Friday, April 11, 2014

The Heartbleed bug and why a secure password matters even more now

In early April 2014, a huge vulnerability was uncovered in a cryptographic software library used by an estimated two-thirds of web servers currently in use around the world. This vulnerability allows an attacker to request data from the memory of any server that uses OpenSSL and potentially read unencrypted passwords, confidential or sensitive information, e-mails, or anything else the server happens to return.

According to Ars Technica:
The leak is the digital equivalent of a grab bag that hackers can blindly reach into over and over simply by sending a series of commands to vulnerable servers. The returned contents could include something as banal as a time stamp, or it could return far more valuable assets such as authentication credentials or even the private key at the heart of a website's entire cryptographic certificate.
Just how bad is this bug? Mark Loman, a malware and security researcher at SurfRight, tested a few public servers after hearing early reports of this bug and noticed that plain text usernames and passwords were being returned to him by Yahoo Mail, one of the world's most widely-used webmail services. Further investigation showed that Flickr, Tumblr, and a number of other Yahoo properties were vulnerable, potentially exposing millions of users to account compromises.

Mark posted a pair of screenshots to Twitter that show account credentials in plain text (see below). Mark courteously obscured the usernames and passwords affected, but it's not hard to imagine other people being somewhat less polite.


Tell me the truth, doctor, how bad is it?

On a scale of 1 to 10, the general consensus is 11. Remember, the servers involved have potentially been leaking their private security keys which means anyone can 'fake' being them, and you'd have no way of knowing for sure.

What does this mean for me?

If you're a systems administrator who controls a number of servers, it means lots of work to get everything patched and authenticating properly again.

One option is to start using a password manager. So many web servers use OpenSSL that it's likely some service you've encountered at some point will be compromised. Limit the attack vectors to your accounts by using unique passwords, and even if someone gains access to that forgotten account you set up once, they won't get access to that important account that you use every day.

Also use two-factor authentication wherever you can. Two-factor authentication protects you even in the event that someone does manage to get your password by requiring a second, randomly-generated "token" that expires every 45 seconds or so to allow you to access your account.

Thankfully, if you use Google Apps or Microsoft Office 365 you're safe. Microsoft doesn't use OpenSSL and instead relies on its own encryption mechanism and Google Apps/Gmail has been using forward secrecy since November 2011. Google is patching other services affected by the Heartbleed bug, but it never hurts to change your password regularly.

Wednesday, April 2, 2014

Google Apps, Uber, and Netflix – Disruption and doing things 10 times better

As a relatively small market compared to the ten-fold larger United States, Canada is slow to receive the latest in disruptive technologies. Netflix rolled out its now-ubiquitous video streaming service in the US in 2008, and Canada didn't get Netflix streaming until September 2010. Now incumbents like Rogers are racing to provide Netflix-like functionality.

Uber
Uber does everything you need
and looks good doing it.
Another example is the oft-beset-upon taxi service Uber. Traditionally, when you need a taxi in a hurry, you either run to your nearest major street and hope that an empty one rolls past or you phone the taxi company. Then you have to wait for the taxi to show up and hope it's not nabbed by someone else in the meantime. Once you arrive at your destination, calculating the tip, giving payment, and getting a receipt is a cumbersome process that hasn't changed significantly in many years.

Uber allows anyone to request a ride via a mobile app or the web. Drivers arrive curbside in just minutes, you can track the movement of your ride, and you receive a text message when your driver arrives to pick you up.

Once you've arrived at your destination, Uber handles the payment automatically through the app and your online account. No need to fumble with cash or wait for a credit card transaction to process through a painfully slow payment terminal over a cellular connection. With Uber, the cab driver simply ends the ride on his smartphone and the payment is processed. You'll have the receipt in your email by the time your feet hit the curb.

Uber first launched in San Francisco in 2009, and has since rolled out to more than 50 cities in 20 countries, including Toronto and Montreal. The service only recently launched in Toronto area, though, and since it relies on local drivers to provide rides, there aren't many cars available in the area just yet. In San Francisco, "No one under the age of 40 with a smartphone is going out and getting a cab anymore."

I had the opportunity to experience first hand how Uber has transformed the marketplace in San Francisco while attending the 2014 Google Global Partner Summit. My three Uber trips were an eye-opening experience that tells me this is going to cause a similar market disruption in Toronto. It's just a matter of time.

Mississauga Taxi
On the other hand, Mississauga Taxi
looks and behaves as dated as it is.
Local companies like Mississauga Taxi have an app that works, but it doesn't see much competition from Uber at the moment. They haven't taken it to the next level to turn it into a disruptive technology. The Mississauga Taxi app omits vehicle choices, automatic payment processing, visibility of cars in the area, or a custom pick up location by dropping a pin. Its address search is cumbersome as it couldn't find the local Port Credit GO Station which Google Maps finds and autocompletes before I finish typing it.

The one nice feature was the ability to monitor the location of the cab dispatched to pick me up. After that, the taxi ride and payment experience is just like the old days and it took me longer to use the app than it would have to pick up the phone and call the cab company. In fact, when I arrived at my destination the Mississauga Taxi driver was fortunate that an individual not willing to wait for the next train to downtown tapped on his window and asked for a ride. However, the in-a-rush new customer had to wait while my cab driver booted up the payment terminal from scratch, entered the cab fare, inserted my credit card, let me enter the tip amount, my pin code, wait for the slow cellular data connection to process the payment, then finally print the receipt. With Uber in San Francisco, I simply got out of the cab and felt my smartphone vibrate immediately with the emailed receipt. What a massive difference in customer and driver experience!

Technologies like Netflix and Uber tend to be borne out of frustration with the traditional way of doing things, and Google thinks the same way, all the way from the very highest levels. Larry Page has said he, "expects his employees to create products and services that are 10 times better than the competition." Why? Because products and services like the Google Apps won't cause market disruptions if they are designed to be only two or three times better than the incumbents like Microsoft Exchange and Lotus Notes. You have to start fresh and completely change the way things are done to have any hope of making things 10 times better. Only then will you cause a disruption.

Miss the disruptive wave and you can end up like BlackBerry, a business that will continue to survive, but will also continue to downsize to match their shrinking customer base.

So why stick with the incumbents who always seem to be two steps behind, responding with too little, too late? Get Google Apps for your business now and earn more money like the individual taxi drivers in San Francisco that ditched the traditional cab company and switched to Uber.

Google Apps let you work the way you live by enhancing consumer products used by billions with the features and controls that your business needs to be productive, innovative and successful. Google Apps will change the way you do business!

Thursday, March 13, 2014

Web Marketing Tip: Facebook's organic reach is rapidly approaching zero

In a prior post we discussed how Google+ is mission critical to your marketing efforts. Facebook "Likes" on your brand's page continue to diminish in value because your posts are not seen by your audience unless you pay Facebook for the privilege.  The best posts now only reach about 12% of your total audience.

We recognize that we can appear biased towards Google+ since we're a Google Apps Premier SMB Reseller, so we felt our earlier post deserved a followup. These two articles confirm our opinions, and there are many more along the same lines:


Don't get distracted by your website analytics telling you that Google+ is not important. Like any other social media platform, you have to focus on publishing good content and building a following before you'll see the results of those efforts.

Tuesday, February 25, 2014

ArrayFormula, Match and Offset in Google Spreadsheets

This is a repost of our contribution to the Google Gooru website that provides Tips, Tricks, and Tools for Gmail & Google Apps.



The arrayformula in Google Spreadsheets has a number of great different use cases. This video pairs the arrayformula with Match and Offset to pull in a constantly updating range of data in one sheet to create a chart in another sheet.

The advantage of using the arrayformula in conjunction with Match and Offset is it allows you to constantly add rows to your selected range, so you never have to worry about updating the formula. This would work great, for example, if you were pulling from the responses from a Google Form and wanted to consolidate them into a chart.

This video also happens to use our recently released Blink Reports Add-on for Xero Accounting!

Tuesday, February 18, 2014

Embed an image in your Google Apps signature using Google Drive

A recent update to Google Drive has broken this method of inserting images. To see updated instructions, click here.

If you're used to Outlook or other traditional mail clients, Google Apps' signature can be a little confounding at first blush. Inserting an image looks like it should be as easy as clicking a button and choosing the image you'd like. However, if you click the insert image button, what you'll see instead is this:


Now you're stuck unless you use third-party image hosters like imgur, ImageShack, or Photobucket. While these products work just fine for general hosting, they might be blocked by corporate firewalls, or cause a host of other problems. But are you really stuck?

As is usually the case when Google goes against the grain, there's a reason why they've chosen this route rather than the "traditional" route of attaching an image file to each email you send. The first is the obvious one--it saves you from actually having a file attachment on each message you send, which reduces e-mail message sizes. Secondly, and more importantly, it helps you avoid having your messages sent to spam. Many mail servers look for images attached to messages as a sort of "flag" that the message might be spam.

Luckily, if you use Google Apps for Business (or, indeed, a free Gmail account), you have the Google Drive cloud storage application to help you out. First, find the image you'd like to use in your signature and upload it to your Drive. Next, ensure that the image is shared publicly (with view-only rights, not edit rights), so that anyone you send emails to will be able to see the image without having to be signed into a Google Account.


Once you click "Save", you should be taken back to the initial sharing dialogue box, which will show you who the file is currently shared with along with the URL to access it in a text box along the top. What we need here is the File ID, which is the two-part string of characters in between /d/ and /edit, as seen below:


Now, we need to trick Google Drive into thinking we're exporting the image, so that we can access it outside of the standard Google Drive image viewer. To do so, we'll use this URL: http://drive.google.com/uc?export=view&id=<FileID>. Here, we replace <FileID> with the text highlighted in red above. So we'll use http://drive.google.com/uc?export=view&id=0B_T9jgOMjQ5lN2Z4UWhpZGRTM1E. To test if you've got the right image, simply copy and paste your URL into your browser's address bar and hit enter. If you see only the image show up, then you've done it correctly, and can use this URL to insert an image into your signature.


Go back to your signature editor, click the Insert Image button, and paste in the URL we generated a moment ago. If you see the image load in a preview just below the URL box (it might take a few seconds if it's a large image), then you've got the right URL. Click OK, and you're done! That image will now be linked in your signature, won't take up extra space, and shouldn't trigger spam filters.

All this work saves you from having an attachment on every message you send, which certain spam filters don't like, and will allow you to quickly and easily change your signature's image, as long as you use the "export" URL listed above.

Tuesday, February 11, 2014

Using YouTube Live and Hangouts On Air for Google Apps domain-restricted town hall meetings

If you've ever wanted to hold a private town hall meeting for your organization but haven't been able to get everyone involved because of geography, time zones, and other factors, you can now join the ranks of Conan O'Brien, Tyra Banks, The New York Times, Deepak Chopra, Cadbury, and the Miami Hurricanes by using Google+ Hangouts On Air and YouTube Live.

Best of all it's included with your Google Apps for Business subscription for no additional cost.

There are a couple of prerequisites to being able to broadcast live either to the Internet at large or just to your organization. First, you must have a YouTube account that is in good standing--meaning you've got no strikes on it. If you don't have a channel, create one and verify it via SMSOnce your YouTube account is configured, make sure that your Google+ profile or business page is connected to your YouTube channel. If you've just created a YouTube channel, this is done automatically for you. For existing channels, you can connect it to a Google+ profile or a Google+ page. If you previously used your Google+ page to broadcast to a Google+ profile administrator’s channel, you need to link the page to its own YouTube channel.

Now you're ready to broadcast using Google+ Hangouts On Air and YouTube Live! Navigate to your Video Manager:

Once you're in your Video Manager, click Live Events in the left-hand navigation menu:

You'll notice at first that there are no events scheduled. Click "Schedule a new event" or the "New live event" button on this page and you'll be taken to a page with lots of options. Most of them are pretty self-explanatory, such as title and time, however there are a few things that need to be configured to make sure you're not broadcasting to everyone in the world.

On the "Basic info" tab, click the "Public" drop-down box and select "Private". A new text entry box will be added to the page and you'll be able to share the broadcast with Google+ Circles, specific people, or your domain. For a town hall-style meeting, we recommend setting it to your Google Apps domain name circle, though you can add as many or as few people as you'd like. When you pick the Private option, anyone who wishes to view the broadcast must have a YouTube or Google+ account tied to the e-mail address or domain you've shared the broadcast with and must be signed into that account. Some of your Google Apps users might have to create their Google+ profile for the first time to access the YouTube stream.

Make sure "Type" is set to "Quick" so that you don't have to do any extra setup work, and leave the Advanced Settings screen alone, unless you'd like to add location data or a recording date.


Click the blue "Go live now" button, and you'll receive one final warning to let you know that you're about to go live.

If everything is okay, click the OK button, and now you're broadcasting! You can monitor the feeds on the fly through the Google+ Hangouts On Air window that pops up, or by clicking Live Control Room on the broadcast setup page:


From this control room, you can monitor people who are watching your video, add or remove abusive viewers, mute attendees, and more. It's like having your own TV station control room, right on your PC or Mac!

And, of course, anyone who tries to view your broadcast without the proper rights to see it will simply see a message pop up telling them that the video is private.


Once your event is done, YouTube will automatically save the video online with its sharing permissions intact, so that anyone who missed it live can watch it again whenever they want.

Thursday, February 6, 2014

Google+: not a social network but a social layer that's mission critical to your marketing efforts

Google+ has over half a billion monthly active users, over 1 billion registered users, and the +1 button gets clicked 5 billion times per day. Some forecasts suggest that it is on track to overtake Facebook in 2016. The Google+ audience tends to be made up of early adopters, technophiles, people in various high-tech industries, and more enthusiastic users of technology.

Yet the majority of small- and medium-sized businesses continue to ignore it because, in their eyes, everyone is using the currently more popular Facebook. We see it in our own Google Apps customer base, and maybe your company behaves the same way.

At Interlockit.com we've chosen to largely ignore non-Google services in our own marketing efforts and we still show on the first page of organic search results for "Google Apps Toronto". Maybe we could achieve first place if we worked hard on a Twitter and Facebook presence, but we feel that with limited time and budget, focusing on Blogger and Google+ with their integrated "social layer" is generating the highest return on investment.



97% of consumers search for local businesses online. Your local Google+ page connects you with customers in Search, Maps, and Google+ no matter what device they are using.

Note this article's headline: "not a social network but a social layer." Google+ is a social layer intimately connected to your business' search engine results. The "social layer" shows who in your circles has +1'd your search engine results. You're certainly more likely to click on the link that your contacts have recommended.

Google+ is integrated with paid advertisements on Google's Adwords advertising platform. Search for Cadbury on Google.com to see how their ads integrate with their 3.1 million followers on Google+.

Google+ is a key connector, the glue that integrates your social and business network across Google's vast offering of services.

If your business still doesn't have a Google+ Business page, set one up now and link it to your website!

Friday, December 13, 2013

How Google Apps and Gmail Image Caching Affects Marketing Emails

MailChimp has done a good job clarifying the confusion on the impact of Google's recent change to how images embedded in emails are displayed. Ars Technica's Ron Amadeo, for example, misunderstood the impact of the change but has since revised his article with updated information.

Many of our customers use MailChimp or Constant Contact for email marketing since they integrate beautifully with Norada's Solve360 CRM and other CRM solutions. MailChimp also integrates with Google Apps so that you don't need to remember yet another password and can better protect your account with Google's free two-factor authentication.

Google Apps and Gmail accounts represent about 475 million users worldwide.

The key points are:
  • The tracking of unique opens of marketing emails by Gmail web interface users is improved by this Google Gmail change.
  • The tracking of repeat opens by recipient is defeated by the image caching used by Gmail for web interface users.
  • Gmail users that access their email via POP or IMAP clients like Outlook, native iPhone mail, etc., are not affected by the change since the client software opens the images.
  • The privacy of Gmail and Google Apps users is greatly improved by the change since your own computer's IP address, which can disclose your physical location, as well as browser and version, operating system, and more, is no longer disclosed to the sender by the unique images embedded in emails by all the leading email marketing software solutions.
Certainly reach out to us at Interlockit.com if you'd like to learn more about this change.

Tuesday, December 3, 2013

BlackBerry is repositioning itself as a device management company—but is already being beaten by Google

BlackBerry recently published an open letter to its "valued enterprise customers and partners," to remind everyone that they "are very much alive, thank you." The newly-minted CEO, John Chen, makes an important—and telling—concession to the "new" mobile computing landscape: recognizing "that BlackBerry devices are not for everyone."

Unfortunately BlackBerry devices are losing ground faster than ever according to data released by Gartner last month. BlackBerry now sits at a mere 1.8% of the global smartphone market, compared with 5.2% at the same time last year.


As a result of their declining sales of smartphones to end users, BlackBerry is beginning to reposition itself to focus on a handful of what it sees as key areas: enterprise mobile management (EMM) solutions and embedded systems, as well as cross-platform instant messaging (BBM).

It's not hard to see why BlackBerry sees the need to pivot away from what has traditionally been its strength, but unfortunately it's pivoting straight into a marketplace where it's pricing itself out of contention. BlackBerry's enterprise management capability revolves around the BlackBerry Enterprise Service (BES), a software package that requires you to either manage an on-site server or pay for hosting one in the cloud, in addition to the $19 per year management fee. Add to that the fact that the newest version of BES (10.2) can't manage BlackBerry devices running older versions of the BlackBerry operating system and you need to double your server count just to be able to manage both generations of devices.

As if all that wasn't enough, the $19 license fee is charged per device, so if you have two devices, each one of them needs its own license fee. And who doesn't have a smartphone and a tablet these days? In fact, a Sophos survey says consumers are carrying an average of 2.9 mobile devices each.

Google Apps for Business and Education includes bring-your-own-device (BYOD) security for iOS, Android, and BlackBerry 10 in the $50 per user per year price tag—which includes activation on an unlimited number of mobile devices. We've tested management of BlackBerry 10 devices from the Google Apps console and it provides remote wipe and monitoring capabilities just as it would for any other device. There's really no need for a BES.

For about $12 more per year than two BES device fees per user, you can have an all-in-one, cloud-based productivity suite that includes BYOD management features and can replace your Exchange, Lotus Notes, or other email and documents solution. Sticking with BlackBerry means you're on the receiving end of all the IT headaches involved with patching, securing, and managing yet another server (or two!).

All of us at Interlock IT live close to BlackBerry headquarters in Waterloo and sincerely hope that they can find a successful market niche. BES 10.2 does have some advanced security features not found in other products. But the BYOD market is a highly competitive space already well-covered by giants like Google so BlackBerry has a tall, competitive mountain to climb.

Does anybody remember Palm?

Tuesday, November 12, 2013

As Windows XP and Exchange 2003 approach end of life, Google Apps can fill the gap

Microsoft's Windows XP is one of the most successful operating systems ever released, selling over 400 million licenses during its lifetime. When coupled with Exchange 2003, the two systems were hugely profitable for Microsoft. Businesses simply don't want to move away from products that still work well. However, after over twelve years of powering many of the world’s computers, Windows XP and Exchange Server 2003 will officially retire on April 8th, 2014.  This means that security patches will no longer be released by Microsoft leaving your Windows XP computers more susceptible to attacks, vulnerabilities, and other nasties.

However, Google has committed to support Chrome on Windows XP until at least April of 2015. Since unpatched browser bugs are often used by attackers to infect computers, this is great news for the millions of users still using Windows XP.

As of November 2013, Windows XP still accounts for a whopping 31.2% of desktop operating systems worldwide. Unfortunately no solid numbers are available for Exchange 2003's market share, but in March of this year The Radicati Group released its report, “Microsoft Exchange, Office 365, and Outlook Market Analysis, 2013-2017” which pegs overall Exchange usage at 51% of email systems in the Business Email and Collaboration market.

Google Apps for Business provides a powerful alternative to any Exchange Server or Outlook email system and relieves the pressure of constantly having to upgrade by doing all the heavy lifting for you. You're always on the newest version of Google Apps and you never have to worry about upgrading servers or micro-managing a fleet of incompatible devices, as nearly any device with a web browser will work.

So if you're near the end of Exchange Server 2003's life cycle, why not boost your company's productivity with Google Apps for Business? Contact us today to find out why Google Apps is the right fit for you!

Monday, November 4, 2013

Introducing the new Google bar and restoring Single Sign On (SSO) for Marketplace Apps

Google Apps is a constantly-evolving suite of the best web applications for businesses. As part of their quest to always make everything just a little bit better, Google recently rolled out a new navigation option that replaces the old Google bar.
The new Google bar.
The new app launcher replaces the traditional black navigation bar with a simple grid that is designed to keep the experience consistent across Android, Chrome OS, and the web. The complaint we've heard is that you now need at least one extra click and sometimes two in order to get to services that you used to be able to get to very quickly. As well, all your Google Apps Marketplace applications are hidden under the grey "More" link. We've had multiple customers contact us saying the links have simply disappeared, because it's not immediately obvious where they might be.

Not a big fan of the new navigation system? Not to worry! There is a way to avoid all the hunting, and it involves taking advantage of the excellent Bookmark Bar in the Chrome web browser. If you're using Chrome, press Ctrl+Shift+B (on Windows and Chrome OS) or ⌘-Shift-B (on a Mac) to show or hide the bar; you'll see it appear or disappear beneath the address bar if you've done it right. To add a bookmark to this bar, follow the instructions below (these show you how to add a single sign-on bookmark for Solve360):
  1. Click the Chrome menu button () on the browser toolbar.
  2. Select Bookmarks.
  3. Select Bookmark manager. You can also get to the Bookmark manager by using the hotkey Ctrl+Shift+O (on Windows and Chrome OS) or ⌘-Shift-O (on a Mac).
  4. Right-click on Bookmark bar in the left-hand navigation pane and click Add page....
  5. Name it Solve360 and paste this URL: https://secure.solve360.com/marketplace/?domain=yourdomain.com (where yourdomain.com is replaced with your primary domain name).
  6. Press Enter. You're done!
Now you'll have one-click access to Solve360 from anywhere in your browser, not just from your inbox. You can also hold down Shift while you click the bookmark to open it in a new window, and Ctrl+Click or click with your middle mouse button to open it in a new tab.

You can configure the same functionality for other services, such as FreshBooks (https://secure.freshbooks.com/google.php?domain=yourdomain.com) and Xero (https://login.xero.com/Signin/SignInWithGoogle?domain=yourdomain.com).

All you need is the URL that the service redirects to as soon as you click a link. Need help finding out exactly what that is? Contact us and we can do all the heavy lifting for you!

Thursday, October 24, 2013

Generating quotes with Google Apps Script and Solve360

Norada's Solve360 CRM is a low cost but very fully-featured cloud-based CRM, and while it integrates deeply with Google Apps, it still needs some custom work every now and then to unlock its full potential. Luckily, we can offer it a helping hand by leveraging the Solve360 API and Google Apps Script.

Rick Klassen of Klassen Specialty Hydraulics contacted us at InterlockIT.com to see if we could streamline the "tedious" quoting system that they had been using: searching for a similar quote, editing it manually to reflect the new requirements, and then saving it to a new folder on a local server, all followed by opening a spreadsheet that doubled as a database and adding the details of the new quote. And forget about trying to create a new quote from a mobile device or when you were out of the office!

We found that with a bit of custom work, we could make Rick's life much easier, and that's exactly what we did. Here's how.

To start, we need to establish the conditions that allow Solve360 and Google Apps to talk to each other--we want to automate repetitive things, so an activity template is used in Solve360. We insert it, and kick off the first of two scripts by clicking "Create new quote":

Insert an activity template to get started.
Now we can use Google Forms to gather the information we need.

The first stage of our quote generator. This particular utility has a number of these pages, with various branches of logic.

Once the user submits the Google Form, the second script is executed. The second script processes the latest submission, reading it from the spreadsheet in which Google Form submissions are saved, and performs a number of actions on it. In a later blog post, we'll detail exactly how some of the scripts work.
Success!
The user receives the above email and in one click can view the completed quote, an excerpt of which is below. It's a live Google Document so the user can continue to make changes to the quote.


Finally, the Solve360 record for the contact is once more updated. This time we can see that the script has added two follow-ups with different dates, created a direct link back to the above Google Document so it can be reached quickly and easily, and inserted an Opportunity record that allows you to track the progress of the deal as it moves forwards.

Here are the final activities that the script adds to the Solve360 record.
As Rick told us, "We have a powerful and flexible solution that not only saves time in the quote creation process, but takes care of the data entry, management, and even reminds our sales people to follow up - all automatically." Creating quotes can now be done from anywhere with an internet connection, and everyone who needs access has it right away.

"These days my colleagues and I can create quotes in a snap (from desktop or mobile), and we each get an email whenever a new quote has been created so we can collaborate on it in real-time, then send it to the customer. This can all happen in a matter of minutes from start to finish."

All this is done in the background, completely transparently to the user, and takes the hard work out of creating quotes, leaving you to focus on the important things—like closing the deal.

Friday, October 18, 2013

The future of malware - Google Apps protects you

In the last few weeks, a relatively new "ransomware" package has been making its way through the world's computer systems, spreading via email. The email messages where the malware lives appear to come from legitimate sources (banks, accountants, and more) but are really just highly sophisticated phishing messages.

Of course, your best course of action if you aren't expecting a message to have an attachment is always to not open that attachment and instead call the sender directly to verify it. While Google has very, very good spam and phishing detection, it's not perfect, and the last line of defense is you.

The message you'll see once your files are encrypted.
The malware, called CryptoLocker, works by scanning your computer and any network shares for a huge variety of files, including Office documents, pictures, PDFs, and Outlook PST files, among others, and then encrypting them with a nigh-unbreakable 2048-bit RSA encryption key. Once the encryption process is complete, you'll be presented with the message above, demanding a $300 payout to unlock your files and warning you that attempting to remove the software will immediately destroy the private key stored on the remote server.

According to a number of posters on a month-old reddit thread detailing the malware, paying the $300 ransom does work and you will be provided with a key that will decrypt all your files.

The advantage of Google Apps

But it would be much easier to simply not have to worry about this kind of thing at all, wouldn't it? Thankfully, Google Apps protects you from this kind of attack by blocking the sending or receiving of any and all .exe files, even those contained in archived zip files. The best defense is, as always, staying vigilant, but it's nice to know that you don't have to worry about opening any suspicious .exe files, since Google stops them from ever getting to you.

Can your current email system do that? If it can't, it might be time to consider switching to one that allows you to focus on the important things and not worry about whether or not every message you receive contains a hidden malware payload.

Wednesday, October 9, 2013

SMBs use multi-clouds to ramp up customer service

Mike Zafiris, an Interlockit.com team member, is quoted in the article "SMBs use multi-clouds to ramp up customer service" on Tech Page One, a technology blog from the Dell editorial team.

The article explains some of the general advantages of using cloud computing for businesses, as well as a specific use case for field technicians (something we've helped out other clients with).

Check it out here: http://www.techpageone.com/technology/smbs-use-multi-clouds-ramp-customer-service


Friday, August 2, 2013

What is the most common reason for a Google Apps Gmail outage?

Answer:  The failure of your Domain Name Server (DNS) host.

This morning subsidiaries of EIG which are Bluehost, Hostgator, Hostmonster, and JustHost completely failed affecting some of our customers.  As of 5 pm Eastern time today, 12 hours later, millions of EIG customers effectively still don't exist on the internet.  No email, websites, or anything that connects over the internet to yourcompayname.com will work for EIG customers.

Domain Name Servers (DNS) are the telephone directory of the Internet and are required to translate domain names like interlockit.com into an ip address.  When DNS fails sending email servers can't lookup the location of the Google Apps email servers to deliver your emails.

A coincidence, but another Google Apps customer was down for most of yesterday because DNS hosted at their small IT consulting firm failed.  We had recommending moving the DNS hosting for higher reliability 6 months ago.  Today we switched them to GoDaddy.com to avoid future issues.

GoDaddy.com did have an outage in 2012 but this has happened only once in the 4 years we've been working with them.

GoDaddy's control panel for changing settings is user friendly and the modifications propagate quickly meaning we can complete our work on behalf of customers faster. Many DNS hosts have horrible control panel user interfaces and take many hours to push changes to the internet.  Many others amazingly don't support SPF, DKIM, or DMARC entries which are required to take advantage of Google Apps security measures for sending emails and blocking spoofing.

Here are our recommendations related to domain registrations and DNS:
  • Use GoDaddy.com or eNom.com which are the official Google domain name registration partners and the world's largest Domain Registrars by Total Domains.  Gandi.net is a good option too.
  • Do not transfer your DNS (also known as name servers or NS records) from one of these partners to a separate website hosting company.  Just change the pointers/ip addresses for the website in your zone file and don't change the Name Server records (NS)
  • Never allow your IT consulting company to transfer/register your organization's domain name in their company name.  If a Whois lookup shows something other than your name in Registrant Name or Registrant Organization get this changed right away because legally you don't own your own domain.  If the Registrant becomes unavailable or uncooperative you have the nightmare situation of losing control of your own domain name and website.
  • Retain the username and password for your account at GoDaddy.com and eNom.com so that you can provide access to consultants and service providers as needed.  Too often we can't fix an emergency problem or get started on a project because the holder of the keys to the DNS is unavailable.
  • For the ultimate in reliability we can configure your DNS at two different hosting companies.  This way both hosts must fail to experience an outage.
The Internet was designed to be highly resilient to failures.  It just requires configuring things the right way to avoid issues.  Certainly contact us at Interlockit.com if we can be of assistance.



Monday, June 17, 2013

Google+ SEO and the New Google+ Related Pages Widget in Gmail

In December 2012, Google+ overtook Twitter for the #2 spot among social networks, with 343 million active monthly users. YouTube, Google's famous video-sharing site, ranks third, with 300 million active monthly users. Together, these two sites boast over 700 million active monthly users. Wouldn't it be nice to tap into 700 million users?

With the new Google+ related pages widget in Gmail, you now canprovided you meet a few important criteria. Most small-to-medium sized businesses we've encountered who have already deployed Google Apps haven't had it done by Google Apps Certified Deployment Specialists, which means they're generally missing SPF spam prevention and DKIM message authentication. This not only leaves your domain open to spammers and fails to prevent spoofing, but now it also means that your Google+ page can't help you fight your way to the top of Google Search Engine results.

Recently, Google rolled out a new Google+ feature that ties into Google Apps email: related pages. When a contact opens an email from you in Gmail or Google Apps, they have the ability to see at-a-glance your latest activity on Google+, the ability to +1 posts, follow your page, and more. All this capability, though, hinges on your Google+ page and Google Apps accounts being properly configured.

Linking your website to your Google+ profile is the first step, and something few businesses have done. This step is fairly easy and helps slightly with your search results, but more important are the email domain protection of SPF and DKIM authentication.

SPF is easy to implement but unfortunately just as easy to implement incorrectly, which is the state we often find it in. SPF helps other email systems identify where your email messages are allowed to come from and whether or not a particular message actually came from there. Without this, spammers can "spoof" your domain name and send email that appears as though it comes from your company's domain.

DKIM works like SPF but takes the authentication up another notch by integrating your domain's DNS records with email. You generate a unique 1,024-bit "key" that is added to every email message you send from your domain while mail servers that receive messages from your company compare the key on the message to the key in the DNS records. If the two match, the message is cleared and will hit your inbox; if the two don't match, the message is marked as spam and treated as such. A handy side-effect of DKIM authentication is that recipients of your emails will no longer need to click "Display images" on your messages. Since Google knows that your message came from you, this anti-spam tactic isn't required.

Google+ makes its impact not simply because it's also a Google product, but because Google can gather more information on users than what would come from using a browser cookie—now it can track someone's location, age, industry, and most importantly, their interests. With Google+, Google can even better personalize search engine results based on the additional information provided by a user's +1's, sharing, and posts.

By building a powerful Google+ network, you have the opportunity to directly affect the personalized search results of thousands of people in your extended network. The more interaction you have with users and followers on Google+, the more likely it is that your page and website will rank higher in Google Search Engine results.

The Google+ Related Pages Widget makes it simple for your contacts to follow you on Google+ leading to increased Google Search Engine page rank and visibility. Ultimately, this leads to more prospects and customers for your business!

Contact us at Interlockit.com so that our team of Google Apps Certified Deployment Specialists can configure the Related Pages Widget on your Google Apps domain.

Friday, May 24, 2013

Interlockit.com team member becomes a Google Apps Certified Deployment Specialist

Over 6,000 partner organizations are implementing Google Apps around the world.



Only a small fraction of Google Apps partners have staff that have passed the stringent Google Apps Certified Deployment Specialist exam.  Interlockit.com is pleased to be able to further differentiate ourselves in the Google Apps Marketplace by adding a third Certified Deployment Specialist to our team.

Interlockit.com currently maintains an elite status as one of only two Google Apps Premier Authorized Resellers based in Canada.

Deploying Google Apps is what we love to do!

Does your current provider have any Google Apps Certified Deployment Specialists on staff?