s more, you won't have to change the way you work, because all your files — even those online — can be seen in File Explorer, and they work just like every other file on your device.

Cloud clipboard The Windows 10 Fall Creators Update brings a cloud-powered clipboard that lets you copy information from one Windows 10 device and paste it onto another. And this isn't limited to text alone either. On top of that, it supports Android and iOS devices if you use Microsoft's SwiftKey virtual keyboard.

Pick up where you left off As the name suggests, it basically allows you to start working on your PC and continue working on your phone when you are away from your PC (and vice-versa). Currently, the feature works only between Windows 10 PCs in the Windows 10 Creators Update -- but with the upcoming Fall Creators Update for Windows 10, Microsoft will be integrating this capability into your phones as well.

My People It was originally announced as a key feature in the April's Creator Update, but will be launched in the coming Fall Creators Update. This feature lets you pin a number of connections to your taskbar -- three, in the current Insider preview -- and stay in constant touch with them. It defaults to Skype, but you can choose an alternative if you'd like.

These are just a handful of the nifty features users can expect from Windows 10 Fall Creators Update. For more information, don’t hesitate to contact us. We’re more than happy to help.

We’ll keep you updated on the latest developments.

Published with permission from TechAdvisory.org. Source.

Topic Windows
May 26th, 2017

No one can escape the news of WannaCry. The IT industry has been covering this type of malware for years, but never has one campaign spread so far or infected so many computers. Read on to gain a greater understanding of what happened and how to prepare yourself for the inevitable copy cats.

Ransomware review

Ransomware is a specific type of malware program that either encrypts or steals valuable data and threatens to erase it or release it publicly unless a ransom is paid. We’ve been writing about this terrifying threat for years, but the true genesis of ransomware dates all the way back to 1989.

This form of digital extortion has enjoyed peaks and troughs in popularity since then, but never has it been as dangerous as it is now. In 2015, the FBI reported a huge spike in the popularity of ransomware, and healthcare providers became common targets because of the private and time-sensitive nature of their hosted data.

The trend got even worse, and by the end of 2016 ransomware had become a $1 billion-a-year industry.

The WannaCry ransomware

Although the vast majority of ransomware programs rely on convincing users to click compromised links in emails, the WannaCry version seems to have spread via more technical security gaps. It’s still too early to be sure, but the security experts at Malwarebytes Labs believe that the reports of WannaCry being transmitted through phishing emails is simply a matter of confusion. Thousands of other ransomware versions are spread through spam email every day and distinguishing them can be difficult.

By combining a Windows vulnerability recently leaked from the National Security Agency’s cyber arsenal and some simple programming to hunt down servers that interact with public networks, WannaCry spread itself further than any malware campaign has in the last 15 years.

Despite infecting more than 200,000 computers in at least 150 countries, the cyberattackers have only made a fraction of what you would expect. Victims must pay the ransom in Bitcoins, a totally untraceable currency traded online. Inherent to the Bitcoin platform is a public ledger, meaning anyone can see that WannaCry’s coffers have collected a measly 1% of its victims payments.

How to protect yourself for what comes next

Part of the reason this ransomware failed to scare users into paying up is because it was so poorly made. Within a day of its release, the self-propagating portion of its programming was brought to a halt by an individual unsure of why it included a 42-character URL that led to an unregistered domain. Once he registered the web address for himself, WannaCry stopped spreading.

Unfortunately, that doesn’t help the thousands that were already infected. And it definitely doesn’t give you an excuse to ignore what cybersecurity experts are saying, “This is only the beginning.” WannaCry was so poorly written, it’s amazing it made it as far as it did. And considering it would’ve made hundreds of millions of dollars if it was created by more capable programmers, your organization needs to prepare for the next global cyberattack.

Every single day it should be your goal to complete the following:

  • Thorough reviews of reports from basic perimeter security solutions. Antivirus software, hardware firewalls, and intrusion prevention systems log hundreds of amateur attempts on your network security every day; critical vulnerabilities can be gleaned from these documents.
  • Check for updates and security patches for every single piece of software in your office, from accounting apps to operating systems. Computers with the latest updates from Microsoft were totally safe from WannaCry, which should be motivation to never again click “Remind me later.”
  • Social engineering and phishing may not have been factors this time around, but training employees to recognize suspicious links is a surefire strategy for avoiding the thousands of other malware strains that threaten your business.
Revisiting these strategies every single day may seem a bit much, but we’ve been in the industry long enough to know that it takes only one mistake to bring your operations to a halt. For daily monitoring and support, plus industry-leading cybersecurity advice, call us today.
Published with permission from TechAdvisory.org. Source.

Topic Security
May 24th, 2017

Both businesses and individuals across dozens of countries are scrambling to fix their computer systems after a ransomware, named WannaCry, caused major disruptions earlier this month. Like most ransomware, WannaCry encrypts files and demands a Bitcoin payment for their release. What’s worse, more WannaCry variants will likely be developed in the near future, according to security researchers. Fortunately, there are some common strategies you can use to mitigate the damage of the ransomware.

Update your software The first (and probably best) defense against WannaCry ransomware is to update your operating system. New research from Kaspersky shows that machines running Windows XP, 7 and outdated Windows 10 versions were affected by the ransomware. To check whether your systems are up to date, open your Windows search bar, look for Windows Update, click Check for Updates, and install any major updates.

Also, don’t forget to download the latest security patches for your business applications and security software.

Run security programs Many antivirus programs now have mechanisms for detecting and blocking WannaCry malware; so when you’ve fully updated your security software, run a full system scan.

Keep in mind that antivirus isn’t a foolproof security solution. Instead, run it alongside other security applications like intrusion prevention systems and firewalls.

Use data backup and recovery tools If WannaCry does infect your computers, only a solid data backup and recovery solution can save your business. Before ransomware strikes, periodically back up your files in both an external hard drive and a cloud-based backup service.

External hard drives will serve as your local backup solution for quick recovery times. However, we recommend keeping the external drive disconnected when it’s not being used and plugging it in only when you need to back up files at the end of the day. This is because when ransomware infects a computer, it will usually look to encrypt local backup drives as well.

Cloud-based backups, on the other hand, allow you to store files in remote data centers and access them from any internet-enabled device. When selecting a cloud services provider, make sure they provide the appropriate cloud protections to your files. For example, your backup vendor should provide reporting tools to keep track of any anomalies in your files. Document versioning features are also important. This allows you to recover older versions of a document in case the current version is encrypted.

After your local and cloud backups are set up, perform regular tests to ensure your disaster recovery plan works.

Stay informed Finally, it’s important to stay on guard at all times. WannaCry is just one of many ransomware strains affecting businesses today, and in order to stay safe you need to be constantly up to date on the latest cybersecurity- and business continuity-related news.

For more ransomware prevention tips and services, call us today. We’ll make sure hackers don’t hold your business hostage.

Published with permission from TechAdvisory.org. Source.

Topic business
May 23rd, 2017

Cybersecurity didn’t become more important in light of the WannaCry ransomware epidemic, it just became more visible to the average internet user. If like so many others, you’re auditing the security of business’s software, web browsers are a great place to start. Learn more about how your browser choice stacks up in your security comparison.

Microsoft Internet Explorer (IE)/Edge

Despite their nearly identical logos, Edge and IE are actually different browsers with vastly different security strategies. Microsoft’s legacy browser, IE, isn’t even fully supported anymore. The most recent version still gets occasional updates, but experts don’t expect that to last for long. If any website or services claims to require IE to run, consider that a possible red flag.

Windows 10’s default browser, Edge, is a different story. This browser uses a technology called virtualization to create safe spaces to open and test links before granting a website’s programming code full access to a computer and user. Edge is based on the same software as IE, and the majority of its security improvements come from scrapping the browser’s customizability. If you’re okay with a fairly inflexible browsing experience, Edge is a good option.

Apple Safari

Safari is to Macintosh computers what IE is to Windows machines. Safari comes pre-installed on OS X and it has a long history of battling malware. Its security programming has been bested a number of times, but usually in research settings. The commonly held belief is that Safari just doesn’t have enough users to make it a profitable target. Apple has a history of responding quickly to malware, but we don’t recommend leaving anything to chance.

Mozilla Firefox

One of the earlier third-party web browsers to gain popularity was Firefox. Unfortunately, it just can’t keep up with the competition. In just one example, all the data from browser plugins is stored in the same location, which means a compromised add-on could easily gain access to the data stored in a password manager.

One of the reasons that Firefox continues to stick around is its commitment to privacy. All the other browsers on this list profit from analyzing (and sometimes selling) your browsing habits, while Firefox has cornered the market on privacy. Security and privacy should never be confused, but if the latter is more important to you and you aren’t installing third-party plugins, Mozilla is an OK option.

Google Chrome

Chrome is used by almost two-thirds of all internet users, and for good reason. Like Edge, Chrome also uses virtualization to create a quarantined space between the internet and your computer. Additionally, Google issues routine security updates to its browser more frequently than any of the others on this list. There is near unanimous consent among experts that Chrome is the safest of all web browsers.

Privacy however, is a whole other ball game. Pretty much every action you take using the Chrome browser is tracked, stored and analyzed. That’s not to say that your email isn’t encrypted or your saved passwords aren’t safe, it just means you have much less control over your internet identity.

Being aware of how your web browser stacks up against its competitors is only a fraction of the battle. WannaCry spread to uninfected systems through a gap in the Windows security framework, and most other ransomware infections prey on human error. What your business needs is a comprehensive security audit. For more information, call us today.

Published with permission from TechAdvisory.org. Source.

Topic Web & Cloud
May 20th, 2017

With so much technology moving to the cloud, onsite servers aren’t getting as much attention as they used to. Optimizing this critical piece of business technology is no small task, but there are a few simple things you can do to ensure the success of your in-house servers.

Mount your servers properly

Small businesses are usually forced to prioritize the here and now over long-term planning. Not for lack of caring, it’s just a fact of working on tight budgets and with small teams. This is especially evident when it comes to server planning. When your business first sets up shop, it’s tempting to plug in a server right next to your workstations -- but doing so puts your hardware in harm’s way.

Mounting servers in a rack protects them from the accidents commonly associated with highly trafficked areas: spills, crumbs and tripping hazards. Server racks keep your most essential hardware safe by organizing everything in a space that is more accessible for cleaning and management but less exposed to the day-to-day wear and tear of your office.

Server planning is all about leaving room for the future. When choosing your rack mount, make sure to leave room for the hardware you will need to expand in the future. Unless office space is a serious concern, it’s better to have a half-empty server rack than to be forced to tear the whole thing down and redesign it the moment you need to expand.

Keep servers separate from the main area

Depending on what type of servers you are running, they can create quite a bit of noise. This coupled with the fact that they are comprised of valuable hardware means that you should do everything in your power to keep your servers physically separate from your working space. If you don’t have room for a server room, consider investing a little extra in a secure rack mount with built-in sound reduction.

Never skimp on cooling

Even when your business first opens its doors, server cooling is a crucial consideration. These computers are designed to work at peak capacity and need optimal conditions to do so efficiently. Even if your equipment seems to be performing just fine, too much heat can drastically reduce its lifespan.

Make sure that your cooling solution operates outside the confines of your building’s infrastructure. If the central air gets shut off at night, or if your office experiences power outages, you need a cooling solution that switches over to backup power with your servers.

Keep wiring neatly arranged

For anyone without hands-on experience with server hardware, the number of wires going into and out of your setup is shocking. Getting the whole mess organized isn’t just about cleanliness, it also affects the performance of your current setup and the viability of installing future upgrades. Any time you are installing, removing, or rearranging your server cables, check that everything is neatly labeled and safely grouped together.

Managing any type of hardware comes with dozens of important considerations, and that goes doubly so for servers. The best way to guarantee your IT investments are getting the care they require is by partnering with a managed IT services provider. To learn more about our services, give us a call today.

Published with permission from TechAdvisory.org. Source.

Topic Hardware