SMB Nation Blog

SMB Nation has been serving the Bainbridge Island area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Top Three Reasons Why HTTPS Should Be Enabled on Your Website

http

 

By Paul Simons

Spamming, hacking and the breach of cyber security are an unfortunate reality of the digital world. According to some reports, almost one in three internet users in the United States are a victim of cyber crimes in one way or another. The cyber security attackers are launching more and more harmful malware every day and are evolving their techniques to strike more devices than ever before.

The situation is even more alarming for small businesses and ecommerce stores. Some statistics indicate that almost 64% of online companies have experienced web-based attacks and millions of customers have been affected. This means that online retailers must take necessary safety measures to secure their websites and ensure that customer’s sensitive information is duly protected.

The Battle Against Hackers
The moment you create a website, it is at the risk of being hacked. As an online retailer, there is nothing more threatening than the damage done by hackers. Once they manage to penetrate, they can destroy all the records, steal information, and most importantly, they just ruin your customer reputation.

There is a lot you can do to secure your ecommerce website. The first and the foremost measures are to make sure that your passwords are secure, admin pages are hidden, and HTTPS is enabled on the website. Furthermore, you can use parameterized queries and CSP, limit file uploads and install further security plugins.

HTTPS – The Ultimate Warrior
HTTPS is the ultimate missile in your arsenal. What it does is that it encrypts the information traveling between a browser and a web server. This means that the communication between the browser and the website is protected from “man-in-the-middle” AKA hacker’s attacks. HTTPS typically deploys one or two secure protocols to encrypt communications, so the customer’s credit card information and logins remain secure from the perverts.

There are many instances when users need to share credentials like signing up for an account, placing an order, or submitting reviews and testimonials. They need to ensure the website is secure and trustworthy. The presence of SSL certificate symbolizes that the website is secure enough to share personal details. But, still they need privacy while placing orders or submitting details.

The eCommerce websites that are powered by stand alone platforms like Magento or PrestaShop are made secure by default, whereas for improving user experience, merchants can integrate extensions and add-ons. Magento Testimonials extension is one of the reliable tools that create an autonomous environment for the end users to submit testimonials without fearing for data theft, whereas, the installation of SSL certificate is like the final nail in the coffin in gaining the consumer trust to share personal details.

Difference between HTTP and HTTPS
For someone who is new to web development or internet business might find it hard to figure out the difference between the two. HyperText Transfer Protocol (HTTP) is an application-based protocol designed for distributed, collaborative and hypermedia information systems. Whereas, HTTPS connections include an SSL certificate and the computer agree on a “code” that will transfer between them. They scramble the messages using that particular “code” so that no one in between can read them. This means that HTTPS connection is far more secure than HTTP connection.

Some Extra Benefits of Using HTTPS
Earlier, HTTPS was primarily used by the websites that involved the use of sensitive information or payment gateways. However, due to the increased security concerns and the severity of cyber security breach, HTTPS is now a must-have feature for all websites.

Apart from security, I have discussed further reasons why HTTPS must be enabled on your website.

Read More 

 

Continue reading

Keeping Up with the Releases

There are a lot of great things to say about the faster release cycles we see with software these days. Bugs are fixed and features become available to us sooner, security issues are resolved quicker too. In a lot of cases, our operating systems and software packages are smart enough to check themselves and let us know updates are available or automatically install themselves.

I work between two different machines regularly and depending on my schedule sometimes favor one software updatemachine over the other for several weeks at a time. For better or for worse (mostly for the better), Windows 10 takes care of itself for me, as does Visual Studio Code and Docker for Windows. This means I often find myself sitting down at the “other” machine and once again waiting for those updates to install. While sometimes I admit to rolling my eyes in frustration every time I get an update alert, I do appreciate that I don’t have to think about those updates otherwise.

But for software that doesn’t automatically update, I will sometimes find myself wondering why demo notes I’ve drafted on one machine suddenly aren’t working when I try them on the other machine or worse, blaming documentation for being incorrect when the commands don’t work as instructed.

When it comes to documentation freshness vs software freshness… Let’s not go there today. I generally always start with docs.microsoft.com when I’m looking for information about Azure and other Microsoft products. While nothing is above being error free and sometimes out of date, more often than not my problems exist between my keyboard and monitor – in the form of some piece of software needing an update.

The top two things on my machines that I have to manually update regularly are:

Read More

Continue reading

New SMB Channel DevOps extends Slack/Autotask

 

Wise minds are always innovating. That’s exactly what’s occurred with long-time SMB Nation member Grace Schroeder (remember the Idea2 CRM?) with her new company Slingr.

Schroder and team have launched a supporting actor application in a category I just made up called SMB channel partner ecosystem extenders. Essentially Slingr found a gap that needed to be filled. In particular this blog concerns Slingr’s integration of Slack to the Autotask professional services automation (PSA) solution.

I spoke with Slingr executive Thomas Beck at a recent cloud computing event in the Seattle area to learn  slingr thoms beckmore. “Essentially Slingr is a low code, high productivity application platform as a service combined with an integration platform as a service capability. Our value proposition is that you can build and integrate apps much more efficiently than starting app development/integration from scratch.” Beck shared. “We’re so efficient that , on average, you save about 80 percent of time on labor and resources when building from a platform basis versus the alternative of building from scratch.”

 

With Thomas Beck (right) from Slingr.

Autotask Integrations with Slack

I asked about Slingr’s new Autotask/Slack integration solution. “We build a lot of apps and integrations for our customers. Sometimes we have ideas or requests from customers like ‘Hey – we wish this was something that did this’ and one of those requests came from a friend in the MSP community who shared a lot of MSPs are using Slack and Autotask.” Beck said. “The basic request was could you make Slack and Autotask work together. We determined it was a broad enough market profile and that exactly what we’ve done: integrate Slack and Autotask.”

Okay. I asked how would I use the Slack/Autotask integration in the day in the life as an MSP? “Think of it this way. If you use Slack, you tend to start living in it; Slack becomes your windows to the world. You stop wanting to get out of Slack and you don’t want to swivel chair to another app to get something done because that’s inefficient and loses productivity.” Beck shared. With the Sling bot for Autotask/Slingr integration, you can do 90% of what you need to do in Autotask by staying inside Slack. All within ten commands. You can open, assign/reassign, check and fetch tickets, etc. all with in Slack.

Get the App and Costs
Download from the Sling.io app store.
Free ten (10) day trail
Costs are $9.99 per user per month

Roadmap
I asked if the Datto acquisition of Autotask has impacted the integration. “No – nothing has been broken.” Beck said. “Everything is still full operational. Based on the success with the Autotask/Slack integration, we expect that we’ll expand into the other PSAs such as ConnectWise. Everything is driven by customer feedback.”

Finally, I asked how MSPs can work with Slingr? “We do have a partner program for MSPs that want to work with clients. Take an two or even ten applications and you can partner with Slingr to build integrations. We can work with the MSPs and clients to be an enabler on digital transformation. All in the cloud; partially in the cloud, etc." Beck stated.

Continue reading

10 Best SEO Audit Tools for Websites & Blogs

seo audit tools

 

SEO Audit Tools make it easy to perform an SEO Audit of Websites & Blogs automatically. Otherwise, doing an SEO Audit can be very time consuming and involve tons of complicated manual checks. Luckily, there are plenty of good website audit tools available online. Here’s a list of Top 10 SEO Audit Tools that you can use for your websites & blogs.


10 Best SEO Audit Tool for Website SEO Audit

It’s important to remember that there is no one-size-fits-all SEO Auditing Tool for Websites. You need to try out each of these good SEO Audit tools to see if they fit your requirements, before picking a website auditing tool to improve your search engine results.


1. SE Ranking Website Audit

SE Ranking is an amazing SEO Audit Software for web developers, content writers & web designer. It identifies all Website Errors in minutes and provides a list of tasks to improve website SEO performance. It performs SEO Audit of your website based on more than 70 parameters such as On-Page SEO, Meta Tags, Content, Domain Checks, Image checks, Link Analysis, Usability, Mobile SEO Optimization and Website Technologies.

Here’s an SEO Audit Report Sample

seranking website audit

It generates a detailed and free SEO Audit Report that provides a website audit checklist of Errors, and Tips to improve SEO performance of your website & blog. After completing the SEO Audit Analysis, you can even export the Audit Report as a PDF or email it.

Read More

 

 

Continue reading

The Evergreen Dream – Security in 2018

It’s that time of year when pundits are preaching what’s hot and what’s not in the new calendar year. As a fancy pants analyst sitting at his desk on Bainbridge Island typing, I resemble that. Today I want to focus on security. Recently I checked off the box on IoT here.

Security Supply Chain
For five years, I sat on the program advisory committee for

ITT Technical Institute (a for profit college that ultimately was shuttered for student lending ITT tech instituteirregularities but that’s for another blog and way past my tenure LOL). Despite what you read with a simple “ITT” search, I can tell you this – they were spot on with a focus on technology-based security. In their information systems curriculum, it was brilliant. At the time, there was only one academic major: security. The system had over one hundred campuses, typically in office parks and near major employers like Boeing. By my estimate, it was training 10,000+ technology professionals annually. They all used the same curriculum (books, syllabus, etc.) and were literally on the same page. That is, if you attended ITT in Everett Washington near Boeing and your job transferred you to Long Beach, CA; you would start on the same page (e.g. Page 56) that you were on the prior week in Everett. Hope that makes sense but it was a solid way to teach security across a large student population.

More importantly, this example of ITT and security underscores the importance of filling the supply chain with talent. This is both an opportunity (especially for a young person in college looking for the next great thing) and clients and firms seeking training talent. Does that make sense?
If you kill the supply chain, you kill the industry.

Can’t Swing a Dead Cat
Looking over the other annual forecasts in the SMB channel plus the line card for 2018 conferences, I see no shortage of security conversations. Ours is an industry of excesses and pendulum swings so it’s not a surprise that security is one of the most mentioned/trending topics. That’s typically a warning sign (my first “overexposure” to trends in this industry was the introduction of switches a lifetime ago). However, security is different. It’s an evergreen and just keeps getting greener.

One to Watch
Security is a huge topic with lots of niches and areas of expertise. So let’s take a small bite to chew on. In 2018, I’m encouraging you to keep an eye on a nimble and spunky ISV called NinjaRMM. It’s core business is measurement. But as the old song goes, that which we can measure, we can manage. And that’s both the beauty and simplicity of the ninjaRMM single pane of glass management console. One of its IP assets concerns its acquired knowledge in the security field; and I’d offer it’s roadmap investments in the security space in 2018.

Tags:
Continue reading