IT systems failure risk not handled effectively

IT systems failure is the top threat to operational success, but few companies handle IT risk effectively, a study by the Economist Intelligence Unit has found.

Companies fear the collapse of their information technology systems more than they do terrorism, natural disasters, financial risk or regulatory constraints, yet the majority do not manage IT risk effectively, according to Coming to grips with IT risk, a new Economist Intelligence Unit report based on a survey of 145 senior executives worldwide.

Read the full report here

Concerto Networks goes nationwide

Concerto Networks UK Ltd has appointed David Gregory as Managing Director. David is currently Managing Director of Concerto Networks Bournemouth Ltd, and has built a highly successful Concerto Networks branded business locally over the past 15 months, supporting small and medium-sized businesses by taking care of their technology and maximising its effectiveness.

David Gregory will use his skills to develop the Concerto Networks brand and coverage to build a nationwide business offering consistent quality service, and to support the development of the franchise network. Concerto Networks is an international franchise business providing professional, consistent-quality computer and business technology solutions to small and medium sized enterprises (SMEs), effectively providing an outsourced IT department.

Graham Williams, previously Managing Director, will take on the role of Chairman and will operate in an advisory capacity and says “David has a wealth of operational and management experience which places him in an excellent position to take the business forward. The fact that he has his own franchise means he also has first-hand experience of running the Concerto Networks business model”. He added “I believe this change will better serve and take advantage of the massive IT Services market opportunity for Concerto Networks in the UK by providing increased focus and time commitment to build and support the franchise network, manage partners and build the Concerto Networks brand presence in the UK.”

The existing Bournemouth-based business will be unaffected by the change, and David Gregory says “Now that we have successfully tested the Concerto Networks model in the UK we are ready to roll it out nationally and I look forward to meeting that challenge. The Concerto brand has been hugely successful in the US and the plan is now to expand across the UK so that consistent level service can be offered across the territory – longer term the intention is for nationwide coverage within the UK, and ultimately global coverage.” Concerto Networks already has a presence in Ireland, Spain, New Zealand and Australia as well as the USA and UK.

Cure for poor mobiles coverage?

Standing in the corner of the room; being exiled to the bottom of the garden; or teetering precariously on a chair.

People will go to extraordinary lengths to find that elusive one bar of signal that will allow them to make a mobile phone call.

But soon the days of despair that occur when you arrive back at the office or home only to find your new handset does not get any coverage in your house may be over. There is a new technology on the block, known as femtocells, and if the hype is to be believed, it will end signal problems forever.

Read all about it here

Keep your wireless networks safe

Wireless networks are becoming more and more common. Sometimes called Wi-Fi or 802.11 (after the standards which define how it works), they allow computers to connect to one another without cables. Using radio technology similar to cordless phones, they make it incredibly easy to connect to company networks, email and the internet. Unfortunately, they also make it very easy for outsiders to do the same.

Freeloading and freebooting
Anyone within radio range can, in theory, listen in or transmit data on your network - even if they are sitting in a van in your car park or having a cup of coffee in the bar opposite your building. Their task is made easier because many people do nothing to secure their network.

You will be found
Security firm RSA surveyed wireless security in the City of London. Using a handheld scanner they walked the streets and counted open networks. The results are alarming. One in four networks were not secure. Failures included:

• Not using the built-in encryption, making it easy to eavesdrop;
• Using the default configuration for equipment, making it easy to gain access;
• Using network names that identify the organisation;

Some networks failed on all three counts. Businesses in the City are clearly embracing the new technology - the number of access points had tripled in the last year - but some of them are leaving themselves wide open to unauthorised access.

You will be hacked
It took two and a half hours for someone to attempt an unauthorised connection. RSA also tried to see whether people would take advantage of an open wireless network by setting up two 'honey pots' - wireless networks designed to look like unsecured corporate systems but actually containing sophisticated tools to track intruders. It took two and a half hours, on average, for someone to attempt an unauthorised connection. While many of the connections were caused by passers by carrying wireless-enabled laptops and palmtops which tried to access any nearby network, a quarter of the connections were by repeat 'offenders' who returned regularly to access the 'free' system.

How to secure a wireless network
It's not difficult to lock down a network. However, the actual procedure varies from manufacturer to manufacturer. This is what you need to do:

• Use access points only rather than ad-hoc, peer-to-peer networks;
• Don't broadcast the name of the network (known as the SSID);
• Change the default SSID to something more obscure. Don't use a name that identifies your organisation;
• If possible and if your access point allows it, restrict wireless access to normal office hours;
• Use MAC filtering. Each network card has a unique code called a MAC address. You can set access points to restrict access to certain, trusted MAC addresses;
• Switch on and use the built-in encryption to prevent eavesdropping;
• Restrict the ability of users (and network administrators) to set up 'quick and dirty' wireless networks, even temporarily. One rogue access point can undo all the good work you do on the others;
• Make sure all your other security measures - passwords etc. - are in place so that you have a second line of defence against intruders

Managers in the UK lose 31 working days putting out fires

Business managers in the United Kingdom lose 31 working days—more than 10% of the year—putting out fires that result from bad management of IT systems, according to a study released June 4 by Partners in IT, a U.K.-based service management company.

74% of non-IT business managers surveyed said they spent, on average, 12% of their time each week dealing with problems caused by their IT systems. 80% admitted IT system downtime was a productivity issue, and 90% of IT respondents in large companies admitted that downtime was such an issue that half cited it as a serious problem for them and their colleagues.

For those asking whether their IT is functioning efficiently enough to be considered a business asset, the research, 'IT Service Management—Is It Worth the Money?' argues that maintenance and management, not infrastructure, are the issue. 77% of midsize company managers said as much, citing an estimated 13% of their IT investment as wasted due to insufficient upkeep.

"It is outrageous that so much of managers' valuable time is wasted due to poor IT maintenance and management. Technology should be a key enabler to help managers run their businesses efficiently and effectively—it should save us time so we can focus on the core task of running our businesses. Something has gone badly wrong and has to change," said Paul Cash, managing director of Partners in IT.

"Globalization of successful businesses coupled with more flexible and mobile work forces have driven innovation within even the largest of companies," said Cash. "Technology has played its part in helping to drive this innovation but, just as any other resource in an organization, technology needs to be maintained and managed—it needs time devoted to it to ensure that the most benefit is gained."

Planning is the issue, Cash said. He argued that by understanding their business' present IT condition and its ability to monitor and manage key business services before committing to new technology or processes, companies will better protect their IT resources against waste. Without such planning, Cash said he often sees that once an implementation is complete, the technology and value it delivers degrades as management and maintenance fail to keep pace.

Furthermore, he warns against a 'hero culture' in IT, in which a lack of robust and enforceable processes leads the wheel to be reinvented with each new project.

Internet overload?

The BBC has an interesting article on "internet overload"; as usual with this kind of thing some is a bit far fetched but point is that internet overload is likely to be more significant now that speed is more important - read the article here.

Ten things to check before you press send

Before you send an email campaign or newsletter out, there are certain things you should always double-check – here are the 10 most important campaign elements you should test:

1. Images – should be in .gif or .jpeg format and have a total size under 50Kb (recommended).
2. Text – is there a good balance of text and images. Many email clients block images by default so your message should be readily understandable even if users don’t load any images.
3. Spelling – checked your spelling and grammar? Spell-check is your friend but don’t rely on it!
4. Links – checked that all of your links work and go through to the pages you expect?
5. Subject Line – is your subject line clear and enticing? A good subject line is vital for getting a good open rate.
6. From Name – clear and consistent with your other mailings? Recipients often use this to decide whether they trust the sender or not.
7. Reply Address – have you set a valid reply email address for your campaign?
8. Personalisation – make sure you send a test mail and check that each element works as you expect – you don’t want “Dear <>” appearing!!
9. Plain-text version – set a plain text version of your campaign for those recipients who can’t read html mails.
10. Spam Score – don’t let your efforts to go to waste by having your campaign mistaken as spam. You need to check the content of your campaign – use one of the spam checkers to see how the common spam filters will rate your message, and send test emails to as many different email accounts as you can.

Time saver when writing letters in Word...........

When writing a letter in Word, it can be frustrating and a waste of time to stop, switch to Outlook and look up an address then either copy and paste or type it in your letter.

There is a much quicker way of getting the address in your letter by inserting addresses from your Outlook address book.

When you write a letter, you probably have to open up your Outlook address book to find the name and address and then copy and paste the address into your document. You can simplify this process by adding a button to your Word toolbar that will let you find and insert the address without leaving your document.

Follow these steps:
Go to Tools---> Customize.
Click the Commands tab.
Select Insert from the Categories list box.
In the Commands text box, click and drag the Address Book command to the Standard or Formatting toolbar.

Now click in the Word document where you want the address to appear and then click the Insert Address toolbar button. A dialog box will open and allow you to search for the contact in your Outlook address book. When you locate the name, click on it, and then click OK. Word will insert the name and address in the document at the insertion point.

Do you leave photocopies for others to see?

It sounds like a no-brainer: put a hard drive into a standard photocopier, so you can have a digital version of anything you run through the machine. That way, if the original is ever lost, you can always go back to the backup. Copiers have in fact been fitted with hard drives for several years now.

But now people are finally waking up to the wrinkle in this plan, which should have been obvious: what do people use copiers for, anyway? Yes, for company flyers and employee manuals, but also for tax returns, passports, photo IDs, and Social Security paperwork. Now what happens when that copier gets old and is sold on eBay? Same as a PC with a hard drive - the data could be accessed by all and sundry.

Copiers are hardly highly-secure devices, and such data could be accessed via a network connection, too. The wake-up call is, surprisingly, being delivered by Sharp, a manufacturer of these devices. The company polled Americans and found that 54% of those surveyed had no idea that photocopiers stored digital versions of everything put on the glass. What to do? Naturally, Sharp is promoting its newer copiers, which encrypt digitally stored copies and "virtually shred" recent ones so they can't be recovered. If you've got such features on your office machine, make sure you use them.

But also remember that next time you make copies at Staples or another photocopy shop or even in your own office, you could be leaving behind a copy of anything you reproduce. Scary?
__________________

Ten things NOT to do.......

Here are ten things NOT to do:

1 Plug your PC directly into the mains rather than via a surge protector
2 Surf the internet without a firewall
3 Don't run or update antivirus and antispyware software
4 Install and uninstall lots of prgrammes, especially beta versions
5 Keep disks full and fragmented
6 Open all attachments
7 Click on everything
8 Share and share alike
9 Pick the wrong passwords
10 Ignore the need for a backup and recovery plan.

Think carefully.......

The battle against spam

A tool that could help in the battle against spam and phishing attacks has received industry approval. The DomainKeys Identified Mail (DKIM) system is a method of validating the identity of the sender of an e-mail. Read the article here

This is an unusual problem........

I thought I'd share this one with you as it's (certainly in my experience) unusual!!

A client called me about a problem which seemed to manifest itself mainly in Microsoft Word and Excel. She said that she would be typing and then the program would start to enter "gibberish" seemingly on its own. Resisting the urge to ask if it really was the software creating the gibberish I dug around a bit: it seems what was appeared were real words but gibberish none the less - a little bit like the latest generation of spam emails where they are prefaced with real everyday words but in no meaningful order.

Searching on Google yielded nothing, if for no other reason that it's quite difficult to formulate the right search!! So I looked at the PC and specifically the processes shown as running in task manager. One of the processes I was unfamiliar with was SAPISVR.EXE. A quick search for that on Google brought up this link. The short answer was that speech recognition was enabled and a microphone that is no longer used, but still plugged in and sitting on a shelf was picking up the ambient sounds in the room and trying to translate them to words - hence all the words were real words. It was even filling in the search box when activated - spooky!!

It's probably something I'll never come across again but interesting nonetheless!

As I was saying......

Just to prove my point about spyware........see this BBC article about research undertaken by Google.

Ten things you should know about fighting spyware in Windows XP

One of the most common calls for help is “my PC is running really slowly” and often the reason is that the machine has become riddled with spyware. Today's cybercriminals are a crafty bunch, and they've mastered the art of infiltrating your computer and populating it with spyware—a broad category of malicious software programs installed on your computer without your knowledge or permission.

Spyware is designed to operate in the background to perform such dubious tasks as gathering information about your computer usage and reporting back to a central database or diverting control of your computer to operations that benefit a cybercriminal's goals. Regardless of the nature of the spyware, it is definitely in your best interest to get rid of it as fast as you can. Here are ten things you should know about fighting spyware in Windows XP.

1. Identify the presence of spyware
2 Keep your operating system and software up to date
3 Use a firewall
4 Scan your system with an anti-spyware program
5 Know spyware when you see it
6 Use a real-time anti-spyware scanner
7 Keep Internet Explorer's Internet zone set to Medium
8 Use Microsoft's online Malicious Software Removal Tool
9 Use the Pop-Up Blocker
10 Close pop-ups properly

I have an article with much more detail than there is room for here - email me for a copy.

What's new in Outlook 2007?

Here are five things which are new in Outlook 2007, and while they may not instantly make you want to upgrade there are some handy features:

1. Outlook 2007 introduces the To-Do Bar, which sits on the right side of the main Outlook window. The To-Do Bar gives you a consolidated view of your calendar, upcoming appointments, tasks and flagged mail, making it easy to see (and act) on priorities. Instead of looking at scraps of paper, notepads, planners, and the Outlook Inbox, you can see everything you need in the To-Do Bar. In the To-Do Bar you see a Date Navigator (a small monthly calendar), your upcoming appointments and a list of your tasks. Here you can accept/decline meetings, quickly access the full Calendar, add new tasks, categorise, rearrange, and change the dates of your tasks - all while responding to email.

2. Cut through inbox clutter with Instant Search. It doesn't take long for inbox clutter to make it hard to find old messages you need to review. With the Instant Search feature in Outlook 2007, you can locate email, tasks and appointments you're looking for from within the Office Outlook 2007 interface. Instant Search also looks for those keywords within your email attachments. Instant Search in Outlook works by accessing indexed content; indexing Outlook content results in quicker search results. By default, the text of all unrestricted Outlook items - including attachments - is indexed, a process that starts when Outlook 2007 runs for the first time. Indexing takes place in the background and only when there is extra processing capacity available on the user's computer - so it's not going to bring your PC to a grinding halt.

3. Instantly preview attachments: opening email attachments is often a cumbersome process with no easy way to get a quick view of the attached content. For instance, to look at an attached Word document, your computer has to open Office Word and load the file. With Attachment Preview, you can easily view attachments in one click directly from within the Outlook 2007 reading pane.

4. Share your calendar with those outside your company: Outlook 2007 offers new and easy ways to share your calendar information to plan meetings with others who aren't part of your organisation or network. One method is called Calendar Snapshots. You can create and save an HTML representation of your Outlook calendar that you can then send along to a vendor or team member outside your office in an email. With new native support for Internet calendars, you can also create a new Internet calendar from within Outlook 2007 and publish it to Microsoft Office Online for others to view on the Web. Finally, there is also the Calendar Printing Assistant for Outlook 2007, an add-on for people who need an easy way to print and customise their Outlook 2007 calendar information.

5. Use email Postmark to fight spammers: Outlook email Postmark is a new technology from Microsoft to help curb junk mail. This technology asks the mail sender's computer to perform a computation or puzzle, and then assigns this work as a token of legitimacy to the mail. Creating an Outlook email Postmark makes it difficult and time-intensive for spammers to send mass email, but does not change your experience when sending legitimate email. When an email with a postmark is received by Outlook 2007, the system will verify the validity of that message (taking into account some of the unique characteristics of the message) and delivers the message to either your inbox or junk email folder, as appropriate. Outlook 2007 does not create email postmarks when the recipients are entirely within your organisation, or the message is signed, information rights management-protected, or encrypted, or you have chosen to turn off the feature.

Microsoft releases new Windows Server ("Longhorn") for public testing

Microsoft has released its next-generation Windows Server "Longhorn" software for public testing on April 25th and has claimed the product is on track for a debut in the second half of 2007.

Microsoft expects hundreds of thousands of information technology workers to download the test, or "Beta 3," version of the next server operating system code-named Longhorn.

Longhorn, which will replace the current Windows Server 2003, is the server operating system equivalent of Microsoft's new Windows Vista PC operating system with an emphasis on many of the same features such as better security.

The download is available at www.microsoft.com/getbeta3 for those feeling brave or inquisitive!

Customising the Windows Start menu

You're probably familiar with the Windows Start menu and the left hand side of it -but do you know why the program list is divided in two? Here's what you need to know about the "pinned" items list found in Windows XP, and how you can customize it to easily access your favourite programs.

The left panel of the Start menu consists entirely of a divided list of programs that Windows XP thinks will come in handy for you: the "pinned" items list above the separator line (ie they will always appear), and the most frequently used programs list, displayed below the line.

By default, Windows XP places links to your Internet browser and your e-mail application in the pinned items list and will place as many as 30 shortcuts to the programs that you've recently used in the most frequently used programs list. (The most frequently used programs list is, by default, six shortcuts long.)

In order to really take advantage of the Start menu as a launching area for all the programs you use most often, you can configure the entire left panel as a pinned items list. Here's how:

1 Right-click the Start button and select the Properties command to display the Taskbar and Start Menu Properties dialog box.
2. Click the Customize button adjacent to the Start Menu radio button to display the Customize Start Menu dialog box.
3 In the Programs panel, use the Spin button to set the Number Of Programs On The Start Menu setting to 0. Click the Clear List button.
4. In the Show On Start Menu panel, you can clear the Internet check box because the Internet Explorer icon already appears in the Quick Launch menu by default, and maybe even the e-mail check box, depending on how you launch your e-mail application.
5. Click OK twice—once to close the Customize Start Menu dialog box and once to close the Taskbar and Start Menu Properties dialog boxes.
6. Click the Start button and access the All Programs submenu.
7. Locate and right-click on a shortcut to a program you use most often and select the Pin To Start Menu command.

You can pin as many as 30 of your most often used programs to the Start menu, depending on your screen resolution setting. With your actual favourite programs on the pinned items list, you can now really take advantage of the Start menu.

Note: This tip applies to both Windows XP Home and Windows XP Professional.

Dell resurrects XP

Dell has relented and is now once again shipping home user PCs with Windows XP rather than Vista. The move has been forced by customer opinion. The BBC article is here.

Speaking personally I have not upgraded any of my PCs to Vista yet - they are capable of running the software but running the compatibilty check tells me that way too much of the softweare I use is not Vista compatible, and "may not work properly". I'm afraid that's a risk I'm not prepared to take.

Wi-fi theft really does happen.......

Two people have been cautioned for using people's wi-fi broadband internet connections without permission. Neighbours in Redditch, Worcestershire, contacted police last Saturday, April 14th, after seeing a man inside a car using a laptop while parked outside a house. He was arrested and cautioned. A woman was arrested in similar circumstances in the town earlier this month.

These cases are believed to be among the first of their kind. The man arrested at the weekend was cautioned for "dishonestly obtaining electronic communications services with intent to avoid payment" but of course he could well have been accessing personal and business data; additionally he could have been accessing porn or criminal sites - making it very difficult to trace as it would have appeared to be the owner of the network who was accessing them.

The man apparently attracted attention from neighbours in the early morning, as he had put up cardboard around his car windows but the light from his computer could be seen through the back window - a bit of a giveaway really!!

It all just goes to show that all wireless networks should be adequately secured then this kind of thing couldn't happen.

Microsoft fixes "critical" flaws

In its monthly security update Microsoft released five patches, four of which are for flaws the software firm rates as "critical". Flaws given this rating are so serious that they could be used to hijack a Windows PC without a user's knowledge.

The update includes a new version of a patch released in early April that had been causing problems for some users. The second Tuesday of every month is the day Microsoft chooses to issue security updates for its software. The five updates issued in April are for users of Windows Vista, XP, 2000, Server 2003 and Microsoft Content Management Server.

The four critical patches are for flaws that Microsoft says could lead to "remote code execution" which means that hackers could exploit them to take over a PC, steal information on it or put it to their own uses. Also in the security bundle is a fix for a patch that Microsoft released in early April to close a flaw in the way that Windows handles animated cursors. It released the patch early because many criminal hacking groups were using the flaw to set up booby-trapped websites that could hijack a PC. Among those targeted in this way were World of Warcraft players as a single account for the hugely popular game can prove very lucrative.

However, Microsoft was forced to issue a fix for the cursor patch as some users found it conflicted with other programs installed on their PC. Users of programs such as ElsterFormular, TUGZip, CD-Tag, and Realtek HD Audio Control Panel found that installing the patch stopped these utilities working.

Make sure you always keep up to date with Windows Updates, particularly the security ones!

Does this sound familiar?

Apparently two out of three British internet users lose significant portions of their time to irrelevant web browsing, a recent study has revealed. Are we surprised though? I'm sure we're all guilty at some stage.

Workers confronted with the almost unlimited pool of online information become distracted and begin "wilfing," short for "What Was I Looking For?".

Wilfers lose an average of two working days a month to aimless browsing, with men being the worst offenders, the study said. Shopping sites are the most distracting. In addition to the time and money apparently being lost by UK businesses, the YouGov poll of more than 2,400 people reports other problems.

A third of men quizzed said wilfing through "tempting adult entertainment sites" had damaged relationships with their partners. Jason Lloyd, from price comparison Web site moneysupermarket.com, which commissioned the research, said: "Although people log on with a purpose, they are now being offered so much choice and online distraction that many forget what they are there for, and spend hours aimlessly wilfing instead.

"It's important people do not allow unnecessary online distractions to get in the way when surfing the Internet, as it can affect productivity in the workplace and relationships at home."

So......you have been warned!!

Who said broadband is a load of ****?

Underground sewer pipes are being used by Bournemouth Borough Council to cut the cost and disruption of laying new broadband internet cabling. Interesting thought!!

Around 1,400 metres of the 18mm fibre optic cable has been laid through the town's sewer network, owned by Wessex Water, using ready-made ducts to push the cable through and save the cost and time usually taken digging up roads. Bournemouth is using the fibre optic cable underground sewer system developed by UK company H20 Networks.

Bob Rhodes, IT manager at Bournemouth Borough Council, said laying the cable, which will mainly be used as back up to the authority's existing BT network, has resulted in a "tremendous cost saving". He said "This is ideal for resilience. Going deep in the sewers it is less likely to be hit by a JCB digger. It gives us complete alternative routing."

He said the armoured cabling is also strong enough to prevent communications being taken out by sewer rats chewing through it.

Elfed Thomas, MD for H2O Networks, claimed it is 80 per cent faster to lay cables in the sewers and said it offers organisations a fixed-term cost rather than bandwidth tariffs, which means no further charges are incurred when extra capacity is needed.

I just wonder why use sewer pipes? Aren't there existing conduits used for other utilities that could be used? We so often hear of sewers being old and in need of replacement - so what then happens to the fibre optic cable while the sewer is being replaced?

Do I smell a rat, or is the proverbial going to hit the fan?

How safe is your network?

Many small businesses will be running a small network of some kind, and some recent research suggests that around half of users leave the default passwords unchanged on their network hardware. This can leave networks vulnerale to attack and therefore business data is at risk. The BBC's article here goes into more detail.

What makes this more of concern is how easy it is to get hold of the default passwords for hardware - guessing is often easy (user: admin password: admin is not a bad start!!) but there are also websites which list them. These are generally designed for legitimate use - I use them myself when a client has no idea what the router password is - but can be abused.

Also the increasing trend toward manufacturers putting the default settings on a sticker underneath the hardware makes it easy for discover the password.

So the message to the 50% who leave the default is to change the password to something more secure. No doubt these are the same people who do not have security on their wireless networks as well!!

Better safe than sorry.

What is hard drive encryption?

Hard-drive encryption is a technology that encrypts the data stored on a hard drive using sophisticated mathematical functions. Data on an encrypted hard drive cannot be read by anyone who does not have access to the appropriate key or password. This can help prevent access to data by unauthorized persons and provides a layer of security against hackers and other online threats.

The concept of hard-drive encryption is simple enough. When a file is written to the drive, it is automatically encrypted by specialized software. When a file is read from the drive, the software automatically decrypts it while leaving all other data on the drive encrypted. The encryption and decryption processes are transparent to all common applications such as word processors, databases, spreadsheets or imaging programs.

A computer equipped with hard-drive encryption appears, from the user's point of view, to function as any other computer would.

Windows Vista Enterprise and Ultimate editions offer a hard-drive encryption program called BitLocker that employs two-factor authentication, but encryption software is widely available.

Ofcom intervenes in net phone services

Net phone, or voice over internet protocol (VOIP) service providers are to be required to disclose any limitations or risks inherent in their services.

Read the BBC's article here

Internet safety

An interesting, but perhaps frightening, article on internet safety here. Frightening not for the usual reasons but for the fact that so many people seem to think that the onus is on someone else to keep them safe and secure on the internet! After all you don't feel it should be your bank's responsibilty to ensure your credit card is secure while it's in your wallet or purse do you? And if you hand it over in a restuarant to pay the bill and fall victim to a card fraud, is that your bank's fault?

Probably most internet frauds are in effect initiated by the user when they fall for a spoof website or a phishing emails, but there are plenty of instances. The article is quite lengthy but worth the read.

There is still complacency about business continuity....

Businesses and public sector organisations in the UK are showing an “alarming level of complacency” when it comes to business continuity planning, according to a major research projects. The 2007 Business Continuity Management Survey indicates that only 48% have business continuity plans in place, dropping to 34% for smaller organisations.

The research, by the Chartered Management Institute, shows that even when firms have plans in place, organisations are failing to test that they actually work. Nothing like leaving it until you have an incident to find out your plan doesn't work!!

More than a third of organisations do nothing with their plans once developed, and 15% fail to act on any shortcomings they identify. “Events from the Carlisle floods to the London bombings and Buncefield explosion have clearly shown the vast range of impacts that emergencies can have. Yet despite these, there are still too many organisations with insufficient business continuity plans,” said Bruce Mann, director of civil contingencies at the cabinet office.

Although 61% of organisations outsource work to third parties, only 22% demand that their critical suppliers have business continuity plans in place - even if your own business has a robust plan in place, if your key suppliers don't then your business can be just as vulnerable.

Although many of the organisations questioned said they were concerned about the impact of losing access to their premises, only half said they were ready for remote working.
Managers identified technology failure as the issue most likely to impact future costs, followed by telecoms failure, and loss of access to work sites.

However technology is only one part of planning - the risks need to be assessed and processes documented, and while technology is an integral part in most plans there are other issues to think about too.

What would you do if you couldn't access your premises tomorrow? How would it affect your business?

What on earth is a "bot-net?" And should you be interested?

The answer to the second question is "yes", but what exactly is a bot-net? It is a large number of hijacked computers under the remote control of a single person via an internet-based command and control system ie a robot-network. Basically the hijacker gains control of a PC and uses the network for his own purposes, usually something illegal or immoral - typically spam or viruses.

The number of computers hijacked by malicious hackers to send out spam and viruses has grown almost 30% in the last year, according to a survey. More than six million computers world wide are now part of a "bot network", according to Symantec. Computer users typically do not know that their PC has been hijacked.

More than a third of all computer attacks in the second half of 2006 originated from PCs in the United States, the threat report said. While the total number of bot-net PCs rose, the number of servers controlling them dropped by about 25% to 4,700, the twice-yearly report said.

Symantec's researchers said the decrease showed that bot network owners were consolidating to expand their networks, creating a more centralised structure for launching attacks - in other words leveraging a greater number of controlled PCs from a smaller number of servers.

Symantec claim this rise in the number of infected computers can probably be attributed to the rise in the online population of countries like China and Spain.

Make sure your network and PCs are secure and protected so you don't unwittingly become part of a bot-net!!

Hate to say "I told you so" but..........

......Microsoft has admitted that there is still work to be done on its Windows Live OneCare security software. Separate disclosures by a European product manager and a member of the Microsoft Security Research and Response team revealed that the company is not satisfied with the performance of the anti-malware application.

Read the report here

It's not just tree-hugging!

Not so long ago the environmentalist lobby was often regarded as cranky and somehow a bit oddball. However over the past decade the groundswell of opinion has moved much more towards considering the environment and providing a solid and safe environment – leading to the creation of the concept of “corporate social responsibility”

One of the problems in the past has been that being environmentally conscious has been considered the domain of the large multinationals, and it was only they who could make a difference. Nowadays that has been turned on its head and there is a much greater awareness that if we all do our bit individually, it makes a difference. Thus all businesses from the “one man band” upwards can contribute to providing a better and safer environment – and in numbers there is strength and power.

Locally there is the Better Together Dorset initiative (www.bettertogetherdorset.org.uk). This highlights the concept of social responsibility. Indeed research by the Institute of Business Ethics has proved that socially responsible businesses outperform their competitors. There is no great magic to this concept of corporate social responsibility – it is simple things that make a difference.

Basic housekeeping helps: switching off at night, using power saving settings on computers, reducing printing, and recycling paper, cardboard and printer cartridges. However in doing these things we should also encourage others to do the same – a prime example of that is putting a “think before you print” message in your email footer.

Using paper which has been printed on one side as notepads or re-using to print on the other side for internal or unimportant jobs is another simple way of saving paper. Also recycling paper and cardboard is really easy – either bins are provided at homes and offices or there are numerous drop-off points at supermarkets etc. As a technology business we have to dispose of packaging when installing new equipment and much of this can be recycled with a minimum of effort.

Being environmentally aware with technology actually begins you buy your equipment: a lot of the equipment we all use everyday contains chemicals which can be harmful to health, cause environmental damage, and be difficult to dispose of. The environmental group have rated various manufacturers to give a guide to which equipment is the most environmentally friendly – their website (www.greenpeace.org) has this up to date rating guide that can be used when selecting equipment to purchase.

When it comes to redundant equipment, taking it to the tip is just the worst thing you can do. There are new regulations now about the disposal of electrical equipment, but if it still works then there are charitable organisations which will be glad of it. One such is www.computersforcharity.org.uk which services redundant equipment and distributes it on to charities in the UK and Africa. Don’t forget that what is old and outdated technology to you could be state of the art advanced technology to a user in a developing economy.

If your equipment really has died, you can often recycle via your supplier: many, such as Dell, provide a return and recycle service, or you can let a specialist company such as Wastecare (www.wastecare.co.uk) and they can safely dispose of everything from printers to photographic chemicals.

Mobile technology and the widespread availability of videostreaming make it easier to avoid travelling: this might mean working from home and avoiding driving or it could avoid international travel, but in both cases costs and pollution can be reduced.

In conclusion then, there are many ways we can all contribute to a “better world” through showing more corporate social responsibility – and each business form the owner-manager upward, has its part to play. Together we can make a real difference.

Microsoft's Live Onecare - failure?

Microsoft's Live OneCare security software has failed tests which check how well it spots and stops malicious programs designed to attack Windows.

See the full story here

Dealing with requests under the Data Protection Act

The Information Commissioner’s Office (ICO) has published advice to help SMEs deal with requests from individuals for access to information held about them. The Data Protection Act gives us all important rights, enabling us to check the personal information that is held about us and to correct that information where necessary.

This guidance sets out clear advice for small and medium sized businesses to help them deal with requests from individuals for access to information an SME might keep about them. The advice distinguishes between requests that SMEs can treat as part of normal business practice and those that should be dealt with formally under the Data Protection Act. It includes information on checking a person’s identity and what SMEs should do if the information requested includes details about other people.

There are also practical examples explaining information that should not be released. A fee of up to £10 can be charged unless the information is a medical or educational record. Where a charge is levied the information must be supplied within 40 calendar days of receiving payment.

This good practice note is part of a series published by the Information Commissioner’s Office to help explain data protection in simple terms. To download a copy, please click here (PDF).

When is 8Mbps not 8Mbps?

When it's a claimed internet connection speed, and is usually preceded by the small print "up to"

Read here for some interesting observations.

Broadband switching eased

As of last week it should now be much easier to switch broadband providers - see here for the BBC's article.

How to combat image-based spam

Spammers are a sneaky lot, and their latest innovation, image-based spam, presents yet another security and management concern for small businesses. Here I explain the dangers of image-based spam and what you can do to try to combat it.

The tidal wave of unsolicited commercial email, or spam, ending up in user inboxes shows no sign of slowing. Estimates of just how much email is spam range anywhere from 66% to more than 90%, depending on who's counting and when. This translates into a lot of wasted bandwidth, wasted storage and lost productivity, as users struggle to separate legitimate emails from spam.

The dramatic increase of image spam has only made the problem worse. During 2006, 25% of spam email used images to deliver messages, up from less than 5% in 2005 (Source: IronPort Systems Inc).

Image spam messages are typically made up of two parts: First, some random text intended to fool filters into thinking that the message is legitimate, and second, the actual advertising message in the form of an attached or embedded image. Spammers count on the invisibility of their advertising message to the filter to allow it to slip through and end up in your users' mailboxes - in other words the random text makes it look genuine.

There is a definite cost to image spam. Messages containing images are larger than their text-only counterparts. The average size of a spam message in 2005 was just under 9 KB. By 2006, the average size jumped to 13 KB, thanks in part to image spam. This means transmitting and storing spam took up 40% more of an organization's bandwidth and storage capacity in 2006 than in 2005.

The battle between spammers and antispam vendors is like an arms race. For instance, some vendors have added optical character recognition (OCR) to their filtering products, allowing them to read the content of image spam to identify it before it hits user mailboxes. To counter this, some spammers have started adding background patterns or using distorted fonts in their images to make them unreadable by OCR programs but legible to email recipients.

So what can we do to keep the volume of spam in our inboxes as low as possible?

1. You could outsource the job to an antispam service provider: providers get to see and analyse much more spam than most people, and use their enhanced knowledge to benefit all of their customers.

2. Use virus-scanning services: most antispam vendors also provide other services such as virus scanning of inbound and outbound email, message archiving and disaster recovery. Combining an antispam solution with these types of services can help small and medium-sized enterprises (SMEs) concentrate on their core business instead of spam.

3. Another option is to turn the problem on its head. Rather than trying to exclude spam, some antispam products work by allowing only the delivery of messages from sources that have been verified as legitimate. Such products allow users to set up lists of valid email addresses and domains from which they expect to receive email. When an email arrives from an address or domain not contained on the "whitelist," the message is held. It then replies to the sender with a link to a web page, where they are asked to read and enter a verification code presented as an image. The aim of this process is to verify that the email is being sent by a human, not a "spambot", and the verification process has to be done only once. These products have simplicity on their side. They eliminate the need to analyse each email and decide whether it is spam or not. New spammer techniques that bypass filters, then, don't affect their performance. These whitelisting products do eliminate spam in inboxes, but they also have some downsides: some users are confused by the verification email. Because of the prevalence of phishing, other users may think the verification process is somehow trying to scam them out of personal information. Also, when signing up for new web accounts that cause an email to be sent, users have to go and look for the "unverified" email and manually mark it OK to have it delivered. Users have to decide whether the benefits outweigh the drawbacks.

Sadly image-based spam is just the latest escalation in the spam wars. As long as there is money in unsolicited commercial email, we can expect the spammers to continue to innovate their "product" and continue to present new challenges to SMEs.

What a way to make Valentine's Day special........

Every special day on the calendar is an excuse for those who create viruses and malware to spread yet more pain and nuisance to innocent users.

The latest such attack was as a result of Valentine's Day: a "worm" disguised as a Valentine greeting spread rapidly across the internet. The Dref-AB worm was spread via e-mail in readiness for office workers and home computer users to find the malicious Valentine e-mail in their inbox first thing on Valentine's Day.

During February 14th it accounted for 76.4% of all malware. Subject lines used in the attack were many and varied, but all pose as a romantic message. Some of them include A Valentine Love Song, Be My Valentine, Fly Away Valentine, For My Valentine, Happy Valentine's Day, My LuckyValentine, and My Valentine. The point with this is to tempt people to open the email.
The worm is attached to the e-mails in files called flash postcard.exe, greeting postcard.exe, greeting card.exe, or postcard.exe.

Opening the attached files on a PC activates the worm, which then sends itself to other e-mail addresses found on the now infected computer. Security giant Sophos believes the worm code is designed to download further malicious code from the internet in an attempt to take over the PC, convert it into part of a zombie network, and use it to send spam on behalf of hacking gangs.

Just what you need on Valentine's Day.

So stay alert at all times but particularly when any special calendar days are approaching.......

Ten clues that your website may not be working effectively.....

1. You think the internet is a coming revolution.
2. You don't have a web site.
3. You don't know how to change your web site.
4. If fewer than half of your customers can find you online, you're dead.
5. You think your business is local.
6. You think your web site is just for new customers.
7. You think your web site is just for customers.
8. Your Web site is your only internet strategy.
9. You think being small is a disadvantage.
10. You'll fail if you do what I say - challenge conventional approaches, learn and adapt.

How many of these apply to your business?

Do you dispose of PCs securely?

Security experts have warned recently that many companies fail to dispose of old PCs securely, leaving potentially sensitive data available to whoever buys the machines on the second hand market.

A survey released by security firm Pointsec said that the problem is exacerbated by the fact that many used corporate PCs are being shipped to third world countries where the information on the drives can be used in ID theft scams. Numerous reports have surfaced of private and valuable information being discovered on a hard drive or computer bought from eBay, the study warned.

Pointsec said that fewer than half of major corporations use professional disposal companies to destroy old computers. Many sell them to second hand dealers or staff which often means that the next recipient has access to all the old data. Some 17 per cent destroy them in-house, which is arguably the safest approach as companies can witness that the right procedure has been followed to adequately destroy the data.

The survey was conducted among 329 companies, over half of which employ more than 2,000 staff. Martin Allen, managing director of Pointsec, said: "We have all heard about PCs thrown away in council tips that have ended up in West Africa with local extortionists and opportunists selling the contents such as bank account details for less than £20. "Many corporations also fall victim to this sort of scam by selling their old PCs to second hand dealers who often do not have the skills or resources to reformat and clean them adequately. We recommend thoroughly reformatting the hard drive or encrypting the data on all mobile devices as this ensures that no-one can get at the data unless they know the computer's password both during the PC's lifetime and beyond."

Ultimately though, firms with really sensitive data on their devices should burn or smash the hard drives - which can of course be immensely satisfying on some ways!!

Did you notice?...............

.........Hackers attempted to topple key parts of the internet's backbone, in one of the most significant attacks of recent years on Tuesday this week (February 6th 2007)

The target was servers that help to direct global internet traffic. In the early hours of Tuesday three key servers were hit by a barrage of data in what is known as a distributed denial-of-service attack. There is no evidence so far of damage, which experts are saying is testament to the robust nature of the internet.

Read about it here

More about data storage..........

The article on data storage trends here is more aimed at the home user with growing collections of music or video, but has some interesting parts.

As regards the advent of the terrabyte drive (1,000GB) they make the point that losing 1TB of data would be painful and most corporate environments will continue to opt for a number of smaller drives using the technology known by the cumbersome name of Redundant Array of Independent Disks (RAID). For example Seagate produce a 1.5TB device that is actually made up of two 750GB drives. A continuous backup is created by the same data being written to both drives simultaneously - though this does mean that half the drive space is occupied by the backup data. It might well save your life. Well, your digital one.

Networking: five ways to end the conversation politely..........

We've all been to networking events or even just social occasions where we want to find a way of moving on. Mike Page of the Growing business has supplied the following:

1. Ask for the other person's card if you do not yet have it. Thank them and move on.

2. Set up a time to call or meet with the other person.

3. Excuse yourself shortly after another person has joined the conversation.

4. It has been nice talking with you and ...

o I will keep your card on file for when I need ...

o It's my first time here, and I would like to meet some of the other members, too.

o I haven't been here for six months, and I want to rekindle some acquaintances.

o I can only stay for an hour, and I want to say "hi" to several other people.

o I'd like to continue this conversation. May I call you next week?

o I'll e-mail you that referral tomorrow.

o Would you like to have lunch sometime?

And when all else fails:

5. If you’ll excuse me I want to get something else to eat (or drink).

How to secure a laptop

Many users these days have a laptop and indeed rely on it as their main PC. But what if the machine falls into the wrong hands? What would happen if someone else had access to your data?

You need to employ some form of securiy - having a password to access Windows is only minor protection. You could create encrypted "partitions," which, basically, are files that mount as a regular drive. However, I'm not a big fan of that. It all boils down to the fact that you cannot trust either yourself or other users to store sensitive information on the secured partition every time - we all forget things. People will store things on their desktop, in their email application, and in local temp directories that may not be protected. Additionally, if someone is able to obtain a laptop and crack various Windows passwords, what do you think the odds are that the encrypted partition uses one of those same passwords? Based on experience, I'd say the chances are pretty good!!

Many people are installing laptop-tracking software such as LoJack for Laptops which can certainly aid in recovery. The problem is that by the time the system is recovered, sensitive information on the laptop could have been compromised. So, good solution but just a little too late in the security breach time window for me.

The only truly secure solution (although still not 100% - nothing is) to keep information from being compromised is to use a whole disk encryption technology such as PGP Whole Disk Encryption and TrueCrypt. They're independent of the operating system and use much stronger encryption technologies and some can even be centrally managed reducing administrative burdens. Even if stolen computers are powered on, as long as the entire drive is encrypted and the screen is locked, the only option for the criminal is to reboot the system to try and get in. Once he does that, he'll be prompted for a passphrase to unlock the drive. As long as the passphrase to encrypt the drive is strong he's in a dead-end.

Remember that policies enforced by technologies - not just trusting users to do the right thing - will keep sensitive information on your computers from being compromised. Agreed it will cost money (up front and ongoing) in both software licenses and operational costs. But that seems like a better alternative than losing credit card merchant privileges, explaining to one or more government regulatory bodies why your stolen systems weren't protected or having to notify every single person whose information is believed to be compromised.

Virus emails soar by a factor of 20.....

Experts are warning of 'explosive growth' in cyber-fraud, theft, spam and viruses. Hackers and spammers have "raised their onslaught" with two global email-borne virus attacks launched in December and January. The attacks were so large that they drove up the level of viruses up by a factor of 20 compared with usual activity, according to data from security specialists Postini.

The January attack became known as the "Storm worm" because the original email subject line was '230 dead as storm batters Europe'. At the time of the email, there was a heavy storm occurring in Europe, so in some ways it looked perfectly plausible.

The email that contained the virus frequently mutated to show dozens of different sensational but believable headlines designed to tempt the reader into clicking on an attachment and infecting their computer. Other subjects included 'Russian missile shot down USA aircraft' and 'Saddam Hussein alive!'. The infectious email had a file attachment containing a Trojan known as 'Downloader-BAI' or 'AUTH-W32/Downloader'.

If a user clicked on the attachment, their computer was infected with the virus which then attempted to send personal information back to the hackers who created the virus. The virus also provided a back-door for hackers to take control of the computer and add it to a botnet to be used in future spam and virus attacks. The Storm worm followed on the heels of another email-borne virus, the Happy New Year worm, which attacked email users in late December. This worm contained a subject line and an attachment exploiting the expectations of legitimate postcards and greetings from friends and families.

Infected attachments contained numerous strains of malicious code (including Tibs, Nuwar, Banwarum, and Glowa) as well as two root-kits designed to hide the presence of the malicious code from antivirus scans.

These two attacks were by far the largest to occur in the past 12 months, and all users must protect themselves by having up to date antivirus software. Additionally as Valentine's Day approaches, email users should continue to maintain their guard, as there are already new mutations of the Storm worm with love-related subject lines........so don't be fooled.

Experts claim Vista security not fit for purpose

No doubt there will be (and already are) many views about Vista, and some may be a low key sales ploy others more genuine. The following comments may well be a bit of both but are worth highlighting: obviously if the flaws are as bad as claimed, users are still going to have to use third party solutions to protect their PCs.

The latest observations come from security firm Webroot Software, which has attacked Microsoft over "numerous security flaws" it claims to have uncovered in Windows Vista.

Webroot said that it has evidence of potentially ineffective blocking capabilities in Windows Defender, and weak antivirus capabilities in the default anti-spyware and antivirus components of Vista and Windows Live OneCare.

Gerhard Eschelbeck, senior vice president of engineering at Webroot, said " We want to make sure that users understand Vista's limitations, and warn them that Microsoft's default malware blocking application and antivirus programs may not fully protect them."

The company claims that Windows Defender failed to block 84 per cent of a testing sample-set that included 15 of the most common variations of existing spyware and malware. In evaluating its ability to block spyware and malware before it has infected a user's machine, Webroot's Threat Research Team found that Windows Defender's performance was not in keeping with many third-party security applications.

Adware, potentially unwanted programs, system monitors, key-loggers and Trojans were able to reside on the testing environment undetected by Windows Vista. One item of malware was able to install under administrator privileges, and run and capture keystrokes without any adaptation from its Windows XP operating environment. Windows Defender did not detect the installation or the running application, Eschelbeck said.

Microsoft currently issues spyware definition updates for Windows Defender every seven to 10 days. But Webroot said that its Threat Research Team identifies 3,000 new traces of spyware and other unwanted applications in a single month on average, and issues spyware definition updates on an hourly or daily basis as needed.

In addition, Webroot complained that antivirus protection is not free for Windows Vista users. They must purchase the Microsoft Live OneCare suite for antivirus protection. "We understand that Microsoft's main goal is to provide a new operating system that generally improves users' computing environments, and we genuinely feel that Windows Vista accomplishes this," said Eschelbeck.

"However, as a company that serves on the frontline in the battle against spyware and cyber-crime, we feel strongly that, in order to provide the best protection for internet users, security must be their top and only priority. "We hope that, by providing information on possible security weaknesses in Windows Vista, users will be able to make informed decisions about their computing security needs."

Net "backbone" has security patch

Cisco, which makes hardware for much of the backbone of the internet, has released three patches for security holes in its products. It has issued the fixes to internet service providers who are expected to roll out repairs in the next few days.

But there is concern that malicious hackers could exploit the flaws in the routers before the problems are fixed. At least one of the holes could lead to e-mail and internet access issues, according to security experts.

Mikko Hypponen, chief research officer with F-Secure, said: "There's not much consumers can do themselves; these patches affect only the internet infrastructure itself, the routers which companies are using to pass on net traffic. Some sites and services might be down."

However, Cisco has said it is not aware of "any current exploitation of these vulnerabilities". In a statement the company said: "Cisco is aware of multiple vulnerabilities that may impact Cisco IOS and IOS XR devices and has published three separate security advisories about them. In all cases, Cisco has made free software available to address the vulnerabilities for affected customers."

One of the holes could see a malicious hacker take control of a Cisco router and install software of their choosing. "Any flaws in Cisco routers that are in widespread use is very concerning as these are the basic building blocks of the internet," said Mr Hypponen. But he said the types of attacks would be limited because there was little financial motive. "If you look at the different attack scenarios and who would use those vulnerabilities, it's not that obvious who would exploit these holes - you can attack certain operators or companies and crash their public services such as e-mail and web sites.

"I guess we will be seeing attacks from hobbyist hackers." Mr Hypponen said he did not expect the problem to go on for long. "Critical companies will patch their routers very quickly." Mr Hypponen said that the news of the holes and the resulting patch had actually made the net safer, not more vulnerable. "Although it looks like bad news it is good news too. There will always be new vulnerabilities. The internet will never be 100% safe."

Internet Explorer 7

Late last year Microsoft released the next version of its web browser, Internet Explorer 7. The new version promises to make your journey through the online world easier and more secure. But as some of you who have made the upgrade will be aware, it looks a little different and may have you asking a few "how to" questions.

Microsoft offers information and training on their website, Internet Explorer 7 at a glance. One obvious change is the multiple tabs for viewing, this allows you to easily flip between searches all within in the same window.

To find out which version of Internet Explorer you have installed on your computer, simply click "About Internet Explorer" on the "Help" menu when you have a browser window open. The product and version information is displayed in the dialog box that appears. To upgrade your version of Internet Explorer, click here.

There are also some great add-ons for the new version of Internet Explorer, such as parental controls and online protection tools such as RoboForm, which allows you to securely store all of your passwords in 1 location eliminating the need to memorize hundreds of logins and passwords.

Schools urged not to install Windows Vista

The British Educational Communications and Technology Agency (Becta) has recommended that schools hold off upgrading to Windows Vista and Office 2007, citing no important benefits and a lot of extra costs.

Becta's interim report on Vista and Office 2007 said that upgrading to Vista would cost a primary school around £4,000 and a secondary school up to £25,000, but that there is nothing in the two applications that is a "must have".

If the entire school system was to upgrade to Vista it would cost over £160m, excluding the hardware upgrade costs needed to run the operating system's Aero interface.

"The enhancements in Vista add value but do not justify its early deployment in the educational environment," the report stated. "Early deployment is considered high risk and strongly recommended against."

The report suggests that Microsoft should sponsor a few small pilot schemes to try Vista and Office 2007, but that otherwise schools should wait until Becta's final report in 2008.

The agency found that many of Vista's key selling points, such as Media Centre and Bitlocker, are of little value in an educational context. Others, like Internet Explorer 7 and Media Player are already available and free.

Upgrading would also trigger a massive upgrade cycle owing to the demands of the Aero interface. A maximum of six per cent of the computers in schools could run with Aero switched on, according to Becta, and 55 per cent still could not use Vista even with Aero switched off.

Upgrade costs for Office 2007 are the same as for Vista, and the report stated that the 176 new features in the suite are largely aimed at business and that none is a "must have" for an educational establishment.

In addition many students have been trained on older Office software and the 2007 suite's user interface is completely different and has no option to revert to the 'classic' view. This would cause problems if students have to switch between older and newer machines.

Control your inbox

We all receive many emails each day and sometime if you are away for even a day, the catch up feeling can be overwelming. Apparently the average person receives about 30 legitimate e-mails a day at work, five to 10 e-mails at home and 10 spam messages a day, according to Ferris Research (so I wonder who is getting hardly any to compensate for the volume I get!!)

To make your life easier, take advantage of the various e-mail management features within Outlook 2003. The following tips show you how you can use Outlook to help organise and sort your e-mail. If you don't have Outlook, no worries. Many of these functions can be adapted to any e-mail client:

Get rid of junk
Outlook 2003 includes a junk e-mail filter that identifies and filters spam. You can also add an annoying sender that slips through to the block sender list by clicking on Actions > Junk E-mail > Add Sender to Blocked Senders List. Conversely, if the programme blocks an e-mail that isn't junk, add that sender to the safe list by clicking Actions > Junk E-mail > Add Recipient to the Safe Recipients List. Note though, that the spammers often use unique addresses each time so adding to the blacklist may well not work............

Create personal folders
You'll want to save some (but think how many you really want to keep.....) of the e-mails you receive. Consider creating personal folders to store and organise them. Name the folders for easy reference. To create a personal folder:
1. Go to File > Folder > New Folder. This brings up a Create a New Folder dialogue box.
2. Name the folder, choose what it will contain (mail) and select where to place the folder.

Filter to personal folders
You can also filter or send mail directly to personal folders. By creating a rule, for example, all of your corporate mail will go into the "business" folder. To create a filter rule:
1. Highlight the message you want to base the rule on.
2. Under Tools > Rules and Alerts (this brings up a Rules and Alerts dialogue box), click New Rule and select the conditions and actions you want to apply. For example, Move message from someone to a folder. Edit the rule description (meaning choose the person you want the rule to apply to and the folder).
3. Click on Apply > OK.

An alternative to filtering is to create a profile or user account for each person in Outlook. To add a new profile:
1. Go to Tools > E-mail accounts >Add new e-mail account > Next.
2. A wizard appears. Choose your type of server, such as Pop3.
3. An E-mail Accounts box will appear. Enter user information, log on info, server info > OK.
To switch between profiles, click Start > Control Panel > Mail > Show Profiles > Prompt for a profile to be used > Apply. When you launch Outlook 2003, a dialogue box will appear, asking you to select the profile you want. Select one to log in.

Flag messages
To help remind you that further action is required regarding a particular e-mail, flag or mark it. Highlight the message > right-click > select Follow Up > Choose a coloured flag. The message is then copied to the For Follow Up folder and organised by colour. It's handy to use the different colours to indicate importance. For example, red may signify an urgent message.

Set up group contacts
In the address book, you can organise and view contacts in a category, such as leads and personal contacts. To create a group contact or distribution list:
1. File > New > Distribution List.
2. Name the group and select the members from your contact list > Save and Close.

The distribution list will appear as a contact. This means you can send an e-mail to the whole group with just one click — a great time-saver.

Delete e-mail
Should you delete your e-mail once you read it? Managing your e-mail when you first read it will help you reduce e-mail clutter - it is best to read, respond, tag for follow-up or delete e-mail. In short, don't keep e-mail for the sake of keeping it.

Archive messages
At some point, you'll have too many messages in your personal folders, so you'll want to archive - as well as archiving to the normal archive file you can archive messages in a personal folder to a CD:
1. Minimise the e-mail screen.
2. Right-click the personal folder and drag it over to your desktop. Release the mouse button and select Move Here.
3. Open the CD-burning software and burn the personal folder. All the messages in the folder will be copied to CD.
4. Delete the personal folder from your desktop.
5. Create a new personal folder in your e-mail.
Now you have a clean inbox.

A spring clean can help your computer run faster and allow you to work more productively. Many people I meet can't understand why their computer is so slow and continually crashing. One small business owner recently told me "There were days when I was practically in tears with frustration and anger - my working day was being ruined by all the time-wasting".

If you're having major problems with your computer, a little "technological cleaning" may put the hum back in your hard drive and speed things up. Follow these simple tips for sprucing up your computer system and find out how to make your computer work better and faster.

Get rid of clutter
Freezing PCs can be casued by clutter - start your spring clean with the most visible thing — icons. Look at your system tray or taskbar on the bottom right corner — those small icons represent programmes that start up as your computer boots. It takes time for your computer to find the icons for all those shortcuts. Remove or turn off unnecessary ones, like Messenger, with a swift right click. Also do you need immediate access to all those files, pictures and MP3s on your desktop? Probably not. Categorise them in the My Documents, My Photos and My Music folders to keep them organised and eliminate the clutter on your desktop.

Remove old programmes
If you've never used a programme that came with your computer or haven't used it in over a year, you may want to consider binning it. If you don't use it, get rid of it, it will fill up your hard drive space." You can't delete a programme by binning its files. If you don't use the Add/Remove (in the Control Panel) or the uninstall programme that comes with your programme, it's still there. Also remeber to empty the Recycle Bin afterwards.

Defragment your computer
As you work on your computer, information gets stored onto the hard drive in bits and pieces — wherever there is space. To open a certain file, your computer runs around looking for all the components. Think of it as having various chapters of a book on shelves throughout your home, and having to find all the sections when you want to read the full text. The defrag tool (Start > All Programs > Accessories > System Tools > Disk Defragmenter) does its best to reorder your hard drive.

Upgrade your operating system
Windows XP is more secure and stable (therefore much less likely to crash). If your system can handle it (visit Windows XP Upgrade Advisor to find out), consider the upgrade. Keep your software and hardware frequently updated to get the best performance out of your system. Updates can be downloaded by visiting the manufacturer's website. Windows Update can also scan your system and present a list of updatable items. There is a little reminder box that will occasionally pop up in the right-hand corner of your screen when you start Windows. That reminder will let you know when you need to update — just click on it and it will install the necessary upgrades for your system.

Clear your cache
Every time you visit a new website, content is stored in your Temporary Internet Files folder, or Cache. Not only does this make surfing the web slower, but it also takes up valuable space on your hard drive. If your computer freezes three times in one day, that's a sign to clean up: while on Internet Explorer, click on Tools, then Internet Options, and, under Temporary Internet Files > Delete Files. You can also set the amount of disk space you want such files to use by clicking on settings and changing the megabytes.

Assess your memory and tools
The more programs you keep open while you work, the more random access memory (RAM) you need to keep them running smoothly. Norton says at least 256 MB of RAM should keep XP happy but more and more I find 512MB much better. If your mousework isn't smooth, buy a new optical version to make your work more efficient. And make sure your keyboard and office layout are ergonomically correct — even if your computer is optimised, efficiency will quickly deteriorate if you develop carpal tunnel syndrome!

Is your business run through a Limited Company?

If your business is run through a UK Limited Company, you should be aware of the change in law which requires websites and email footers to show the same information as printed business stationery ie Registered Office address, company registration details, VAT number and so on.

Take a look here for more details.

Securing wireless networks

Wireless is becoming an increasingly popular way for businesses to share information and work away from the office. According to a survey by Gartner of 625 SMEs, more than a quarter of staff already does some work from home – and this figure is growing rapidly.

Keeping vital information safe is critical for workers on the move, particularly on a wireless network.

Wireless offers businesses a flexible internet connection, to allow workers access to a company network from locations outside the office. As the cost of wireless devices is decreasing, small businesses are now able to have the capabilities of larger organisations at reduced costs.

The problem, however, is that wireless devices can be hard to secure. Wireless devices work on a radio signal: where exactly the signal can travel can be difficult to contain, leaving them open to intruders and hackers. All devices need to be secured, not just those in the office, as the weakest link is often when staff take laptops home or access the network remotely.

Wireless networks are susceptible to a number of security breaches, including all the problems that affect wired networks. Denial of service (DoS) attacks are just one security issue that wireless users could find themselves faced with. DoS attacks prevent legitimate users from accessing the network and essentially disable your computer network.

Numerous simple steps can be taken to protect information on a network and prevent critical information being lost or stolen. These include encryption, firewalls and anti-virus software to protect against malware threats. These are just a few of the simple ways you can ensure all critical data is safe from hackers and viruses.

Recent research by business Link shows half of all SMEs expect at least one security breach each year. With the consequences of a breach so potentially damaging (not only financially, but businesses can also lose their reputation and the confidence of customers), small businesses really do need to implement the necessary barriers to protect themselves and their data.

Anti-Virus software
Malware (or malicious software) such as worms and viruses are designed to infiltrate and damage computer systems, often causing loss of data and vital information, along with causing a computer to run extremely slowly. Malware often comes from a file sharing programme or pop up, which once on the system can be hard to get rid of. Installing anti-virus software is one security measure to prevent malware. Keeping this, along with operating systems (i.e. Windows) updated can help block any malicious codes.

Encryption
This is a process of encoding information so unauthorised users cannot understand it. The intended recipient of the information decodes the data with a specific code or password.

This is one of the most effective ways of securing vital data. Encryption is a useful and necessary practice, which prevents hackers or those who are able to tap into the wireless network from gaining any sensitive or confidential information. If staff are using USB memory sticks, it is also good idea to encrypt any information that is saved, as these are easily lost or stolen, leading to the loss of critical or sensitive information.

It is good practice to employ the highest level of encryption possible, when using wireless. This entails setting the wireless device to use WEP (wired equivalent privacy) encryption with 64 or 128 bit encoding, as this can help protect against eavesdropping (128 bit encryption is more secure). WEP also prevents unauthorised access to a wireless network by encoding information, using secret user keys which users must enter to gain access to the network.

SSID
Wireless routers often come with a pre-defined SSID, so it is adisable to change this, as often it it merely the manufacturer's name or the router model. It can be accessed from within Windows-based configuration tools (but don't use an obvious name such as birthdate, address or other personal information).

Firewall
A firewall is a piece of hardware or software that is a necessary security measure in both wired and wireless networks. It works by acting as a filter, through which all traffic passes. Any information that does not meet security criteria is blocked and not allowed to pass onto the system. Having a firewall in place can prevent all hackers, viruses and worms, as malicious internet traffic is screened out before it reaches your computer. Hardware firewalls provide more protection than software firewalls and generally are more expensive, but are necessary to protect a network of computers.

Updating default settings
This is one of the simplest and cheapest ways to add extra security to the network. All devices come with a set of default settings, which may need altering in order to get increased security.
The administrator password is a good example of this. The default setting sometimes does not require a password to gain access to the system. This should be changed immediately to make the network password protected and therefore blocking unauthorised users.

Implementing a combination of these basic defence methods is necessary and will provide enhanced levels of security for a mobile worker. For example, firewalls alone will not provide sufficient levels of security to protect against malware threats. It is crucial that wireless networks are kept updated as new threats or vulnerabilities are continually arising, leading to new devices and protection measures that need to be implemented in order to provide protection on the network.

In addition to these steps, all businesses need to think about wireless devices as part of an overall technology security strategy. Small steps, such as not allowing personal laptops on the network or file sharing through non-secure channels such as instant messaging are vital.

Whatever size or type of business it only takes one security breach to play havoc on the business.

Where IT goes wrong at SMEs

Following research, Concerto Networks believes that there are real issues within SMEs today that impact the value and success of technology as follows:

1. Information management issues are not understood by the business

2. Technology is viewed as a commodity with a focus on cost

3. The business often makes unreasonable demands

4. Performance of technology is measured by cost or time and not contribution

5. End-user training is not taken seriously

6. Lack of attention to the basic infrastructure of IT Systems

7. Lack of partnership and solution orientated vendors

The terabyte drive is here......

Last year, Hitachi Global Storage Technologies predicted hard-drive companies would announce 1 terabyte (1,000 gigabyte) drives by the end of 2006. Hitachi was only off by a few days.

The company announced yesterday, January 4th 2007, that it will be producing a 3.5-inch-diameter 1 terabyte drive for desktops in the first quarter, then follow up in the second quarter with 3.5-inch terabyte drives for digital video recorders.

The drive will cost $399 (currently around £200) when it comes out. Rival company Seagate Technology will come out with a 1 terabyte drive in the first half of 2007.

So what is a terabyte? Strictly it is a million megabytes, or 1,000 gigabytes, as measured by the hard-drive industry. But what does that equate to in eveyday terms? About 50,000 trees would be necessary to create enough paper to hold a terabyte of information, the drive will hold 250,000 MP3 files, or 330,000 photos each of 3MB.

So do we really need this kind of storage capacity? Some would argue that first we should get smarter about housekeeping and not just keep everything for ever - many businesses do this and often keep multiple copies of the same thing, eating into disk space. However as new technologies develop (video typically takes up 1GB per hour), files sizes are increasing and ulitmately, yes, we will probably all benefit from the increased storage available.

As an aside, and for comparison, it's hard to believe the hard drive celebrated its 50th birthday in 2006, and the first drive ever was 24 inches in diameter with 50 platters, stored 5MB and weighed over a ton!

WEEE is here.........

The directive on Waste Electrical and Electronic Equipment came into effect in the UK on 1 January 2007, and must be complied with by July 2007.

If you aren't familiar with the implications for your own business now is the time to do the necessary research.

The European Commission home page on the Directive is here.
The Department for Trade and Industry information is here.
And here is some guidance at the NetRegs Web site.

Everyone in business is likely to be impacted either as a producer, distributor/retailer or a user. The NetRegs piece is quite succinct and will take you straight to the relevant summary of the regulations.

Microsoft is limiting the free use of Outlook 2007 to Exchange 2007 users

Microsoft is limiting the free use of Outlook 2007 to Exchange 2007 users: licensing terms for the new Exchange e-mail platform software only give free Outlook e-mail software use to registered Microsoft Software Assurance upgrade subscription users.

As firms normally want to run Outlook with Exchange, the licensing change could prove costly to many firms. Exchange 2007 was released last month, but it does not include Outlook 2007 in its Client-Access License (CAL).

Previous versions of Exchange saw customers given a free copy of Outlook with each Exchange CAL. So, for example, with Exchange 2003, if a firm installed the platform along with 150 CALs, they would also be given 150 copies of Outlook 2003. But the new licence restricts free Outlook 2007 software to those firms with Software Assurance in place as of 30 November.