Digital assistants are still trending, and many of your customers are using them to make their lives easier. Features like Apple’s Siri, Amazon’s Alexa, Microsoft’s Cortana, and Google’s digital assistant let people search the internet without even picking up their phones. In 2021, 20% of internet searches were voice-based.
Here’s the rule of thumb for when and where to back up data.
The more important the information
The more often you should back up and
The more distant those back up files should be.
I back up my QuickBooks data every 2 days and every time I do a lot of input. I don’t want to re-build or re-do a lot of entries. So the time it takes to do the back up is a savings compared to the frustration and time required to re-do the work.
If YCL does more than 1 hour of input on a website, we back up the site immediately. No need to risk losing that work!
Really important information like a password list, payroll records, client info, photos of grandchildren, etc. should be in 2 or 3 different places. Maybe a copy on a thumb drive in your office. A copy on Dropbox. A copy on iDrive.
If the thumb drive gets corrupted, you can pull from Dropbox or iDrive. If Dropbox crashes, you can pull from the thumb drive or iDrive.
Yes, even files stored on the cloud should have back ups!
Case in point, I store all of my passwords with LastPass. It’s a great software that I’ve recommended to many of you. A month ago CenturyLink had a nation-wide system disruption that affected the LastPass servers. I couldn’t log in!! The info was still there but I couldn’t get to it. Now I am exporting the passwords once a month and storing them in Dropbox.
I highly recommend that at least one of your back ups be automated. Sync everything with Dropbox. Use iDrive. Buy an external hard drive with back up software. Automating the process will save you time and give you protection even on those super busy days where little tasks get missed.
You can set up Dropbox to automatically sync files from your computer. You can use iDrive or Google Drive to schedule back ups.
Don’t wait for a disaster to happen. Plan and implement your system now for peace of mind.
GoDaddy announced 11/23 that they had had a major security breach involving their Managed WordPress hosting. Their notice was followed by one from WordFence, the security software we put on all of the sites we do maintenance for. See the emails below.
To protect my clients and YCL, I have:
I started these changes yesterday. I will finish today.
You need to visit your site a few times over the next few weeks and check to see that the site is functioning properly and that there is no unusual activity on it. YCL will continue monitoring via WordFence.
If you used the same password for the WordPress login that you use on other accounts, YOU NEED TO CHANGE THE OTHER PASSWORDS IMMEDIATELY. The hackers will be trying to use the user names and passwords they got at banks, Facebook, Amazon, etc. to see if they can use your password to access these other accounts.
Each password at each site should be unique.
GoDaddy announcement
We are writing to inform you of a security incident impacting your GoDaddy Managed WordPress hosting service.
We recently identified suspicious activity in our WordPress hosting environment and immediately began an investigation with the help of a third-party IT forensics firm and have contacted law enforcement. Our investigation is ongoing, but we have determined that, on or about September 6, 2021, an unauthorized third party gained access to certain authentication information for administrative services, specifically, your customer number and email address associated with your account; your WordPress Admin login set at inception; and your sFTP and database usernames and passwords. What this means is the unauthorized party could have obtained the ability to access your Managed WordPress service and make changes to it, including to alter your website and the content stored on it. The exposure of your email address may also present a heightened risk of phishing attacks.
We are taking several steps to protect you and your data. First, we have blocked the unauthorized third party from our systems.
Second, we have reset your WordPress Admin login credentials, sFTP password and your database password. Your website is still up and running, but you won’t be able to edit content until you reset your passwords.
Here are the instructions on how to reset each password:
• WordPress Admin Login, please visit: https://www.godaddy.com/help/a-26916.
• sFTP or data password, please visit: https://www.godaddy.com/help/a-40804.
• WordPress database password, please visit: https://www.godaddy.com/help/a-24573.
If you use the same password for other accounts, we recommend you change your password to those accounts and adopt data security best practices, such as choosing a strong unique password, regularly changing it, and enabling multi-factor authentication where available. We also recommend that you remain vigilant for potentially fraudulent communications sent to your email address purporting to be from GoDaddy or other third parties.
Finally, because the private key of your existing Managed WordPress SSL certificate was exposed, the certificate will need to be revoked. We are in the process of installing a free DV SSL certificate on your website for one year to minimize potential site downtime.
If you would like to continue using your existing SSL certificate product, please follow the directions below to rekey a new certificate: https://www.godaddy.com/help/a-4976.
If you have any other questions, or you need further assistance, please call (480) 505-8870.
For residents living in California, Colorado, Delaware, Illinois, New York, New Jersey, Oregon, Vermont, Washington, and Wyoming, please visit https://www.godaddy.com/help/a-41004 for additional resources that describe additional steps you can take to help protect your information, including recommendations by the Federal Trade Commission regarding identity theft protection and details on how to place a fraud alert or a security freeze on your credit file.
Thank you,
Demetrius Comes
Chief Information Security Officer
WordFence Notice
GoDaddy announced this morning that they have been breached. Our team took a deep dive into the breach and found that GoDaddy appears to have stored passwords in plaintext, or in a format that could be reversed back into plaintext, which is not an industry best practice.
We confirmed this by signing into a GoDaddy Managed WordPress Hosting Account and verifying that we were able to view our own sFTP password. That means the attacker didn’t need to crack the passwords and could likely retrieve them directly.
According to GoDaddy’s own SEC filing: “For active customers, sFTP and database usernames and passwords were exposed.“
The attacker had access to GoDaddy’s systems for over two months before they were discovered.
We have published a detailed post explaining how customers are affected, and what to do. Please pay special attention to our comments regarding your own customer notification obligations, if your site(s) are affected by this.
Click here to read our post about this breach on the official Wordfence blog…..
As you begin implementing your 2021 marketing plans, one big consideration should be “How do my clients WANT me to communicate?” If a prospect contacts you via Facebook then it’s reasonable to assume they want a Facebook response. Don’t demand that they call you because you like talking on the phone better. Start with “They’re a FB person” and respond. Then you can move them to a phone call or in person meeting as needed. First you want to meet them where they are. One client I work with never responds to an email no matter how urgent the subject. But they answer to every call. So why frustrate both of us by sending emails? I’m not a big text person. When I have a client who is, I respond by text then forward their text and my answer to my email so I have the continuity that I like. But I don’t expect them to change to fit my preferences!! Communication is definitely a case where the client is always right. Here are some more suggestions.
Here is an excellent article about steps YOU can take to control your phone usage. It cites studies about improved relationships, mood, mental health.
If you are considering adding videos to your marketing tool kit, here is a good article describing the process.
How To Use Social Media for customer service – Good explanation with examples of how you can offer customer service on social media platforms. Many people expect customer service at their finger tips so it can be worth your time to offer it.
Today passwords are a part of our everyday life. It is critical to protect our information from getting into the wrong hands. Unfortunately, a weak password is a weak defense against hackers. Here are a few ways hackers are trying to get a hold of your information and how you can help stop them.
1: Credential Stuffing
This happens when an attacker already has your login info – typically from a data breach at a large company like Target, Bank of America, etc. who store credit card and login info for their clients. They will log in as you and impersonate you to make changes on your account. If you have used the same password on different accounts, they now have access to all of them. Your best defense is to make sure you have strong passwords and different passwords for every site.
Read how to use a password pattern.
2: Password Cracking Techniques
These are techniques that attackers use to “guess” passwords to accounts. They have algorithms that can crack a weak password. The best way to prevent this is to make sure you have strong passwords that aren’t repeated for logins to other sites. Use a mixture of upper case letters, lower case letters, numbers and characters. Never use names or real words. Not even your favorite cat’s name!
3: Shoulder Surfing
Shoulder surfing is when someone around you watches to see the private information you type on your keyboard or on your screen from over your shoulder. It can happen at the grocery store or the ATM. We have to be aware of our surroundings whenever we are typing in sensitive information in a public place.
4: Social Engineering
This is when someone tries to get you to reveal sensitive information by pretending to have clearance for it. If a customer service agent is calling you and wanting to verify your credentials, make sure you verify them first! Never give passwords or private info to strangers no matter who they claim to be.
Microsoft, Google, the IRS, Dell will never call you. Never.
5: Phishing
Phishing is similar to social engineering but it’s more specific to email. Hackers will create an email looking like it’s from a legitimate source prompting you to type in information. If you are ever questioning the legitimacy of an email, call the person sending the email. If it’s a large corporation, open a new browser window and log in directly from their website. Never click the links in the email to log in.
6: Wireless Sniffing
This happens when a hacker collects data that is being sent between your computer and someone’s server. If a site isn’t using a TLS/SSL Certificate, the information being sent isn’t secure. You should see a closed padlock symbol on the left end of the site’s address telling you it is a secure site. If the padlock isn’t there, don’t give them any information! Not even your email.
7: Man-in-the-Middle Attack
This is similar to wireless sniffing but the information continues on to the server and back to your computer while the “man in the middle” is observing it. Once again, your best protection is to make sure the sites you visit have an updated TLS/SSL certificate. If you are using the Chrome browser, Google will alert you as to when a site’s certificate is bad and if it does you shouldn’t input any information.
Your Computer Lady recommends Last Pass as a storage vault for passwords and private data. Visit their website.
The information for this article was found here.
It’s a real thing! Zoom apnea. Read about it and STOP it!
I have felt it myself and talked to several people experiencing total exhaustion after a day of sitting in front of the computer in a series of Zoom meetings. How can sitting be soooo hard?! Here is a good explanation of what is happening and some tips to prevent it.