Wednesday, March 11, 2015

Two-Step Verification: An added layer of security


You most likely use passwords everyday in your life. Unfortunately, they are not as secure as they once used to be. Even if all your passwords are different across a multitude of accounts, it will do little to ensure security if an attacker gains access to your email. To be blunt, passwords are fundamentally flawed. To add an extra layer of protection from malicious attackers trying to pry their way into your account, consider 2-step verification. 2-step verification ensures security of your account beyond a regular username and password with added authentication.

Authentication is a step of proving that you are indeed yourself, the legitimate owner of the account, before granting access. The problem with standard authentication is that it only relies on something you know, a username and a password. Often, this can be guessed, cracked, or compromised in some wayAttackers, if equipped with these credentials, can easily access the account cloaked as the authentic user, making it difficult to regain control. 2-step verification is built upon something you know such as a password, and something you have like a mobile phone, fingerprint, or key.

This is where Google 2-Step verification steps in. Logging into a Google Account that has 2-step verification enabled, requires a unique, time-sensitive code in addition to the standard username and password (this code can be sent to your phone via SMS or with an application like Authy or Google's own Authenticator). It is an extra step, but it helps ensure that your account is extremely difficult to compromise. Essentially, with Google you are combining two things: your standard credentials and something that only you have access to--your phone. Think of Google's 2-step verification as a layer of security similar to that of a bank's ATM. You insert your bank card (something you have) and input your PIN (something you know). A robber would need to gain access to both of these factors to gain access to your account, plus, with 2-step verification, your "PIN" changes every 45 seconds.


The process to set up your Google 2-Step Verification is user friendly and generally takes about 15 minutes. This small amount of time to ensure maximum security to your invaluable data will save you the stress of having your account compromised.

Signing in with Google's 2-Step Verification is simple.
  1. Go to the sign-in page and enter your username and password like you normally do.
  2. Google's system authenticates your username and password, and if they are correct, you will then be asked for a six-digit code, which you'll get from your phone.
  3. After you turn on 2-step verification, non-browser applications and devices that use your Google Account will require an application-specific password to allow this application to connect to your account -- you only have to do this once for each application or device.
The benefits of 2-step verification are simple: Access to an account depends on a user to consult the source that is not readily available on the computer and is singularly designated in order to gain access to an account. 2-step goes much further to protect your information, as criminals have to work much harder to compromise your accounts.  

Set up 2-step verification on every account you can. In addition to using a secure, unique password for each account you have, it's one of the best and easiest ways you can protect yourself against any kind of data vulnerability.

Monday, February 23, 2015

Automated updates: Making work easier



Why should you choose cloud-based solutions over on-premises systems?

Not too long ago you had to run commands in PowerShell to convert an existing regular mailbox to a shared mailbox in the Office 365 Exchange admin console. This was necessary to migrate data into a shared mailbox, since it's currently not possible to migrate directly into a shared mailbox. The process was a little tedious, boring, and required some valuable time, especially if you have little to no experience with PowerShell.


First, you'd connect to Office 365 from an elevated PowerShell console...
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Then, convert the mailbox and set size quota. Note that shared and resource mailbox sizes increased from 5GB to 10GB in Q4 2013 and increased from 10GB to 50GB in Q4 2014.
Get-Mailbox -identity engineering@domainname.com | set-mailbox -type “Shared” Set-Mailbox engineering@domainname.com -ProhibitSendReceiveQuota 50GB -ProhibitSendQuota 49.75GB -IssueWarningQuota 49.5GB
Assign permissions to specific group to access shared mailbox…
Add-MailboxPermission engineering@domainname.com -User "Engineering Group" AccessRights FullAccess
Finally, remove the Office 365 license. Shared and resource mailboxes do not require a license in Office 365. To remove an Office 365 license from shared mailbox to prevent from being charged for usage, perform the following commands…
Connect-MsolService
$MSOLSKU = (Get-MSOLUser -UserPrincipalName engineering@domainname.com).Licenses[0].AccountSkuId
Set-MsolUserLicense -UserPrincipalName engineering@domainname.com -RemoveLicenses $MSOLSKU
This was the procedure to convert a regular mailbox into a shared mailbox. Now, thanks to automated updates through the cloud, you can have this process completed in a few clicks.

Login to your Office 365 account through the Office portal, and navigate to the Exchange Admin Centre. Once you are logged into your dashboard, click on the Recipients button in the menu on the left. You should now see a list of user mailboxes. Highlight the user mailbox you would like to convert to or from a shared mailbox and click on the convert button as shown in the screenshot below. (You should receive a prompt stating, "Are you sure you want to convert this regular mailbox into shared mailbox?" Click Yes.)

You can also convert a shared mailbox to a regular user mailbox following the same kind of steps. You would go into the shared menu at the top of your recipient list screen and "convert to regular mailbox".

There are many benefits of using a cloud-based solution, one of which is vitally important if you want to save yourself the hassle of setting up your own Exchange server and infrastructure, managing and maintaining desktop Office software, and installing patches and updates every month. The cloud allows you to be free of these restrictions and updates automatically as the example shown above in automating mailbox conversion. Microsoft takes care of all the dirty work so you don't have to. It's like having an IT department that maintains your cloud systems and continues to improve for your efficiency and ease.

On-premises systems will have you waiting and configuring things manually and more frequently. You must consider that implementing the same capabilities as cloud-based solutions requires servers, network infrastructure, IT personnel to install, manage, and update it all (not to mention you still have to buy the software). 

These are just a couple compelling reasons to switch your on-premise system to a cloud-based one. You can now see that cloud-computing is a highly attractive and intelligent proposition if you are looking to make the most of technology today at lower costs and lower risks.

If your current IT provider is still recommending on-premise server solutions, you're not getting good advice! Get in touch with our team at Interlock IT and we'll help make your work easier and more efficient.

Thursday, February 12, 2015

Go paperless! Lighten your business load

You may start off with bank statements, letters, receipts, business transactions, and inventories only to find that you've collected a stack of folders which eventually turn into a shelf full of boxed paperwork.

Well, what if you could evaporate all that weight up into a cloud and reference it at your fingertips, whenever, and wherever?




Thanks to technologies such as Google Drive, going paperless can really help your business. It not only helps clear cluttered workspace in the office, but also saves money and eases your business' environmental footprint. (Not to mention less trips to the printer too!)

Here are a few practical reasons why you should go paperless with Google Drive:

  • Security and Focus: You no longer have to worry about losing or misplacing your documents. No more distractions on your desk
  • Space: Enables you to save valuable office storage space. 
  • Mobility: Allows you to have access to all your documents in one place even outside the office. 
  • Time: Saves valuable time.
  • Money: Save costs ranging from printing paper, photocopying, and printer maintenance.
  • Recovery: Disaster recovery.
  • Peace of Mind: Ensures security and privacy.

Of course, all you need is Google Drive with an account and a scanner. You can also use Android/iOS smartphones or tablets to upload files as PDFs. Here are some Epson scanners that can scan directly to Google Drive with a couple of button clicks!

Google Drive uses OCR (Optical Character Recognition) for easier search results once documents are uploaded to the Drive. Essentially, Drive turns all your scanned documents into searchable text for easier future referencing. OCR also enables you to save time by dismissing you from specifically naming saved uploaded documents. Instead, all you have to do is search a key word or tag from the document you wish to find and its right there at your fingertips.

Additional storage is cheap at $1.99 per month for an extra 100 GB or $9.99/month for an extra 1 TB or switch your organization to Google Apps Unlimited with Unlimited storage for $10/user/month

Drive also allows you to create and collaborate with others like share documents, spreadsheets, and presentations on the fly with complementary Google Docs, Sheets, Slides and Forms. You can even make files available offline when you are not under cloud connectivity.

You may find Google Drive for Work as one of your most valuable investments once you have made the transition to go paperless. You can work without limits. It is safe, secure reliable, easy, powerful, and built to optimize your individual and team productivity.

We have advanced to communicate paperless with instant messaging and email. Why not do the same with organizing documents and files paperless too. It's still early 2015 and not too late to save time, money, and some trees while your at it.

Going paperless is a great idea and our team here at Interlock IT will help you make paper filing a thing of the past.

Monday, December 1, 2014

Fixing conflicts and errors with Active Directory synchronization to Office 365 and Azure

Sometimes user accounts (or objects) that have been deleted and then recreated on your Active Directory will become out of sync with Office 365 meaning changes to passwords and other attributes won't sync properly. Another cause is a change in the configuration of your Azure Active Director Sync utility, such as changing the SourceAnchor attribute.

DirSync is more common in the Office 365 user base because its replacement, Azure Active Directory Sync was recently released in September of 2014. For a comparison of the two tools visit Microsoft's Directory Integration Tools page.

If you have objects out of sync or conflicting you might receive an error message email every few hours when the AAD Sync utility is run.


You should also see the errors in the Event Viewer and Application Logs on the Windows Server running the utility.

In some cases, the Microsoft's own Office 365 IdFix tool can't find the problem, and thus can't fix it.

By reviewing the contents of userdetails.csv output by the PowerShell command:
get-msoluser | export-csv userdetails.csv
we were able to see that the ImmutableID was set incorrectly due to a prior sync configuration or that the on-premises Object ID shown in the error message above was already connected to another user.

Somewhere along the line, Microsoft removed the ability change or clear the ImmutableID attribute without first disabling Directory Sync for the organization so most internet postings we found while looking for a solution are no longer valid. Some postings showed that back in 2012 you could set the ImmutableID from PowerShell. Today you can only clear it to null if Directory Sync is deactivated.

Deleting (setting to null) the ImmutableID attribute on Office 365/Azure Active Directory solved the sync problem for us. You can no longer change it to match but the directory sync utility will re-populate it for you. Here's how to do it.

Start by disabling the Azure AD Sync Scheduler task in Task Scheduler on the Windows Server that runs AAD Sync:


Next Deactivate Directory Sync on your Office 365 Admin console:



In our experience, it actually takes a couple of hours during business weekdays and about 10 minutes on a Saturday night to deactivate, but it could theoretically take up to 72 hours to complete.

Copy the commands below into a new text file and save it as eraseimmutableid.ps1, change the $upn value accordingly and run it:
set-executionpolicy RemoteSigned
Import-Module MSOnline
Connect-MsolService
$upn = "sampleuser@domain.com
$oid = (Get-MsolUser -UserPrincipalName $upn).ObjectID
Write-Output "Before:"
Get-MsolUser -UserPrincipalName $upn | select userprincipalname,ImmutableID,ObjectID
Write-Output "`n`nAfter:"
set-msolUser -ObjectID $oid -immutableID "$null"
Get-MsolUser -UserPrincipalName $upn | select userprincipalname,ImmutableID,ObjectID
Now re-enable the sync service in Task Scheduler and run it manually.

If you still see errors keep looking at the results of userdetails.csv mentioned above. Search for the email addresses and Object IDs shown in the error message email.

Feel free to reach out to InterlockIT.com for assistance with your Office 365 Directory Synchronization configuration and fine tuning.

Thursday, November 20, 2014

Interlock IT earns two Microsoft Silver Competencies!

Cloud Computing is entering its second second stage of hypergrowth in enterprises. Forrester estimates the public services cloud market will grow to $191 billion by 2020, a huge leap from "just" $58 billion in 2013.

Businesses of all sizes are looking to roll out fully cloud-enabled productivity suites with a minimum of disruption to their business. We've seen a huge uptick in demand for cloud-based systems that remove the stress of administering your own email system or file server and let you focus on the things that matter—like finding new clients or executing on projects.
Early in his career as Microsoft's new CEO, Satya Nadella knew that the way forward both for Microsoft and other businesses was "mobile first, cloud first." Shouldn't your business be able to work from anywhere in the world, on any device, at any time?

Office 365 plans start at $5.10 per user per month and for $12.90 per month the desktop versions of the Office suite are included. At that price managing on-premises email servers or paying for hosted Exchange no longer makes sense.


As a Microsoft Partner with Silver-level Competencies in both Small and Midmarket Cloud Solutions and Cloud Productivity, the team at Interlock IT is well-positioned to help you move from your antiquated email system that doesn't work at the pace of modern business.

Wednesday, October 29, 2014

Automating Quickbooks from the Cloud

For all the benefits working in the cloud provides, sometimes migrating every aspect of your business operations to cloud services is not an option.  What do you do when your CRM and Project Management are cloud based, but you need to move data back to Quickbooks on the desktop?

One answer: get in touch with Interlock IT.

Our client had already switched their Contact and Project management to Norada's Solve CRM when they did just that:
I would like to integrate the Solve CRM API with Quickbooks to automate our workflow bidirectionally between Solve CRM and Quickbooks. We use Quickbooks Enterprise Construction Edition.
Our first response was to rule out other options, couldn't we move accounting into the Cloud? Specific features of the Quickbooks Contractor edition were mission critical; there was no direct cloud replacement. Xero, Quickbooks Online, and Freshbooks would not meet their needs at this time.

Enter the Quickbooks Web Connector, a legacy application released by Intuit, the makers of Quickbooks, designed to allow desktop editions of Quickbooks to communicate with web-applications, also known as the Cloud!

Armed with a method of communicating with Quickbooks on the desktop, we dug into the clients specific needs and developed the solution below.

Setting a Revenue Opportunity to "Won" in Solve CRM kicks off the process.
When a revenue opportunity is marked Won in Solve CRM, the following occurs automatically:
    • Instantly create a Customer and Job in Quickbooks with details from the Solve CRM Company record.
    • Add an Estimate to the Job and convert it to a Sales Order, using details from the revenue opportunity.
Details from Company record and Opportunity are synced into Quickbooks.
Now the accounts team can take over and work with the project in Quickbooks, tracking progress and financial details on the automatically created job in Quickbooks.

Finally, our system syncs financial report figures back into Solve CRM, allowing for reports on project finances to be generated entirely from data in the Cloud, avoiding a time consuming manual process of matching Quickbooks reports with Solve CRM Opportunities.

Later, Quickbooks report values are synced back into Solve CRM automatically, simplifying project based reporting.
The technology stack used to implement this solution consists of Google Apps Script and Python on the Google App Engine.  Webhooks triggered from within Solve CRM call out to a Google Apps Script living on Google Drive.  The Apps Script processes the Webhook and determines the required action. If Quickbooks related actions are required, the Apps Script passes the request onto the Google App Engine application, which handles SOAP based communication with Quickbooks, using QBXML.

The Quickbooks Web Connector polls the App Engine application and consumes any new actions that have been passed from Apps Script, returning results to the App Engine. The App Engine then feeds data back into Solve when necessary.

The end result is an integrated solution that saves time, reduces errors, and provides staff access to important financial data direct from Quickbooks!

Try Solve CRM for Free.

Wednesday, September 24, 2014

Updated guide to embedding an image in your Google Apps for Work signature

Earlier this year we posted a guide for using Google Drive to host images embedded in your email signature and it's been one of our most popular articles. However, Google recently changed the behaviour of Drive's image viewer, so this method no longer works. Instead, you now need to use Google+ Photos (formerly Picasa) to upload images and link to them directly. Here's how.

First, if you don't have one already, create a Google+ account with your Google Apps for Work email address by visiting http://plus.google.com. (You'll need to make sure your domain administrator has enabled Google+ for this to work.)


Next, either head directly to Google+ Photos or hover over the Home icon in the top-left corner of the page and click Photos, then click the Upload photos link along the top of the page. Upload the image you'd like to use as your signature, and click Done.


In the Share album dialogue box that appears, type "Public" in the To: box and click Share.


The image should now open in an album view; click the image to open it on its own. Right-click on the image and select Copy image URL (assuming you're using Google Chrome; in Firefox this is "Copy Image Location"). The resulting URL will look something like this when you paste it:
https://lh6.googleusercontent.com/-LDvF-aANinE/VCMjrpWet7I/AAAAAAAAA0U/eE1oYgtVrKo/w150-h70-no/Interlockit_Logo%2B150x70.png
Copy this entire URL into the Add an image dialogue box of the signature editor, and you should see a preview of the image you're about to insert.



If you see the preview correctly, click OK and you're all done! The image you uploaded will now be linked in (rather than attached to) your signature, won't make your messages larger than they need to be, and shouldn't trigger spam filters.

If you're a regular Google+ user, then uploading the image(s) you use in your signature will show up in your Google+ stream and other users will be able to see the posts. If you'd rather not have the uploads clog up your stream, head over to your profile, hover over the photo you want to remove from your stream, click the down arrow in the top-right corner and click Delete post. This will not remove the photo attached to the post, but will stop the upload from showing up in your own or others' streams.

Friday, August 15, 2014

Chromebooks and centralized management of devices

We've mentioned in past blog posts that we're well-equipped to tackle anything we might need with nothing more than a web browser and a laptop. So why bother spending hundreds or thousands of dollars outfitting the team with laptops that will only run a web browser? Why not invest in smaller, cheaper, faster laptops that are designed around a suite of web-based applications? That's where Chromebooks come in.
Google's Chromebook Pixel
Chromebooks can boot to the desktop in less than 10 seconds, automatically update on their own, include built-in virus protection, and integrate very tightly with the Google Apps suite. If you're already using Google Apps, it's the perfect laptop for your sales team that uses email, calendar, contacts, Solve360 CRM, Google Drive, and more. Chromebooks can even edit Excel and Word files for no additional cost.

If you still need to run Windows-exclusive software, install one of many RDP (Remote Desktop Protocol) clients from the Chrome Web Store and connect to a Windows Terminal Server or Windows desktop computer.

Add in the Chromebook Management Console and you can manage thousands of Chromebooks from your Google Apps admin control panel to make your life even easier. You can configure wireless networks so users are up and running as soon as they log in, allow or block guest access to the machines, and much more. By design Chromebooks are encrypted and highly secure, and since all your data is stored in the cloud, users can pick up any available Chromebook and be productive in seconds.

A Chromebook even works great offline for drafting emails, managing appointments, and editing documents.

The best part is, as always with Google, the price. Chromebooks start from as low as $249 CAD and a one-time license for the management console costs just $161 CAD for businesses or $32 CAD for education users, available from us here at InterlockIT.com.

Thursday, June 19, 2014

How Google Apps for Business Turned Cobblestone Into an Even More Efficient HR Machine

Employing client-tailored solutions that are unique in a crowded marketplace, Cobblestone Human Capital is a recruitment and HR optimization firm trusted by some of Canada’s top employers, Fortune 500 multinationals and companies across North America and in Europe. Empowering clients with tools, knowledge, experience and support, Cobblestone (www.cobblestonepath.com) drives the success of diverse organizations by helping them to recruit top talent and efficiently manage their human resources at a fraction of the cost of traditional solutions.

CobblestoneGoogle.jpg

Information Technology (IT) is a critical part of what they do.

Being highly experienced, knowledgeable experts, Cobblestone’s employees operate independently and remotely, yet still function as a team to deliver the various components of any HR mandate. Keeping a widely dispersed staff continually in the loop demands both real-time access to information and easy contact with each other.

The Dark Ages

Unfortunately, this demand was increasingly not being met. As Cobblestone’s business grew, so too did the strain on their antiquated backend systems.

The company’s technology was old school. Server-based applications, individual user licenses, constant IT fixes: not a cloud in sight.

Specifically, managing client information was a chore. The team accessed their CRM via virtual private network (VPN), which led to constant delays and lost time. Giant headaches were the norm, usually caused by repeated banging of heads to walls. It was such a hassle accessing the shared server that staff sometimes didn’t enter key information in a timely fashion. As you can imagine, for a client-focused business like Cobblestone, incomplete or inaccurate CRM is deadly.

Furthermore, the CRM required individual licenses specific to each employee’s operating system. Not only was this costly, it required constant IT supervision. Not a week would go by without a service call from an IT specialist to fix the latest glitch.

And nothing talked with anything else. Client management, invoicing and accounting, all handled by standalone apps, sat in separate silos. So huge amounts of time were wasted shifting between each system and trying to ensure consistency across them.

IT had become a constant distraction. It was affecting business relationships and the bottom line. Staff were fed up with inefficiencies that were making business and project administration more challenging than it needed to be. Something had to give.

The Clouds Part

Being an HR shop, Cobblestone’s leaders listened to their team. They recognized that growing the business while continuing to deliver maximum value to clients warranted a complete rethink of their IT systems.

Cobblestone expertise lies in HR & recruitment, not IT. Of course, its people have a firm grasp of the technologies that can power an effective backend. But when it comes to implementing specific solutions, they knew it was critical to turn to outside experts.

Enter Blair Collins at Interlockit.com. His task was to pick up where Sheepdog (a cloud computing consultant) left off. He worked to help Cobblestone redesign their IT systems, with a goal to streamline all their processes, from CRM to communications, to invoicing and accounting.

Blair worked with Cobblestone to build on the foundations of Google Apps for Business deployed by SheepDog. This provided the platform through which various applications now connect and work seamlessly together. He also made informed recommendations on which third-party apps to consider for managing sales prospects, billing clients and keeping track of finances.

Thanks to Blair’s good work and sage advice, Cobblestone’s operations now hum along nicely:

  • Team members connect through conference calls within Google Hangouts.
  • Incoming calls, including those to the toll-free number, are routed through a VoIP system.
  • And through API connections and single sign-on, Cobblestone’s Google Apps link to its other cloud-based applications: Solve360 for CRM; Freshbooks for invoicing; Xero for accounting; and Compas for ATS.
  • A change made in one application is immediately communicated to and reflected in other relevant apps. So for example when a client pays an invoice, the CRM and accounting data gets updated accordingly, and notifications get sent via email to the right team members.

Critically, the ancient server got the boot. Everything has moved to the cloud, ensuring that information is accessible in real-time, wherever and whenever needed.

And just as importantly, costs have dropped significantly. It’s less expensive to use Google Apps and other solutions than the old system. And with the efficiencies made possible by the change, team members spend less time managing information and more time on servicing clients. Cobblestone can in turn pass savings on to clients, who benefit from rates up to fifty percent below the competition’s.

All in all, these changes have given Cobblestone the edge it needs to focus on delivering HR and Recruitment value to clients.

Case Study in Google Doc format

Friday, June 13, 2014

Customer case study: Google Apps and Xero work together to drive efficiency

At InterlockIT.com, we're Google Apps Resellers with a CPA on staff who noticed that there was a distinct lack of integration between accounting software (specifically Xero) and the wonderful collaborative features built in to Google Spreadsheets. We wondered if there was a way to maybe get the two to work together...

We built our powerful Xero reporting engine called Blink Reports to give users a faster and easier way to produce financial spreadsheets and reports from their accounting data. What we've learned along the way is that we can do so much more with the new Google Spreadsheets and Xero than we ever imagined was possible.



TargetCW is a leading provider of contingent workforce services across the US and overseas. Their corporate Kaizen philosophy of continuous improvement applies to their accounting and financial processes too. Xero recommended that Ryan Anning at TargetCW test out our Blink Reports for Xero reporting engine to overcome the limited number of columns that are normally shown on the profit and loss statement. Ryan's goal was to produce a revenue and cost analysis by worker which requires a report with more than a few hundred columns! It turned out that his need was so unique that initially our Blink Reports engine would produce an error due to waiting too long to receive the data from Xero.

On a standard profit/loss report, it's unlikely that you'd need such a wide spreadsheet, and indeed Google Sheets has traditionally had a 256 column limit. Thankfully, with the new version of Google Sheets (now the default), this limit and a number of others no longer exist. Need to generate a huge 100% cloud-based spreadsheet, with up to 2 million cells and the share it securely in real time with others? Not a problem. Google Sheets will do it for you right from within your web browser.

The technical side of how we fixed Ryan's challenge is quite clever, but we won't go into too much detail here. Mainly, we're using Google App Engine to handle all the hard work between the user's Google Spreadsheet and their Xero accounting data. Due to the flexibility of Google App Engine we were able to adapt our code, test it live without impacting existing Blink Reports users, and then make it the production version with zero downtime.

The solution means that Ryan can now generate large reports like the one you see below (click to enlarge). Note the columns stretch all the way to KJ—representing nearly double the original column limit—and it will continue growing as needed.


Xero's built-in reporting engine has good functionality, but when you need to analyze the data in a spreadsheet you're forced to export the report to Excel or Google Sheets format. This leads to static financial data that becomes quickly out of date. To put it bluntly, Xero simply cannot generate reports to rival what we can do on the Google Cloud Platform with Google Sheets.

With Google Spreadsheets and Blink Reports, all of a sudden you can review this month's revenue and expenses by worker, then change two date fields and see a different month (or even year) for comparison.

Offloading the pain of financial reporting to Blink Reports from Interlockit.com means that Ryan at TargetCW can now work more quickly through his finances and focus on the things that matter: generating business instead of generating spreadsheets.

Friday, May 23, 2014

Microsoft Azure vs. Amazon Elastic Cloud Compute (EC2)

In our increasingly cloud-based world, it can be difficult to work with more traditional client- or server-side tools to do what we need. At Interlock IT, we're well-equipped with nothing more advanced than a web browser and a laptop for day-to-day work, but sometimes we just need that little bit of extra horsepower.

So, what to do? Well, we could spend thousands of dollars building our own workstations and servers, but why not leverage the cloud once again? A couple of years ago, we started using Amazon's Elastic Cloud Compute (EC2) service; a central part of their Amazon Web Services infrastructure. AWS powers a host of websites, services, and more that you probably use every day—including, notably, Netflix.

EC2 allows you to get servers up and running in an Amazon datacentre fairly quickly and relatively painlessly. But even Amazon, for all their consumer-friendliness, hasn't managed to make it quite easy enough just yet. Setting up a new server takes many steps, including opening ports, setting security groups, assigning storage blocks (and choosing which type you'd like), and more. It's a lot of initial setup work, but once you're up and running, it just works.


Microsoft, on the other hand, has been steadily building out it's own Azure cloud platform since it launched in 2010. While Microsoft's service is a little younger (Amazon had a four-year head start with EC2), it meant that Microsoft could take a look at what Amazon was doing and set up their service a little bit differently.

Instead of having to wade through fifteen menus to get a new server up and running on Azure, there's five simple screens that ask you for a bit of information to set up your server, and then Azure does the rest.


I've done this repeatedly over the course of the last few months since we started using Azure and can get a new server up, running, and connected in less than five minutes. It's great!

To make things even better still, if you pre-pay your Azure account, the system can track your daily usage and forecast what your bill will be at the end of the month. No more worrying if you're going to be stuck with a huge bill at the end of the month.

We've switched most of our Windows cloud server needs to Azure because we find it a more powerful, easier-to-use option than Amazon's venerated EC2.

Wednesday, April 16, 2014

Google Docs merging with Norada's Solve360 CRM

With the introduction of add-ons to Google Docs and Sheets last month, Google has greatly simplified what used to require the manual copying and pasting of Google Apps Script code.


Our most-often recommended CRM product, Norada's Solve360, has now introduced their own add-on for Google Docs that allows you to create merged documents and labels from records that already exist in your Solve360 database. We've tested it, and it works very well, with a couple of caveats. The biggest is that you can't create a form letter and mass-email it to your contacts; you can only email a merged document to an individual contact. Additionally, the merged document is attached to an outgoing email as a PDF.

Before you can start merging, you have to lay the groundwork for these new features. If your Google Apps domain is on Scheduled Release rather than Rapid Release, you'll need to manually enable add-ons for your users through your admin control panel. Next, either search "Solve360 CRM" in the add-on store or click this link to open the add-on's page. Click the Add-ons Install Button button in the top right-hand corner of the page, follow the prompts, and the add-on will be installed for you, though it could take up to an hour if you're adding it to an existing document.
Note that add-ons are installed on user accounts and are not domain-wide; if you want all your employees to have access to this feature, they each need to enable the add-on.

Most often when you're merging from a CRM to generate a document, it's some sort of form letter that is semi-personalized for multiple recipients. In this case, you'll need to change the first drop-down box in the add-on control panel to "set of documents" from its default, "documents". (If you want to create a single form document, feel free to leave this setting at its default; Norada has some great help docs here that you can follow.)

This feature works best if you use Category Tags to separate your contacts into appropriate groups. For this example, we'll use our "Customer-Google Apps" tag:


After clicking "Load records", we're presented with a brief summary of the number of contacts (in this case) that we'll be merging. You can see that our category tag contains 206 contacts that match the tag "Customer-Google Apps".


Switch back to your document and write out your message. Make sure that you write it in such a way that you can simply drop your Solve360 fields in place using the "Insert fields" button to insert the appropriate Solve360 fields into your message, like the document below.


Click "Create document" and wait for the system to chew through all the records (it could take a little while). You can now view the merged document in Google Docs or download it as a PDF. To send multiple messages, open the merged document in Google Docs, select the first merge, and copy and paste it into an email.

Google Docs and Sheets add-on functionality will only grow as the services become more full-featured, so if there's something you want to do with Google Docs that you couldn't in the past, check them out.

There are already dozens of add-ons available and they've only been around for a month!

Friday, April 11, 2014

The Heartbleed bug and why a secure password matters even more now

In early April 2014, a huge vulnerability was uncovered in a cryptographic software library used by an estimated two-thirds of web servers currently in use around the world. This vulnerability allows an attacker to request data from the memory of any server that uses OpenSSL and potentially read unencrypted passwords, confidential or sensitive information, e-mails, or anything else the server happens to return.

According to Ars Technica:
The leak is the digital equivalent of a grab bag that hackers can blindly reach into over and over simply by sending a series of commands to vulnerable servers. The returned contents could include something as banal as a time stamp, or it could return far more valuable assets such as authentication credentials or even the private key at the heart of a website's entire cryptographic certificate.
Just how bad is this bug? Mark Loman, a malware and security researcher at SurfRight, tested a few public servers after hearing early reports of this bug and noticed that plain text usernames and passwords were being returned to him by Yahoo Mail, one of the world's most widely-used webmail services. Further investigation showed that Flickr, Tumblr, and a number of other Yahoo properties were vulnerable, potentially exposing millions of users to account compromises.

Mark posted a pair of screenshots to Twitter that show account credentials in plain text (see below). Mark courteously obscured the usernames and passwords affected, but it's not hard to imagine other people being somewhat less polite.


Tell me the truth, doctor, how bad is it?

On a scale of 1 to 10, the general consensus is 11. Remember, the servers involved have potentially been leaking their private security keys which means anyone can 'fake' being them, and you'd have no way of knowing for sure.

What does this mean for me?

If you're a systems administrator who controls a number of servers, it means lots of work to get everything patched and authenticating properly again.

One option is to start using a password manager. So many web servers use OpenSSL that it's likely some service you've encountered at some point will be compromised. Limit the attack vectors to your accounts by using unique passwords, and even if someone gains access to that forgotten account you set up once, they won't get access to that important account that you use every day.

Also use two-factor authentication wherever you can. Two-factor authentication protects you even in the event that someone does manage to get your password by requiring a second, randomly-generated "token" that expires every 45 seconds or so to allow you to access your account.

Thankfully, if you use Google Apps or Microsoft Office 365 you're safe. Microsoft doesn't use OpenSSL and instead relies on its own encryption mechanism and Google Apps/Gmail has been using forward secrecy since November 2011. Google is patching other services affected by the Heartbleed bug, but it never hurts to change your password regularly.

Wednesday, April 2, 2014

Google Apps, Uber, and Netflix – Disruption and doing things 10 times better

As a relatively small market compared to the ten-fold larger United States, Canada is slow to receive the latest in disruptive technologies. Netflix rolled out its now-ubiquitous video streaming service in the US in 2008, and Canada didn't get Netflix streaming until September 2010. Now incumbents like Rogers are racing to provide Netflix-like functionality.

Uber
Uber does everything you need
and looks good doing it.
Another example is the oft-beset-upon taxi service Uber. Traditionally, when you need a taxi in a hurry, you either run to your nearest major street and hope that an empty one rolls past or you phone the taxi company. Then you have to wait for the taxi to show up and hope it's not nabbed by someone else in the meantime. Once you arrive at your destination, calculating the tip, giving payment, and getting a receipt is a cumbersome process that hasn't changed significantly in many years.

Uber allows anyone to request a ride via a mobile app or the web. Drivers arrive curbside in just minutes, you can track the movement of your ride, and you receive a text message when your driver arrives to pick you up.

Once you've arrived at your destination, Uber handles the payment automatically through the app and your online account. No need to fumble with cash or wait for a credit card transaction to process through a painfully slow payment terminal over a cellular connection. With Uber, the cab driver simply ends the ride on his smartphone and the payment is processed. You'll have the receipt in your email by the time your feet hit the curb.

Uber first launched in San Francisco in 2009, and has since rolled out to more than 50 cities in 20 countries, including Toronto and Montreal. The service only recently launched in Toronto area, though, and since it relies on local drivers to provide rides, there aren't many cars available in the area just yet. In San Francisco, "No one under the age of 40 with a smartphone is going out and getting a cab anymore."

I had the opportunity to experience first hand how Uber has transformed the marketplace in San Francisco while attending the 2014 Google Global Partner Summit. My three Uber trips were an eye-opening experience that tells me this is going to cause a similar market disruption in Toronto. It's just a matter of time.

Mississauga Taxi
On the other hand, Mississauga Taxi
looks and behaves as dated as it is.
Local companies like Mississauga Taxi have an app that works, but it doesn't see much competition from Uber at the moment. They haven't taken it to the next level to turn it into a disruptive technology. The Mississauga Taxi app omits vehicle choices, automatic payment processing, visibility of cars in the area, or a custom pick up location by dropping a pin. Its address search is cumbersome as it couldn't find the local Port Credit GO Station which Google Maps finds and autocompletes before I finish typing it.

The one nice feature was the ability to monitor the location of the cab dispatched to pick me up. After that, the taxi ride and payment experience is just like the old days and it took me longer to use the app than it would have to pick up the phone and call the cab company. In fact, when I arrived at my destination the Mississauga Taxi driver was fortunate that an individual not willing to wait for the next train to downtown tapped on his window and asked for a ride. However, the in-a-rush new customer had to wait while my cab driver booted up the payment terminal from scratch, entered the cab fare, inserted my credit card, let me enter the tip amount, my pin code, wait for the slow cellular data connection to process the payment, then finally print the receipt. With Uber in San Francisco, I simply got out of the cab and felt my smartphone vibrate immediately with the emailed receipt. What a massive difference in customer and driver experience!

Technologies like Netflix and Uber tend to be borne out of frustration with the traditional way of doing things, and Google thinks the same way, all the way from the very highest levels. Larry Page has said he, "expects his employees to create products and services that are 10 times better than the competition." Why? Because products and services like the Google Apps won't cause market disruptions if they are designed to be only two or three times better than the incumbents like Microsoft Exchange and Lotus Notes. You have to start fresh and completely change the way things are done to have any hope of making things 10 times better. Only then will you cause a disruption.

Miss the disruptive wave and you can end up like BlackBerry, a business that will continue to survive, but will also continue to downsize to match their shrinking customer base.

So why stick with the incumbents who always seem to be two steps behind, responding with too little, too late? Get Google Apps for your business now and earn more money like the individual taxi drivers in San Francisco that ditched the traditional cab company and switched to Uber.

Google Apps let you work the way you live by enhancing consumer products used by billions with the features and controls that your business needs to be productive, innovative and successful. Google Apps will change the way you do business!

Thursday, March 13, 2014

Web Marketing Tip: Facebook's organic reach is rapidly approaching zero

In a prior post we discussed how Google+ is mission critical to your marketing efforts. Facebook "Likes" on your brand's page continue to diminish in value because your posts are not seen by your audience unless you pay Facebook for the privilege.  The best posts now only reach about 12% of your total audience.

We recognize that we can appear biased towards Google+ since we're a Google Apps Premier SMB Reseller, so we felt our earlier post deserved a followup. These two articles confirm our opinions, and there are many more along the same lines:


Don't get distracted by your website analytics telling you that Google+ is not important. Like any other social media platform, you have to focus on publishing good content and building a following before you'll see the results of those efforts.

Tuesday, February 25, 2014

ArrayFormula, Match and Offset in Google Spreadsheets

This is a repost of our contribution to the Google Gooru website that provides Tips, Tricks, and Tools for Gmail & Google Apps.



The arrayformula in Google Spreadsheets has a number of great different use cases. This video pairs the arrayformula with Match and Offset to pull in a constantly updating range of data in one sheet to create a chart in another sheet.

The advantage of using the arrayformula in conjunction with Match and Offset is it allows you to constantly add rows to your selected range, so you never have to worry about updating the formula. This would work great, for example, if you were pulling from the responses from a Google Form and wanted to consolidate them into a chart.

This video also happens to use our recently released Blink Reports Add-on for Xero Accounting!

Tuesday, February 18, 2014

Embed an image in your Google Apps signature using Google Drive

A recent update to Google Drive has broken this method of inserting images. To see updated instructions, click here.

If you're used to Outlook or other traditional mail clients, Google Apps' signature can be a little confounding at first blush. Inserting an image looks like it should be as easy as clicking a button and choosing the image you'd like. However, if you click the insert image button, what you'll see instead is this:


Now you're stuck unless you use third-party image hosters like imgur, ImageShack, or Photobucket. While these products work just fine for general hosting, they might be blocked by corporate firewalls, or cause a host of other problems. But are you really stuck?

As is usually the case when Google goes against the grain, there's a reason why they've chosen this route rather than the "traditional" route of attaching an image file to each email you send. The first is the obvious one--it saves you from actually having a file attachment on each message you send, which reduces e-mail message sizes. Secondly, and more importantly, it helps you avoid having your messages sent to spam. Many mail servers look for images attached to messages as a sort of "flag" that the message might be spam.

Luckily, if you use Google Apps for Business (or, indeed, a free Gmail account), you have the Google Drive cloud storage application to help you out. First, find the image you'd like to use in your signature and upload it to your Drive. Next, ensure that the image is shared publicly (with view-only rights, not edit rights), so that anyone you send emails to will be able to see the image without having to be signed into a Google Account.


Once you click "Save", you should be taken back to the initial sharing dialogue box, which will show you who the file is currently shared with along with the URL to access it in a text box along the top. What we need here is the File ID, which is the two-part string of characters in between /d/ and /edit, as seen below:


Now, we need to trick Google Drive into thinking we're exporting the image, so that we can access it outside of the standard Google Drive image viewer. To do so, we'll use this URL: http://drive.google.com/uc?export=view&id=<FileID>. Here, we replace <FileID> with the text highlighted in red above. So we'll use http://drive.google.com/uc?export=view&id=0B_T9jgOMjQ5lN2Z4UWhpZGRTM1E. To test if you've got the right image, simply copy and paste your URL into your browser's address bar and hit enter. If you see only the image show up, then you've done it correctly, and can use this URL to insert an image into your signature.


Go back to your signature editor, click the Insert Image button, and paste in the URL we generated a moment ago. If you see the image load in a preview just below the URL box (it might take a few seconds if it's a large image), then you've got the right URL. Click OK, and you're done! That image will now be linked in your signature, won't take up extra space, and shouldn't trigger spam filters.

All this work saves you from having an attachment on every message you send, which certain spam filters don't like, and will allow you to quickly and easily change your signature's image, as long as you use the "export" URL listed above.

Tuesday, February 11, 2014

Using YouTube Live and Hangouts On Air for Google Apps domain-restricted town hall meetings

If you've ever wanted to hold a private town hall meeting for your organization but haven't been able to get everyone involved because of geography, time zones, and other factors, you can now join the ranks of Conan O'Brien, Tyra Banks, The New York Times, Deepak Chopra, Cadbury, and the Miami Hurricanes by using Google+ Hangouts On Air and YouTube Live.

Best of all it's included with your Google Apps for Business subscription for no additional cost.

There are a couple of prerequisites to being able to broadcast live either to the Internet at large or just to your organization. First, you must have a YouTube account that is in good standing--meaning you've got no strikes on it. If you don't have a channel, create one and verify it via SMSOnce your YouTube account is configured, make sure that your Google+ profile or business page is connected to your YouTube channel. If you've just created a YouTube channel, this is done automatically for you. For existing channels, you can connect it to a Google+ profile or a Google+ page. If you previously used your Google+ page to broadcast to a Google+ profile administrator’s channel, you need to link the page to its own YouTube channel.

Now you're ready to broadcast using Google+ Hangouts On Air and YouTube Live! Navigate to your Video Manager:

Once you're in your Video Manager, click Live Events in the left-hand navigation menu:

You'll notice at first that there are no events scheduled. Click "Schedule a new event" or the "New live event" button on this page and you'll be taken to a page with lots of options. Most of them are pretty self-explanatory, such as title and time, however there are a few things that need to be configured to make sure you're not broadcasting to everyone in the world.

On the "Basic info" tab, click the "Public" drop-down box and select "Private". A new text entry box will be added to the page and you'll be able to share the broadcast with Google+ Circles, specific people, or your domain. For a town hall-style meeting, we recommend setting it to your Google Apps domain name circle, though you can add as many or as few people as you'd like. When you pick the Private option, anyone who wishes to view the broadcast must have a YouTube or Google+ account tied to the e-mail address or domain you've shared the broadcast with and must be signed into that account. Some of your Google Apps users might have to create their Google+ profile for the first time to access the YouTube stream.

Make sure "Type" is set to "Quick" so that you don't have to do any extra setup work, and leave the Advanced Settings screen alone, unless you'd like to add location data or a recording date.


Click the blue "Go live now" button, and you'll receive one final warning to let you know that you're about to go live.

If everything is okay, click the OK button, and now you're broadcasting! You can monitor the feeds on the fly through the Google+ Hangouts On Air window that pops up, or by clicking Live Control Room on the broadcast setup page:


From this control room, you can monitor people who are watching your video, add or remove abusive viewers, mute attendees, and more. It's like having your own TV station control room, right on your PC or Mac!

And, of course, anyone who tries to view your broadcast without the proper rights to see it will simply see a message pop up telling them that the video is private.


Once your event is done, YouTube will automatically save the video online with its sharing permissions intact, so that anyone who missed it live can watch it again whenever they want.

Thursday, February 6, 2014

Google+: not a social network but a social layer that's mission critical to your marketing efforts

Google+ has over half a billion monthly active users, over 1 billion registered users, and the +1 button gets clicked 5 billion times per day. Some forecasts suggest that it is on track to overtake Facebook in 2016. The Google+ audience tends to be made up of early adopters, technophiles, people in various high-tech industries, and more enthusiastic users of technology.

Yet the majority of small- and medium-sized businesses continue to ignore it because, in their eyes, everyone is using the currently more popular Facebook. We see it in our own Google Apps customer base, and maybe your company behaves the same way.

At Interlockit.com we've chosen to largely ignore non-Google services in our own marketing efforts and we still show on the first page of organic search results for "Google Apps Toronto". Maybe we could achieve first place if we worked hard on a Twitter and Facebook presence, but we feel that with limited time and budget, focusing on Blogger and Google+ with their integrated "social layer" is generating the highest return on investment.



97% of consumers search for local businesses online. Your local Google+ page connects you with customers in Search, Maps, and Google+ no matter what device they are using.

Note this article's headline: "not a social network but a social layer." Google+ is a social layer intimately connected to your business' search engine results. The "social layer" shows who in your circles has +1'd your search engine results. You're certainly more likely to click on the link that your contacts have recommended.

Google+ is integrated with paid advertisements on Google's Adwords advertising platform. Search for Cadbury on Google.com to see how their ads integrate with their 3.1 million followers on Google+.

Google+ is a key connector, the glue that integrates your social and business network across Google's vast offering of services.

If your business still doesn't have a Google+ Business page, set one up now and link it to your website!

Friday, December 13, 2013

How Google Apps and Gmail Image Caching Affects Marketing Emails

MailChimp has done a good job clarifying the confusion on the impact of Google's recent change to how images embedded in emails are displayed. Ars Technica's Ron Amadeo, for example, misunderstood the impact of the change but has since revised his article with updated information.

Many of our customers use MailChimp or Constant Contact for email marketing since they integrate beautifully with Norada's Solve360 CRM and other CRM solutions. MailChimp also integrates with Google Apps so that you don't need to remember yet another password and can better protect your account with Google's free two-factor authentication.

Google Apps and Gmail accounts represent about 475 million users worldwide.

The key points are:
  • The tracking of unique opens of marketing emails by Gmail web interface users is improved by this Google Gmail change.
  • The tracking of repeat opens by recipient is defeated by the image caching used by Gmail for web interface users.
  • Gmail users that access their email via POP or IMAP clients like Outlook, native iPhone mail, etc., are not affected by the change since the client software opens the images.
  • The privacy of Gmail and Google Apps users is greatly improved by the change since your own computer's IP address, which can disclose your physical location, as well as browser and version, operating system, and more, is no longer disclosed to the sender by the unique images embedded in emails by all the leading email marketing software solutions.
Certainly reach out to us at Interlockit.com if you'd like to learn more about this change.