For years, technologists have been promoting digital transformation, using technology to communicate rather than having to attend endless, often pointless, meetings. Corona virus, lock-down and working from home has really pushed many businesses to take a fresh look at the options available to them.
Lock-Down means that a lot of us are having to work very differently, working from home, whether from a home office, the dining table, the kitchen table or a bedroom dressing table or a shed at the end of the garden it’s all quite new.
There’s no doubt that as a result of this forced, rapid, transition, many of us will find that continuing to work from home is far better than commuting to an office, warehouse, workshop or other business location. And, in the long term, everybody wins. No commuting means time saved, no travelling to meetings means time and travel costs saved and no travelling is much much better for the environment too. It also means we get to spend more time with our families.
There are a number of platforms that will help you to do this. Simple platforms such as Skype and Messenger are familiar to a lot of people, Google Hangouts and Microsoft Teams are also in pretty common use but they often lack some of the features that make video-conferencing much easier.
Video Conference Options
The key features that I look for include
Maximum permitted meeting length
Screen sharing – so that I can share presentations etc.
Recording, can the session be recorded so that I can share it with the delegates for them to refer back to?
What services do the free accounts NOT have?
As an example, Zoom, which has really increased in popularity over the last couple of months has a Free account that allows video conferences of any length with 2 people but this drops to just 40 minutes for 3 or more but does permit screen sharing. However, there are concerns over the security of Zoom.
To overcome this, the Zoom Pro account at £143.88 + VAT annually increases the meeting length to 24 hours and provides 1Gb of cloud storage,
Webex, a Cisco product, is more secure. The free account limits the number of people in your call to 100, places no limits on meeting length but does not offer any recording and does not offer screen sharing.
The Webex Small Teams account, £135.00 + VAT PA adds screen sharing and recording to the free account.
If you want any help with your digital marketing please don’t hesitate to get in touch for an informal chat by email (firstname.lastname@example.org) by phone (01793 238020) or ask me on Social Media – Linkedin or Twitter and I’ll be only too happy to talk.Thanks for reading and I hope you stay well
Times are tough, I know but having worked with companies through 3 recessions I know that some will thrive, some survive and others go to the wall.
Some will fail no matter what they do but for a lot of companies there are alternatives.
You can accept the status quo and roll with the punches OR you can fight for your survival.
My experience is that those who fight for their survival will come through the current situation fighting fit and with a great chance to thrive because they will be better than they were and they’ll be ready to leap on opportunities that have been left begging by those who simply accepted the status quo.
So FIGHT for your business and if I can help – get in touch.
Even with Corona Virus you shouldn’t make knee jerk decisions with your marketing budget.
Remember, In the middle of the storm it can be difficult to see anything but chaos but the storm will pass. Your best defence is to do everything that you can to still be standing when the storm passes.
The purpose of this post is to give you some marketing things that you can be thinking about during these troubled times and to make an offer that will save you £50.00 on one of my services so that your website can come fighting fit on the other side of the Corona Virus pandemic.
When I was working as a business consultant during the 2008 recession I heard of many businesses who chopped their marketing budgets as a reaction to the turn-down. They then wondered why they weren’t attracting any new business and as their competitors recovered they were left behind.
Businesses that I was working with at the time recognised that there was an opportunity to step in to the gap left by companies which appeared to have disappeared. They took more considered action, reduced their marketing budget and put plans in place to ramp marketing back up once it was clear that the recession was coming to an end.
This put these clients in a prime position and they went on to prosper.
In these troubled times this is the action that you should consider. I know that times are dark, and likely to get darker, but if we don’t think positively and plan to still be here when the Covid-19 pandemic recedes then I know that some of us won’t be in business when that time comes around.
The role technology plays in business continuation
Working from home, and in self-isolation, will be new to many people. Technology will have provided you with an opportunity to work from wherever you, and your staff, are with the only requirements being a device (desktop/laptop, phone or tablet) and an internet connection.
Cloud based audio and video conference solutions help maintain teams and enable client communications. Skype, Microsoft Teams, Zoom, Webex, Slack, WhatsApp and more prove both free and subscription options to communicate, train, make presentations and simply remain in touch.
As more of us work form home it’s likely that online search behaviour will change as more people mix business searches with personal during their working day.
How will your business cope?
As with any crisis, how your company responds is key, are you calm and taking action or are you panicking?
Either way, here are a number of things that you can be working on when faced with the current situation
Stay ahead of your competition
If you pause your marketing activities and your competitors don’t who do you think will be in a prime position when things begin to improve? Stay in touch with your clients using eMail, Video and Social Media, Keep an eye on search trends, are there any opportunities that you can make use of.
Remember that SEO is a long term strategy
I know that SEO is one of the services that I provide but it is worth remembering that it IS a long term strategy, taking weeks or months to have a proper impact so give your Search Engine Optimisation due consideration when reviewing your marketing budget. Google’s servers and algorithms won’t be taking a break.
Don’t buy cheap SEO
I know that it might be tempting to take up one of those “all you can eat” SEO offers at £75.00 per month but the risk to your business could be a lot greater than the small amount of money that you’d save. As the marketplace improves you could find yourself left with no rankings, no traffic to your website and possibly penalties from Google from trying to game the system.
Move offline marketing spend online
If people aren’t going out and about they are not going to be looking at advertising hoardings and billboards. They’re not going to be seeing “in-store” marketing either so think about whether you could shift some of your offline budget online to make up for this.
Understand search trends
By understanding trends in search you’ll be in an ideal position to leap on any opportunities and’or changes in direction. By keeping an eye on how people are searching you’ll be able to create content that meets the needs of those searchers. Google Trends is a really great way to stay on top of this
Produce more digital content
Consider using this as an opportunity to create those webinars you’ve been thinking of. By 2025 research is estimating that online learning will be worth about $158 Bn. Lessons learned now will be incredibly valuable going forward. Think about adding video conferencing and video calling to your communication options to reduce face-to-face meeting but stay in touch with key contacts, potential clients and your market.
Free 40 minute Website and SEO Consultancy
I’m still offering my Free Consultancy sessions and am more than happy to conduct them over the phone or by video link
Government Communications Head Quarters (GCHQ)- where the UK spooks provide signals intelligence to the UK’s government, military and Military Intelligence and the Department for Digital, Media and Sport (DCMS) carried out their first UK Cyber Survey and the results didn’t make for great reading.
42% of us Brits expect to lose money to on-line fraud
23.2 million worldwide victims of cyber breaches used 123456 as their password
15% say they know how to properly protect themselves from harmful on-line activity
33% rely on friends and family for help with their cyber security
Young people are the most likely to be cyber aware, privacy concious and careful of the details they share on-line
61% of internet users check Social Media daily, 21% say they never look at it
More than 50% use the same password for their email that they use elsewhere
Dr Ian Levy, NCSC Technical Director said “Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.” whilst Margot James, DMCS Minister said “We shouldn’t make their (cyber criminals) lives easy so choosing a strong and separate password for your email account is a great practical step. “
Most Regularly Used Passwords
It’s a shame that the top password list hasn’t really changed for at least 10 years – it shows how complacent a lot of us are with our on-line security.
I used to have 3 passwords, a simple one that I used really casually for newspaper sign-ups etc – name123 (not my real passwords, merely examples) a medium security one that I used on shopping sites, n@m3123 and a more secure one, used for banking etc – c3ler0n! (and all of the ones that I used feature on the Have I Been Pwned list).
About 5 or more years ago I switched to a Password Manager. I have 801 log-ins and 801 different passwords. All of them are at least 16 random characters long and comprise upper & lower case letters, numbers and symbols (where permitted).
My Password database is stored securely in the cloud and is replicated on my PC, Phone and Tablet and accessible from my Chromebook too. I use LastPass but others exist and here’s a review of some of the top ones.
As you can see, I do my best to stay on top of my security but if you feel adrift, or need some help, just give me a call on 01793 238020 or email email@example.com for a free chat.
The General Data Protection Regulation (GDPR) is the name given to the new law that will come into effect on 25 May 2018 to provide added protection and security to the data that businesses hold on, and about, individuals. It will replace the UK’s Data Protection Act (DPA).
At the end of this post you’ll find a simple glossary of terms for reference
Why do we need the GDPR?
There has been a huge change in the amount of data, and the way we use it, since the Data Protection Act came into effect 20 years ago.
Back then, a home PC was a rarity, now it’s pretty much the norm and households typically have multiple devices (PCs/laptops, phones, tablets, smart TVs and other internet connected devices) whilst the majority of businesses are totally reliant on IT and data.
As a consequence of these changes the laws relating to data needed updating and there was a strong drive to have common data protection laws across the EU due to the increased globalisation of business. Brexit will have no impact on the new regulations
What impact will the GDPR have on my business?
There will be a need to ensure that the way you collect, store, manage, use and destroy data is in compliance with the new regulations and there may be a requirement to employ new staff, outsource services or allocate new responsibilities to existing employees.
People & Accountability
DATA PROTECTION OFFICER
To comply with the new regulations you may need to allocate data protection responsibilities to employees or employ a new member of staff, depending on the size of your business and the data protection requirements placed on it. The following businesses MUST appoint a Data Protection Officer (DPO)
Businesses whose core activities involve large scale systematic monitoring and profiling activities
Businesses whose core activities involve large scale processing of special categories of data such as ethnic origin, political opinions or religious beliefs
DPOs can be employed or outsourced but must report to the highest level of management.
Current law does not apply to pure data processors, i.e serviced providers who only deal with data as directed by their customer, only applying to data controllers. If you are a mailing house which accepts data from a client for producing mail shots (land mail or email) for example
GDPR introduces direct rules and accountabilities for data processors, including
Keeping records of data processed
Designating a Data Protection Office (where required)
Notifying the Data Controller where there has been a breach
Under GDPR, data controllers can only use data processors “providing sufficient guarantees to implement the appropriate technical and organisational measures so that the processing meets the requirements of GDPR and ensures the protection of the rights of data subjects”
Accountability and the GDPR
Accountability is all about considering risks and demonstrating that you have considered, and managed, data protection risks. You will need to have clear policies in place to show that you meet the required standards and should establish a culture of monitoring, reviewing and assessing your data processing procedures
Privacy Impact Assessments
Businesses will be required to carry out a data protection impact assessment where carrying out any processes that use new technology that is likely to result in a high risk to data subjects, required in particular where there will be automated processing (including profiling) and on which decisions which affect the data subject and for large scale processing of personal data
Privacy By Design
Businesses must take data protection requirements into account from the inception of any new technology, product, or service, that involves the processing of personal data, with an ongoing requirement to keep those measures up to date.
Notification of Breach
The existing DPA requires an organisation to notify (register and pay a fee) the ICO that they will be processing personal data. This will no longer be a requirement under the GDPR, replaced by an obligation on the Data Controller and Data Processor to maintain detailed documentation, recording;
Purpose of processing
Lists of data subjects
Categories of data
However, if you have fewer than 250 employees, the requirements are less onerous and you’ll only need to comply if your processing is “likely to result in high risk to individuals, the processing is not occasional, or includes sensitive personal data.
Because the processing of employee data is likely to involve sensitive personal data there will be an obligation on all organisations to maintain documentation, no matter what their size.
With the removal of registration and fee payment, the ICO loses their main source of income and this could make them keener to catch organisations in breach and fine them.
Under current legislation there is no requirement to notify the ICO should you suffer a data security breach. This changes under the GDPR with the introduction of a requirement to report data security breaches to
Data Controllers (if a Data Processor breaches)
Regulators – if a Data Controller breaches and the result is a risk to the rights and freedoms of individuals – without undue delay (within 72 hours of discovery if feasible)
Affected Data Subjects – where the breach could leave them open to financial loss, for example. If the risk is high, this notification must be without undue delay.
When does the GDPR come in to law?
25 May 2018
Where will the GDPR apply?
Current data protection laws apply if you are located in the EU, or make use of equipment located in the EU, such as servers. The GDPR applies whether or not you are located in an EU country – it applies if you offer goods or services to EU residents or if you monitor their behavior.
If you want to transfer data beyond the EU (if you use a server based in the US to do your email marketing, for example) you need to ensure that the destination country has been recognised as having “adequate or equivalent” data protection regulations and you will have to ensure that suitable safeguards are in place to ensure the protection and security of the data you are transferring.
What happens if I don’t comply with the GDPR?
Currently, fines across the EU for a Data Protection Breach vary greatly with the UK having a maximum fine of £500,000 for a breach of the DPA.
One of the goals of the GDPR is to ensure that fines are consistent across national borders and to impose a significant increase in fines to emphasize the importance of good data management and security.
The new fines are to be split across two tiers
Up to 2% of annual, worldwide, turnover of the preceding financial year or EU10m (whichever is the greater) for violations relating to internal record keeping, data processor contracts, data security and breach notification, data protection officers and data protection by design and default
Up to 4% of annual, worldwide, turnover of the preceding financial year or EU20m (whichever is the greater) for violations relating to breaches of the data protection principles, conditions for consent, data subjects rights and international data transfers
The Information Commissioner’s Office (ICO) will also have increased enforcement powers and grounds for seeking judicial remedies under the GDPR, including a power to carry out audits and to require (demand) information to be provided and obtain access to premises
Practical Steps to prepare for the GDPR
Ensure that you have the resources to plan and implement GDPR requirements
Identify all existing data systems and the personal data processed
Review existing compliance programs and update/expand as required to meet the requirements of GDPR
Ensure you have clear records of all data processing activities and that the records are available
When using Data Processors, ensure you include terms in your agreement relating to immediate notification of any data breach.
Develop and implement a data breach response plan and have templated notifications so that staff can act promptly
Put internal reporting procedures in place, have an internal breach register and train staff on notification and use
Ensure that you have sufficient resources to implement required changes
Consider appointing a DPO
Assess whether the organisation uses consent to justify processing
Develop, and implement, a policy on data storage and retention
Review contractual arrangements with Data Processors
Consider Data Protection when developing new technologies, services and goods and keep clear records
Ensure all policies and procedures are available and written in clear, concise and easily understood language
Consider how you will gain consent for the use of the ata you hold, and use, for advertising, marketing and/or social media
Examine your Privacy notices now and start updating them
Review privacy notices and other “fair processing” information given to employees
Review employment contracts, handbooks and policies. Is contractual “consent” sought?
Ensure that you can respond to Subject Access Requests within 1 month (no admin fee will apply under GDPR)
Train staff on data protection responsibilities
The GDPR will have a wide reaching impact on most businesses, both large and small, which make use of data within the organisation.
Within the GDPR there are many undefined phrases, such as what counts as “large scale” and what is “new technology” and it is likely that these will only be determined as part of case law i.e. when a company is prosecuted for a suspected breach and their defence (or prosecution) need an accurate description of such terms.
It is likely that things will change as we get closer to implementation. However, you should start your preparation as soon as possible and the ICO has published a useful leaflet called “12 Steps to Take Now” which provides more helpful advice.
I’m a digital marketer and SEO professional, not a legal practice. As a consequence, this should be used as a guide to the GDPR and legal support sought to ensure that your business is in compliance.
Glossary of Data Protection and GDPR Terms
Consent – Permission to collect, store and use personal data
Data Controller – A person, or persons, determined the purposes for which, and the manner in which any personal data are, or are to be, processed
Data Portability – The ability to move data from organisation to organisation, or across nation states
DPA – Data Protection Act, the regulations that the GDPR replaces
Data Processor – Any person who processes data on behalf of the data controller
Data Protection Officer – Person responsible for the oversight of organisational data protection strategy and implementation to ensure compliance with the GDPR
Data subject – The person to whom a data set relates (you and I)
GDPR – General Data Protection Regulations. The name given to the new regulations relating to the way we collect, store, use and destroy data
ICO – Information Commissioner’s Office – body responsible for upholding GDPR
Personal Data – anything clearly seen as personal, including name, address, phone number but also including IP addresses, cookie identifiers and UDID (Unique device Identifiers). Expressions of opinion about an individual also count as personal data so you need to be careful what you say about colleagues or clients in emails
Right to be Forgotten – The right to request the complete deletion of all personal data.
Subject Access Request – A request that an individual can make to find out the data that an organisation has relating to them.
And if you are struggling with your GDPR then give me a call on 01793 238020 or email firstname.lastname@example.org and I’ll do everything I can do to help.
Cybercrime is everywhere these days, in 2016 the cost to the UK was over £1bn with more than 5.5m cyber offences taking place in the UK every year. That’s almost 50% of ALL UK crime.
There’s lots of advice on passwords, I regularly write about them, and other security measures that you can take but did you know that even a trip to your favourite coffee shop could end up being far more expensive than the price you pay for your Triple Grande Decaf Soy Latte Macchiato and blueberry muffin.
Imagine the scene, you’re between meetings and decide to drop into your favourite coffee shop for a cup of coffee, a cake and to tap into their Wi-Fi to read your emails, refresh your knowledge in time for your next meeting or simply to surf the web.
Spoof Wi-Fi Hotspot
When you sit down and try to log-on to the Wi-Fi there’s frequently a selection of hot-spots to choose from. How do you know which is the free service provided by the venue and which is a spoof.
It’s very easy to set up a Wi-Fi hot-spot using a mobile phone, Mi-Fi type of device or laptop and allow other users to connect through this free connection. This means that all of the traffic can then be intercepted by the person providing the spoof account. What sort of important information is passed from your laptop through this connection? It could be your details to access your online banking, the log-in to your company network or the necessary information required to access your corporate email account.
Time for a comfort break
Then the urge hits, you look around and see that everybody seems respectable enough so you head off to the toilet thinking that your laptop is safe on the table. After all, nobody would nick in sight of all those customers, staff and CCTV cameras would they?
You’d be wrong. Laptop tracking service provider, Prey, found that areas offering free Wi-Fi were the second most common target for opportunistic laptop thefts, the only riskier place being left in a visible place in your car.
If stolen, it’s not only the inconvenience of replacing the laptop, reinstalling your applications and copying back your data [you do back-up your data don’t you?] it’s the additional costs that aren’t covered by your insurance.
The Ponemon Institute, a US cyber crime consultancy, put the real cost of the loss of a laptop and it’s data at nearly £31,000. This was broken down into £4,000 for the loss of Intellectual Property, forensics and legal bills adding around £1,500 with a staggering £24,500 attributable to the loss of income, customers and competitive advantage associated with a data breach
So, the next time you stop off for a cup of coffee and decide to log-on using their free Wi-Fi, just make sure you know which network that you’re connecting to and that you don’t leave your laptop unattended.
And if you want to talk about your cyber security, just give me a call on 01793 238020 or drop an email to email@example.com
I do a lot of work for an IT support company in Bristol – Bristol IT Company – and at the bottom of their website is a list of badges, icons and logos, there’s a couple of ISO related ones and the rest come from well known (and less well known) brands in the IT sector but why are they there and why should you be concerned?
Well, ISO’s easy, it’s a way of demonstrating a certain credibility by being assessed every year to ensure that we remain up to scratch. A lot of businesses have ISO9001. This is a quality management certification that demonstrates commitment to consistently provide products and services that meet the needs ofclients. ISO27001 is an information security standard that demonstrates commitment to information security, both their own and that of clients.
The other accreditations come from manufacturers such as Cisco, Microsoft, Dell, Aruba, Cyberoam, VMWare and Veeam and demonstrate that the Bristol IT Company has the necessary skills to not only supply their equipment but to ensure that it is properly installed, configured and supported.
Why is this important
Let’s take a look at the security of your network – Bristol IT Company have 2 vendors that are accredited with in this area, Cisco and Sophos. You can buy some Cisco & Sophos equipment on Amazon at competitive prices, have it delivered pretty much the next day and get it up and running very quickly. This might make you feel secure, after all Cisco are a market leader in networking and security – right?
Is this the right way to do things?
Probably not! Even assuming that you order the most appropriate device for your needs, installing equipment using the default settings could cause you a whole heap of pain.
Most hackers worth their salt know, and understand, these default settings making it really easy for them to penetrate your business’ network. It’s almost like advertising that you’ve installed the best locks in the world but have left a key under the doormat.
Not only that but the default settings are a one-size-fits-all option that are unlikely to be best suited to the way your business works and could actually slow your network, and internet connectivity, down if left untouched.
You could probably find hundreds of internet forums where people discuss the settings but which ones are the best for your particular needs? Which ones speed things up without compromising security and which ones increase security without compromising speed and which ones are actually posted by hackers looking to lure you into making your network even more insecure?
That,s where accreditation comes into play. By buying your equipment from an accredited supplier, Bristol IT Company will advise you on the correct product that most closely matches your existing and future needs, possibly saving you money – certainly saving you pain.
They then ensure that your network is made as secure as possible by changing default settings to something much more secure and applying their training, experience and skill to ensure that your network is as secure as it can be by optimising the set-up and performance of your kit.
Still think accreditation’s just an icon on a website? Well, give me a call on 01793 238020 or email firstname.lastname@example.org to find out that there’s much more to it than a pretty picture
Last week saw an underground fire in Holborn, London, lead to the cancellation of a number of West End shows, costing theatres thousands in lost revenue.
More than 1,900 homes and businesses were left without electricity when the power had to be cut for safety reasons, directly affecting around 5,000 people who were forced out of their homes and offices whilst the underground fire was brought under control.
A small number of larger businesses were able to continue functioning because they had suitable contingency plans in place to cover precisely this type of eventuality. These were the ones that had back-up generators to ensure a continuity of electricity supply which enabled them to continue their activities whilst all around ground to a halt.
So what provisions have you made for business continuity in the event of an incident that leads to you having to vacate your offices?
Remember, this fire, although disruptive, was not classed as a “major” incident and similar issues could happen almost anywhere, at any time. Would your business cope, could it survive should you have to be evacuated, without warning.
What would be the impact on your business if you couldn’t access your office for hours, days or even weeks?
How do you manage the data and documents that are critical to the survival of your business?
Would your business be able to move seamlessly to a different location, would your key staff be able to work from home or elsewhere?
How do you manage and store the documents that are essential to the running of your business? Are they stored on your laptop/PC, on a server, back-up, in the cloud or a USB stick?
Are your clients and business contacts in a Customer Relationship Management application, on a spreadsheet, on your phone or in your head?
How about your financial records, are they saved in Excel or a dedicated software application?
There are many ways to store and manage your essential data, you just have to be sure that you can access the business critical information from a location away from your office.
Companies most reliant on data may have back-up locations, complete with computers and data connectivity that they can move key personnel to, ensuring that service and continuity continues with the shortest of interruptions.
Smaller businesses might have file servers storing their data attached to their network with back-up devices regularly creating copies with the back-ups being taken off-site.
Micro-businesses and sole traders could make effective use external hard-drives, whether attached by USB or shared on a network, automatically cloned to one of the numerous, and inexpensive, cloud data services.
Remember, it’s too late to do anything about business resilience once an incident has started so give me a call for a free chat – 01793 238020 or send an email to email@example.com.