We’re Updating Our Servers

We’re always looking for ways to improve our clients’ experience with us. We understand the digital landscape and our goal is to always be a step ahead of any potential issues. To that end, we’ve made improvements to our hosting services and now our hosting is better than ever as we continue to take care of the problems that we anticipate before they’re an issue. We continue to see a high demand for domain management and are preparing a service specifically to alleviate that. What’s a brand really worth if Google doesn’t know it’s there and customers can’t find it?

We upgraded our server and the switchover happened on April 24th at 7 pm. While there will be a lag as all the SSLs (Secure Sockets Layers) get regenerated the end result will be an improved web experience for you and your site visitors. You will receive warnings like this as a result.

 

 

 

 

 

 

 

Or like this:

 

 

 

 

 

 

 

Or perhaps this:

 

 

 

 

We expect no downtime or data loss in the process but if you still see this type of warning in the near future, please let us know. It’s almost certainly a local issue at that point but our goal was to reduce those as much as possible and have as seamless a migration as possible.

Everything will be synced up by the evening of April 25th but DNS can take a day or 2 to propagate. Please reboot your internet router if your local network has issues connecting.

While we are always on the lookout for ways to improve we also love to get feedback from you. Let us know what you’re business needs are and how we can better support all your web design and digital marketing efforts.

Awesome Cyber Security Facts 2019

Security Awareness Training Could Save Your Business

Regularly updated security awareness training could save your organization from a serious data breach. Why? Because the best defense against cybercriminals is being prepared for an attack. With around 48% of breaches being as a result of human error or system failure, your employees might just be the weakest link here.

Do they know what to look out for? What do they consider a strong password? How careful are they about how they access the system? Are they using an unsecured private device? How do they deal with outsiders needing to work in your officers?

It can take seconds for a criminal to plant a key-logger or other malware on your system. And, as any good hacker will tell you, there is nothing better than direct access to the system if you want to exploit it. So that repairman coming in to fix the aircon could well pose a risk to the security of your data.

Of course, it’s not only outsiders that you need to be wary of. What if an enterprising employee decides to sell client information? Now, while it’s true that you cannot always have complete control over what they do, you can limit the potential damage.

You can put processes in place to limit their access to the system to only critical items that they need for work. You could also put measures in place to sniff out suspicious access to key systems.

As you’ll see from the EveryCloud infographic that we’ve published below, security awareness training is one of the first line defense measures that every company should be employing. And, truthfully, a lot of the tips can be applied to protect your own personal data as well.

A good attitude to adopt is that it is only a matter of time before someone tries to hack the system. It’s not the nicest way to think, but it should keep you on your toes when it comes to cybersecurity.

The stakes are high here, especially for businesses who hold a lot of client data. Can you imagine having to go to your clients and let them know that their private information has been exposed? Can you imagine the potential fallout of that happening?

Don’t take the chance – shore up your defenses now.

You can find more awesome facts and useful tips in the infographic called “Awesome Cyber Security Facts (2019)”, compiled by EveryCloud

How to Protect Your Business with Digital Forensics

Those with business have to be able to trust their employees. They give them access to computers and other digital devices and even set them up with internet access so that they can do their jobs. But blind trust isn’t an option, no matter who you have working for you. So, if there is something going on at your company and you aren’t getting the truth, digital forensics is the best way to protect yourself as well as your staff. Here is how to keep your business growing with the help of digital forensics.

Examining Digital Devices for Signs of Tampering

Some of the people hired at a company may able to make repairs and minor changes to network configurations in an effort to help their employers. Perhaps they have been hired to work in the IT department or they are simply rank and file employees who don’t want to put in a support ticket. Employers have a right to know whether or not their equipment has been tampered with or altered in any manner. It is best to have that kind of investigation done off-site, by a team of digital forensic experts.

Seeing What Your Employees Have Been Doing on Company Computers

After being offered a position and going through a background check, the majority of new hires are required to sign a contract of sorts. They might promise to always represent their employers in a positive and professional manner and to act morally, even in their personal time. These new employees are usually required to only use company equipment, including computers, in a very specific manner. The SecureForensics.com team give business owners the power to do their own thorough internal investigations. Digital forensics is used to confirm suspicions about unsavory behaviors when using business equipment. This type of computer science is only reserved for business owners who believe that something nefarious may be going on in their ranks.

Locating Deleted and Hidden Data

Most of the time, when a person is up to something that they shouldn’t be, they will at least make an attempt at covering their tracks. In the case of employees who might be surfing the web and accessing their personal social media accounts while they are on the clock, they will undoubtedly try to clear their search history as well as delete cookies. While that is a very small-scale example of what digital forensic analysts are capable of finding and recovering, business owners should know that recovering deleted and hidden data on their company computers is possible.

In the event that you believe a member of your staff is using company computers to put your business at risk, you have to act right away. Your own IT professionals may be able to find traces of information, but sometimes a clean hard drive wipe can make it hard for employers to get solid concrete proof. Realize that embezzling money or even sharing trade secrets are potentially serious offenses, and you as an employer cannot make meritless accusations. Use digital forensics to protect the future of your company and get the answers needed so that the decisions you make are smart.

Authorize.net terminating low-volume resellers

We got this email today from authorize.net reseller support:

Authorize.Net LLC (“Authorize.Net”) is engaged in a strategic initiative to allow us to more effectively work with our referral partners. Authorize.Net has reviewed its current agreements and has decided to focus on its most active partners. As part of this change in strategy, Authorize.Net will be terminating your existing partnership agreement within 90 days of the date of this email. You will no longer receive residual payouts once the partnership is terminated.

We thank you for your partnership.

We’ve been a reseller for a number of years and while we don’t make a lot on it, the customers we referred and helped setup are still active so we make a small residual each month, enough to offset our own authorize.net fees. It was enough that they were our first recommendation and as a result we have lots of experience working with them.

This email, out of the blue, is a surprise to say the least. I am sure they are going to save a significant amount on affiliate fees but I have to say, I expect to do a lot more recommendations of Stripe in the future.

Just sayin’.

 

Changes to Tracking Contact Form 7 Submissions

With over 3 million downloads and counting, Contact Form 7 is one of the most popular tools for creating a variety of forms on the WordPress platform. When using Contact Form 7 it’s easy to see why this plug-in has become a favorite of developers and website owners. The ease of use, flexibility, breadth of options, customization yet simplicity all combine to make up one of the most comprehensive and widely used plug-ins to date.

One of the great things about Contact Form 7 has always been the easy and effective way of tracking form completions through either a redirection to a “thank you” page or once the form is submitted or just redirecting users to a new page to encourage further action. For anyone familiar with the way that Contact Form 7 works these two settings for assigning Javascript may look very familiar:

  • on_sent_ok
  • on_submit

However, these settings are in the process of being phased out completely by the end of 2017. One of the only ways to track form submissions going forward will be to use event tracking. Luckily this is relatively simple, especially for Google Analytics users, to implement. In fact, by putting an event tracker similar to the one we suggest below, you can track form completions in much the same way as always but with even more accuracy.

The 3PRIME Solution
When adding event tracking to contact forms, there are a few checks that need to be made beforehand. The very first thing is to check to see if Google Analytics code exists in the header of your page. Without this, nothing else will work as intended. Once that is confirmed, we can get into the scripting/functionality.

We will need either to add a script to the page/template or we can find a dedicated javascript file to handle the work, which I would recommend. A common file such as a main.js or default.js, something that already exists on the page as a source. If there is no js file on the page then we would need to create one and link it, or we can go with the alternate method of just adding script to the page/footer.

Wherever you put your script, make sure there is a way to detect on click events. One common way is with jquery which exists on many sites and in many forms. If jquery is not on the site then we can either have the site start referencing jquery or make a more basic reference for a click event. Then check to see if any “document ready” code is in the js file. If not, you will need to state that this will happen when the document is ready to ensure that the script is not loaded before the form is.

Now in the template/page that has the form, find the submit button and add a class to it in the class field. it can be any name you want that fits the guidelines of a class name but for this example we will call it “contactEmail”. Once a class is set we can start referencing it in our script on document ready. IDs also work but classes are more consistent and user-friendly when used on the same or even multiple pages.

In the script we just have to make sure that the class is targeted correctly now. We can do this through testing. A common method is by using console.log for javascript to print a message to the inspector console when an event occurs. Add an “onclick” event handling function behind the “contactEmail” button class being clicked and simply put console.log(“ok”) inside it. If you click your button now, then the console should print out “ok.” If this isn’t working as intended then you will need to reevaluate your javascript/class/function as any of those could be the issue.

Once an onclick function is set and confirmed as working, simply add the google analytics event handling code inside the onclick function. A basic analytics function works like so:

  • ga(‘send’, ‘event’, { eventCategory: “”, eventAction: ‘click’, eventLabel: ””});

We are now sending a new event to Analytics to record, giving it a category, action, and label. These are important as they help discern and differentiate every action you wish to record in analytics. More details on how the code works can be found here. Putting it all together, we will get a function like this inside of our “main.js” file that is included on our site and on our contact form page.

EXAMPLE USING JQUERY
$(‘#contactEmail’).click(function (){
ga(‘send’, ‘event’, { eventCategory: ’emailclick’, eventAction: ‘click’, eventLabel: ’emailContactPage’});
});

When you click on the submit button with the “contactEmail” class at any point in time when on the page, an event should be tracked and recorded on your analytics dashboard, under the category “emailclick” and labeled as “emailContactPage”. Remember to test extensively and clear caching if your code is not saving/updating properly!

For more information and other form tracking solutions straight from Contact Form 7’s developer click here.

Advice to 3PRIME Network related to WannaCrypt/WannaCry Windows vulnerability

Last Friday, many companies were affected by an online attack via the software called WannaCrypt, also known as WannaCry. The attack included ransoming of important information by encryption. This attack has reached over 150 countries and approximately 10,000 companies. While this attack has been halted, precautions must be taken to prevent future similar attacks.

The most important things to be aware of:

1) If you are not using Windows, you are safe.

2) If you are running Windows 7 or Windows 10, you should be safe, but you can check here.

3) The specific attack from last week has been nullified, but the vulnerability in older Windows remains.

 

If you use Windows 7, Click Start > All Programs > Windows Update to check if there are updates available.

For Windows 10  users, in the Search Box type “Windows Update” > Check For Updates and see if there are updates available.

We recommend you run these immediately!

Resources

  1. AskWoody.com – This contains of lists of windows versions and how to check machines if they’re vulnerable.
  2. Security patches are available for download and installation. This is a step by step instruction of patching https://support.microsoft.com/en-us/help/4012598/title.
  3. Catalog of direct downloads from Microsoft: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598.