Posts

demystifying cybersecurity with brian chappellFor today’s ‘Monday must’, we’re venturing into to the world of cybersecurity – well demystifying cybersecurity to be precise. Don’t run for the hills – you need to read this!

The very term cybersecurity sends a shiver down my spine. I hear it and feel a mixture of inadequate, stupid and a tiny bit terrified… do you? But don’t worry – this blog won’t make you feel like this…

I was chatting to a friend of mine about cybersecurity a while ago (it’s not completely random, the friend is Ruth Chappell from Dressage Anywhere who is married to Brian who wrote this blog!) and this is what came out of it. Well, Brian very kindly agreed to write this for me. I found it really interesting. I hope you do too. Now over to Brian Chappell…

Demystifying Cybersecurity – Part 1: Websites

So, you have a website. The first question you need to ask yourself is, “Is it secure?”, rather than “Does it reflect my brand and message?” It’s a hard question to answer. It’s particularly hard to know what’s important, what’s not so important and what to look for when trying to ensure your or your customers’ data is safe.

We hear about websites being hacked all the time but are you likely to be a target? The sad fact is that it’s yes. It doesn’t matter if you are a one-person company with a Wix or WordPress website or the largest multi-national, the rather dramatic statement seen at every Cybersecurity event is true; “It’s not if, it’s when.”

What’s a drive-by?

The vast majority of attacks on systems are the result of a drive-by. What do we mean by that? The drive-by is an opportunist attack, the result of a hacker stumbling upon a fault (commonly referred to as a vulnerability) that exists in your website that they already know how to use to break in (commonly referred to as an exploit). To understand this further, we need to step back and look at how we can identify those vulnerabilities before the hackers do.

There are many tools out there, ranging from free to eye-wateringly expensive (for a small business at least), that can scan your website and look for vulnerabilities. You can find many free tools such as OWASP ZAP (Zed Attack Proxy – this sounds more dangerous than it is) but be prepared to do some research as these are designed for people who have some understanding of vulnerabilities, that said, they aren’t incomprehensible; just remember, it’s not scary and it’s not rocket science. It’s worth taking a look at some of these tools, even if it’s just to get a feel for what hackers are using. Rest assured, they are using the very same tools looking for the very same vulnerabilities as you’ll find. What’s particularly interesting is the tools that hackers can use from the Dark Web that include fully featured services where with a credit card and a few minutes you can set up and launch an attack across the internet. These services have progress tracking with beautiful graphs and customer service that puts many regular companies to shame. But at their hearts, most of these tools are using the same scanning technology that you will use.

Can hacking attacks be prevented?

There is a shocking statistic that I speak about at many conferences, it’s been produced by some seriously clever people and it’s this: Between 2011 and 2016, ‘around 95% of successful hacking attacks were the result of well-known and entirely preventable vulnerabilities’; this figure includes all kinds of attacks, not just websites (and we’ll talk about the others in future articles), but it’s a concern nevertheless. Rest assured it’s not changed much over that period and it isn’t changing quickly since either.

Unfortunately, all the website-based vulnerabilities tend to be well-known and are attacked regularly. It’s important to simply start at the top of the list, with the high severity vulnerabilities and work your way down (or ask you service provider or web developer to work their way down) fixing each in turn. Many of the discovered vulnerabilities will look complex but often it’s just changing a setting to resolve the issue. I’ll reiterate, there really is no rocket science here, it’s just about knowing where to look or knowing where to find where to look. The user guide is often your best friend.

It’s important to let your service provider, hosting company, or WordPress provider, know you are going to scan your site and how frequently you are going to do it, it’s not a one-time activity, it should be regular, i.e. weekly or monthly. They should have monitoring systems that will be triggered by a scan so warning them allows them to eliminate your activity from the alerts they get.

If your provider doesn’t support scanning, they should be doing it themselves so ask for a copy of the results or notification of any issues that may affect your site along with confirmation when those issues are dealt with. If you are using WordPress or similar, I’d recommend talking to your provider about how frequently they apply updates and how you can be notified. I’ve heard of some providers expecting the customer to pay for updates, I’d push hard back on that. You didn’t subscribe to WordPress v4.9.6 (or whatever make/version your platform operates on), you subscribed to a WordPress service. If they won’t budge, move providers. It may be a little more expensive monthly but the peace of mind will be worth it.

Don’t be scared about cybersecurity

A few pieces of advice that I’m going to parrot in every article; don’t be scared about Cybersecurity/Website security. There is no rocket science here and no-one is going to expect you to be an expert. Similarly, no-one is going to think less of your for asking what you may feel are stupid questions. There are no stupid questions. Don’t be afraid to look at getting a professional Cybersecurity specialist to help you get started, or even provide you a regular service. Shop around but I wouldn’t recommend necessarily taking the cheapest. Like all suppliers, find someone you think you can work with and trust.

A bit about Brian Chappell

Brian has more than 30 years of experience in senior IT roles across a broad spectrum of organisations including Amstrad plc, BBC Television and GlaxoSmithKline plc. Brian has held senior roles in most IT disciplines across the entire IT delivery chain.

More recently, Brian has spent the past 6.5 years working for a leading cybersecurity software vendor, BeyondTrust, as the technical lead across EMEA and APAC. In this role he has delivered world-class solutions for both vulnerability and privilege management within financial, manufacturing, healthcare, retail and government markets. He’s now a product manager for one of the leading cyber security platforms in the world. Brian is a regular contributor to the press as well as a speaker at industry conferences and events.

A HUGE thank you to Brian for his blog on demystifying cybersecurity… now, I’m off to find out more about all of the above!

Do I really need web hosting?You’ve probably heard of web hosting, along with all the other techy terms associated with websites… but do you really understand what it means? And do you know what to look for when choosing a web host? Well, today we are well and truly lifting the lid on web hosting with the help of the lovely team at Black Nova Designs. Kyle and Danielle, the people behind Black Nova, are members of my Small & Supercharged Facebook group and I was d-flipping-lighted when they said that they would write a blog about the ins and outs of web hosting as a guest post. Are you ready? It’s a good one… over to Danielle…

Do I really need web hosting?

Do I really need web hosting? The quick and easy answer to this question is yes if you have a website.

If you’ve gone to the effort of building an awesome website for your business, chances are you’ll want everyone to see your stunning creation, and so for it to go live and be visible, you need web hosting.

Web hosting is simply a service that allows you to post a website to the internet so users can see it. It’s a bit like finding your site a home, where others can visit freely, and where it will be stored securely.

There are of course plenty of providers out there who offer free or budget web hosting, and for those starting out in business and keen to keep costs to an absolute minimum, this option can seem like the perfect solution. It is however worth considering the differences when it comes to free or budget and paid professional web hosting, and the implications for your business.

Here are 7 simple lessons about professional web hosting, to help you make the right decision when it comes to picking a web hosting company, and a cost-effective plan that not only suits your business needs, but one your wallet will appreciate too.

Reliability

It goes without saying you as the business owner want your website to be visible and accessible around the clock. Therefore it’s important when considering who you choose to host your website that their percentage of up-time (uninterrupted service) is high.   Professional web-hosting companies offer a much higher rate of up-time i.e. 99%, and this is what puts them streets ahead of their free and low cost competitors.

Customer Service

In the event of any technical or other problem related to your website, having the reassurance that your issue will be resolved efficiently and without fuss or detrimental impact to your business is critical. With professional web hosting your business can benefit from immediate technical support, through means of live chat, email and UK based telephone assistance. Again something that free or budget providers are simply not in a position to offer. 

Control of Data & Content

When it comes to data, rest assured that with a professional web hosting company, data backup and restoration features are provided as part of a hosting package.

In terms of what content you choose to publish on your site, when you pay for web hosting you will have total access to what you post and what it looks like. Which means there are no restrictions for you as the website owner with regards to the amount of data or the number of web pages that your website can have. This is in contrast to free or budget hosting services where there maybe aspects of your website that you are unable to control.

Domain & Email

Free web hosting accounts usually require users to use a subdomain that advertises the website of the free service, sadly robbing your brand of its own unique identity. Whereas professional web hosting will provide you with at least one domain name, allowing you the business owner to build your brand from the get go. With a private domain name your website can create personalized emails, making it easier to introduce to your online business.

Design

A professionally hosted website allows the owner unrestricted access to design the website and its supporting technologies (such as server to server communication.) Affording complete freedom when it comes to both graphic and infrastructure design, means you can experiment with different layouts, and use different platforms for your business.

Space

With the advent of cloud computing, professional web hosting allows users access to more storage space and dynamic bandwidth that is adjustable for growth in traffic in real time. When using free or budget services, such flexibility is not always available and the user only gets a fixed amount of space and bandwidth for their installation.

It is also worth noting that some website builders restrict you to only using their hosting and their platform. They therefore own the rights to the website, and can restrict views per month, server size and other capabilities.

SEO

Interestingly, all the benefits of professional web hosting such as performance load speed, reliable up time, and secure connections with SSL certificates, are all believed to be factors that search engines are looking for when grading a website.

Although many free or budget web hosting providers promise to deliver SEO services, few provide the same level of progress up the search engine rankings as many businesses would demand.

Having the control over the SEO process is easier for professional web hosting and gives the business owner the ability and access to keep optimizing its practices over time.

 

The amount of third party integration that some websites may require is not easy or even possible on free or budget web hosting services. Services such as using an e-commerce platform are easier to install on platforms owned by professional web hosting companies.

As a key component to your business, having piece of mind that your website is in trusted and safe hands can be priceless, and one less thing to worry about.

How do you decide which web hosting provider to pick?

When making your decision, reading reviews can be helpful, or you may want to ask for recommendations from trusted sources in your network, as they are more likely to offer you a balanced view, having had first-hand experience of using professional web hosting.

 

Here at Black Nova Designs Ltd we have businesses move to us almost daily, as our hosting offers increased web traffic, optimised images, and impressive load speed to name only a few of the benefits.

If you are in a dilemma about your web hosting and would like to discover what options are available to you whatever the size of your business, contact Black Nova Designs Ltd and we can answer your questions for you.

What is a press release?What is a press release? I get asked this quite a lot… and I think that in some ways the term is to blame. It can sound a bit daunting, but actually there’s no need to feel anything but excited about the good old press release. It can be a gateway into a world where your business, whether you’re product or service based, equestrian or country or something completely different, gets valuable column inches. And this can help to win you fans, followers and customers.

What is a press release?

When I talk about press releases, I mean a well written and concise document that informs its readers of new and newsworthy things happening inside your business. See. It doesn’t sound as scary now. And that’s good, because although the way we consume our news and content has changed (and we know that some magazines aren’t having the best time, let’s be honest here), the press release still works. Whereas historically a press release would only be sent to magazine editors, that’s no longer the case. Website editors should also make up part of your press list, and so should bloggers who might be interested in your kind of business. And what about influencers? Those people with large, highly engaged social media followings that can help you reach your target markets? The best way to inform these people (who you should already have reached out to and be communicating with!) about your new product or service is through a press release.

What should a press release be?

A press release is a way to convey your message to who you need to see it. It should be well written, free of typos and grammatical errors (we’re all human, but do your best, people appreciate it), not too long but not too short, with relevant contact details and a high res image.It should get to the point quickly, tell the reader what to expect further down in the intro, and not drone on about every aspect, carpet colour choice and sacking in the company’s history. This has no place in the main body of the press release. Unless it directly relates to the news story. So if you’re talking about a company’s 40th birthday, it might be useful to summarise the history. But when I say summarise, I mean in a short paragraph with the key facts and dates. If you’re talking about a new horse rug, the fact that there are three generations employed at the factory and they all enjoy afternoon tea once a week will be of little significance. OK. The latter would be a stretch on any day. Although you could create some nice social content around that. But that’s a different story. Press releases shouldn’t ramble. They should be concise. Don’t feel you need to write hundreds and hundreds of words. No one is reading them. Sorry, but it’s true. Editors don’t have the time. They want key facts presented well. They can then build a story about this if they need to add more information or they can use what you’ve sent. Or you might even be asked for more information.

So that’s what a press release is. It’s a concise way to convey new and newsworthy content to people who have the potential to spread your message to your target market. And it can do your business a lot of good. If you do it right.

 

Want to network with likeminded equestrian, country and canine small business owners? Come on over and join the Small & Supercharged group.

How to build a website

How to build a websiteIf you’ve ever wondered how to build a website for your business, I’ve put together a quick guide of points to consider. It’s not a complete list, but it’s one that’s been created from my own experiences, from building my own website and working on websites for clients. Websites are important to any business, and that includes any equestrian or country business. If you’re looking for something, whether it’s an equestrian PR and marketing professional, a riding instructor, fencing, machinery, the best supplement for your horse, or a bespoke bridle, the chances are that you’ll pop your question into Google. Google’s great, we love Google, but Google can only pull up websites and pages that exist on the web. If you business doesn’t have a website, how does Google and, by extension, the person looking for you, know that a) you exist or b) where to find you!

Top tips on how to build a website

Here are my top tips on how to build your own website…or, at least, how to find the right person to help you…

1. Do a little research, but don’t let the numbers scare you. Websites can cost a fortune…but they don’t have to. I don’t think you need to sell a limb to get a really impressive website. There are lots of options- you can use a platform like WordPress and buy a template for pounds and do all the work yourself, or you can speak to a friendly website designer and ask if they’ll customise a template for you. Or you can give the whole job to them and sit back and admire the view. There are lots of options.

2. Make sure you’re in control. Gone are the days when a web wizard would need to update your website! Not only was this expensive as each time you wanted a tweak, you needed to pay, but you’d also need to form an orderly queue along with all your web designer’s other customers. Let’s be honest. No one likes to queue.

3. Take inspiration from others. I’m not saying copy. That’s not what I mean at all. What I’m saying is observe what other people do…what do you like? What do you hate? Make notes and pass these onto your designer or keep them in mind when you start yourself. Listing things you hate can be as helpful as things you love!

4. Make a list. If you are approaching a designer, you’ll need a brief. The designer will base their price on your brief. Each time you change your mind and deviate from the brief, you could get an extra bill. Take your time putting your website brief together…and speak to people whose opinion you value too…it’s always good to have a sounding board!

5. Pictures. Pictures can really add an extra ‘je ne sais quoi’ to a website…but don’t worry if you don’t have your own extensive library! There are some great sites out there like iStock and Shutterstock that allow you to buy really good quality images for a few pounds, depending on what you want to use them for. Or why not create your own using a technique like flat lay?

6. Get writing! Providing clear, concise and informative copy is essential for any website. If this isn’t your area of expertise, you can either get in touch with a copywriter, or you can draft what you want and get someone to proof it for you.

7. Don’t be afraid! When you think your website is pretty close to perfection, don’t be afraid to press go and get it online. There will be bits you want to amend. There will be niggles that need straightening out…but you’re not going to know about these until you kick on and get people testing the site. You don’t have to announce your new site to the world to start with, but get some friends on it so they can have a look and iron out any problems.

 

I hope this list has really helped you if you’re thinking of embarking on a new website design. It might be seen as food for thought when it comes to considerations connected to how to build your website. It can be scary, but having a shiny website you’re really proud of is really worth the effort.