Categories
News

Phishing goes targeted and diversifies during COVID-19 outbreak with 2 million attacks in Q2 in Africa: Kaspersky

Security solutions have detected 2,023,501 phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia

Kaspersky (www.Kaspersky.co.za) analysis has revealed that phishing attacks are becoming increasingly more targeted. Several more tricks have been found – from HR dismissal emails to attacks that are disguised as delivery notifications. As a result of such tendencies, security solutions have detected 2,023,501 phishing attacks in South Africa, Kenya, Egypt, Nigeria, Rwanda and Ethiopia. These and other findings are documented in Kaspersky’s new spam and phishing in Q2 2020 report.

Phishing is one of the oldest and most flexible types of social engineering attacks. They are used in many ways, and for different purposes, to lure unwary users to the site and trick them into entering personal information. The latter often includes financial credentials such as bank account passwords or payment card details, or login details for social media accounts. In the wrong hands, this opens doors to various malicious operations, such as money being stolen or corporate networks being compromised. This makes phishing a popular initial infection method.

South African users have been influenced the most by this type of threat: there were 616,666 phishing attacks detected in 3 months. It was followed by Kenya (514,361), Egypt (492,532), Nigeria (299,426), Rwanda (68,931) and Ethiopia (31,585).

Phishing is a strong attack method because it is done at such a large scale. By sending massive waves of emails under the name of legitimate institutions or promoting fake pages, malicious users increase their chances of success in their hunt for innocent people’s credentials. The first six months of 2020, however, have shown a new aspect to this well-known form of attack.

Targeted attacks: Small businesses in focus

As Kaspersky analysis has indicated, in Q2 2020, phishers increasingly performed targeted attacks, with most of their focus on small companies. To attract attention, fraudsters forged emails and websites from organisations whose products or services could be purchased by potential victims. In the process of making these fake assets, fraudsters often did not even try to make the site appear authentic.

Such targeted phishing attacks can have serious consequences. Once a fraudster has gained access to an employee’s mailbox, they can use it to carry out further attacks on the company the employee works for, the rest of its staff, or even its contractors.

Jack of all trades: New tricks for old purposes

The news agenda, following the COVID-19 outbreak, has already influenced the “excuses” fraudsters use when asking for personal information. This included disguising their communications with unsuspecting users as:

  • Delivery services. At the peak of the pandemic, organisations responsible for delivering letters and parcels were in a hurry to notify recipients of possible delays. These are the types of emails that fraudsters began to fake, with victims asked to open an attachment to find out the address of a warehouse where they could pick up a shipment that did not reach its destination.
  • Postal services. Another relatively original move used by fraudsters was a message containing a small image of a postal receipt. The scammers expected that the intrigued recipient would accept the attachment (which, although it contained ‘JPG’ in the name, was an executable archive) as the full version and decide to open it. The Noon spyware was found in mailings like these analyzed by Kaspersky researchers.
  • Financial services. Bank phishing attacks in the second quarter were often carried out using emails offering various benefits and bonuses to customers of credit institutions due to the pandemic. Emails received by users contained a file with instructions or links to get more details. As a result, depending on the scheme, fraudsters could gain access to users’ computers, personal data, or authentication data for various services.
  • HR services. The weakening of the economy during the pandemic in a number of countries caused a wave of unemployment, and fraudsters did not miss this opportunity to strike. Kaspersky specialists found several mailings that announced, such as, some amendments to the medical leave procedure, or surprised the recipient with the news of their dismissal. In some attachments, there was a Trojan-Downloader.MSOffice.SLoad.gen file. This Trojan is most often used for downloading and installing encryptors.

“When summarising the results of the first quarter, we assumed that COVID-19 would be the main topic for spammers and phishers for the past few months. And it certainly happened. While there was the rare spam mailing sent out without mentioning the pandemic, phishers adapted their old schemes to make them relevant for the current news agenda, and come up with new tricks,” says Tatyana Sidorina, security expert at Kaspersky.

Read more about the new phishing techniques on Securelist.

Kaspersky experts advise users to take the following measures to protect themselves from phishing:

  • Always check online addresses in unknown or unexpected messages, whether it is the web address of the site where you are being directed, the link address in a message and even the sender’s email address, to make sure they are genuine and that the link in the message doesn’t hide another hyperlink.
  • If you are not sure that the website is genuine and secure, never enter your credentials. If you think that you may have entered your login and password on a fake page, immediately change your password and call your bank or other payment provider if you think your card details were compromised.
  • Use a proper security solution with behaviour-based anti-phishing technologies, such as Kaspersky Security Cloud and Kaspersky Total Security, which will warn you if you are trying to visit a phishing web page.

Read Next: The growing problem associated with adware and how to stay safe

Categories
News

Digital Okta and RackNap join forces to boost cloud adoption in MENA region

Digital Okta, an Abu Dhabi based cloud services provider focused on enabling digital transformation journeys for businesses with cloud, mobility, IoT and Big Data solutions, entered into an alliance with RackNap, a cloud business automation platform, to drive cloud adoption in the MENA region.

Digital Okta leverages the best innovations in the cloud to help companies accelerate ahead. They understand that providing great customer experience is crucial to increase cloud adoption – and great customer experience happens when the services are delivered smoothly to customers, they are billed seamlessly, and get prompt support.

Digital Okta chose to partner with RackNap to automate its cloud billing and service provisioning, and to provide an online marketplace to the customers. This will help them manage service delivery for Microsoft cloud services, like Office 365, Azure and more and improve efficiency in the business processes, resulting in improved customer satisfaction.

“We always strive to provide the best service to our customers and in the current digital era, we need to deliver services with a great customer experience. RackNap enables us to achieve this and create a leverage over the competition with the power of automated service provisioning and seamless billing. After changes in Microsoft licensing, there is an increase in business opportunity for CSPs and by partnering with RackNap, we aim to boost the adoption of cloud in MENA region and serve an even bigger customer base.” said Feras Al Jabi, SVP, Digital Okta.

By associating with RackNap, Digital Okta can:

  • Automate cloud services provisioning, billing and renewal reminders centrally.
  • Offer transparency in customer billing and resource usage with online marketplace for customers.
  • Bundle cloud services with other managed services to get better ROI.

“We are glad to partner with Digital Okta – an organization that was born in the cloud. Now more than ever, customers seek better experience and want transparency. With this partnership, we intend to meet these expectations by improving customer experience in the purchase and consumption of cloud services and providing transparency in terms of billing and cloud usage. This will help to cater to increasing demand for cloud services and drive the adoption of cloud in the MENA region,” said Sabarinathan Sampath, SVP, RackNap.

Read next: How COVID has impacted Asia and its road to recovery

Categories
Articles

Scientific Thinking: Processes, methods, and approaches with reference to Deep Tech

One of the key drivers of economic growth nowadays is innovation, and it involves substantial investment in research and development (R&D). While general tech companies have made a global impact in improving the quality of life, deep tech startups are redefining the concept of innovation and are dubbed the ‘next wave of global disruptors’.

Deep tech startups are based on advanced scientific advances and high-tech engineering innovations. They have attracted unprecedented traction across all sectors and their impact is being felt everywhere.

From blockchain to advanced Artificial Intelligence (AI) to advances in biotech and medicine (picture cancer-detecting devices and fake drug detectors), this tech has the potential to solve global pressing issues and change lives, for the better.

However, building a startup that thrives on deep tech requires a different playbook due to the nascent and complex nature of these technologies. In this post, we’ll discuss the steps and scientific processes involved in establishing and commercializing deep tech startups.

1. Discovery

Akin to the ideation stage in general tech startups, the discovery stage is what lays the foundation and basis for deep tech.

Discovery is all about identifying a need that cannot be solved by the existing technology. For example, a cancer research scientist might discover that a certain type of cancer cannot be treated with chemotherapy and conceptualize new ideas about tech that could solve the problem.

The discovery phase is an important part of the design thinking process and it aims to generate, develop, actualize, and communicate ideas. As fun as this stage may sound, it’s not without challenges.

For instance, the idea might be rejected on the basis of novelty. At times, cognitive bias might kick in, causing other parties to reject the idea even without further consultation. To overcome this, it’s great to stay clear of the goals and objectives of the tech in mind and take into account every variable that might affect the introduction of such technologies.

But the discovery process isn’t exclusive to deep tech startups. Many processes that require prior planning, such as the SQL server blocking, also starts with the discovery phase. In this context, discovery entails gaining an in-depth understanding of your data systems to build a migration plan. Likewise, discovery in deep tech startups entails identifying the key pain points and gathering market intelligence that will help to support your idea.

2. Advocacy & Screening

Advocacy and screening help to weigh the idea’s potential benefits and challenges. These two processes take place simultaneously and help to squash ideas that lack potential, which is easier than having them rejected by stakeholders solely on the basis of their novelty.

This phase is very important when assessing the potential of deep tech startups for two reasons:

(i) Funding

Deep tech startups require a significant amount of capital to develop and scale. A recent Hello Tomorrow survey published by BCG revealed that developing the first prototype in biotech on average costs around $1.3 million. While deep tech has far-reaching potential, many startups seek funding in the early research phase—long before the prototype is unveiled to customers, leaving investors with no KPIs with which they can evaluate the product’s market potential.

Additionally, deep tech lacks third-party standardization, which again makes it hard for investors to assess the risks or potential returns, since there are no comparable products in the market.

However, screening helps to ease the investor’s burden in many ways. Researchers in the Innovation: Management, Policy, and Practice study identified refinement as the core advantage of advocacy & screening. If the idea has potential, advocacy and screening can help to refine and enhance it, making it more attractive and understandable to investors.

(ii) Growth Capacity

Sometimes, researchers are stymied when approached by potential investors because they’re unclear about the growth potential of their projects. Advocacy and screening help to map out the project’s future prospects and all the needs that will be addressed.

3. Research and Development (R&D)

The R&D phase is what distinguishes deep tech startups from general tech companies.

This stage encompasses experimentation and testing and lots of money is spent on design and engineering. The amount of time dedicated to R&D varies from company to company though it’s significantly longer than the time needed to develop an innovation based on existing technology.

According to data from the deep tech startups surveyed by Hello Tomorrow, it takes 4 years to develop a technology in biotech. Some advanced technologies can take longer, to the tune of 50 years. For instance, it took decades to develop the underlying technology behind AI.

During research and development, multiple experiments are done to determine the product’s feasibility. At times, the development phase can lead to new ideas as more information is gathered, and many elements tested.

The development phase has changed dramatically over the years due to the advancement of technology which has led to the introduction of robust design and prototyping tools. For example, 3D printing and computer-aided design tools have revolutionized prototyping, making it an easy and straightforward process.

4. Commercialization

At the end of the R&D phase, comes commercialization, which is the process of bringing high-tech innovations to the market. Commercialization is not a straightforward process and can be broken down into several phases, which include:

  • Initial introduction
  • Training
  • Mass production
  • Distribution

As you move through each phase, you’ll receive customer feedback and may need to refine or improve the product to meet the customer needs.

However, the commercialization process is marred by many challenges. Besides funding and lack of third-party standardization, commercialization of deep tech faces many challenges some of which may hamper its widespread adoption

For instance, since the tech is new to the market, commercialization is often hampered by lack of matching business infrastructure and human talents. It can be difficult to educate the partners and even the public when you don’t have the right resources.

Moreover, humans by nature resist change, and it can be hard for people to embrace what they don’t understand. This explains why training is critical to the success of the commercialization phase and it can also be stymied by lack of skilled personnel.

In addition to marketing challenges, industrial and cultural barriers may also thwart commercialization of deep tech. If the tech results in environmental pollution or violates certain religious or cultural beliefs, it may be antagonized by the public.

Read Next: Voice and visual expansions are internet’s next step in search tech

Categories
Articles Cybersecurity

Ten things startups need to know about cybersecurity

When starting and growing a business, fledgling entrepreneurs are usually overwhelmed with the day-to-day running of activities that they seldom consider their enterprise’s safety. Thus, most startups give little consideration in protecting their business from cybercriminals and do not factor in the cost of cybersecurity in their budget. Granted, there might be many pressing issues that demand time and finance at the onset of a business, however, cybersecurity should still be of utmost priority and integrated into every business’s plan and budget because one hack is all it takes to ruin a business.

With the rate of cybercriminals and cyberattacks rising steadily over the years, it is highly imperative for startups to not only employ the services of a cybersecurity firm but to be aware of the major causes and mistakes that make most businesses vulnerable to cyber-attacks.

Understanding the Security and Data Backup Market for Managed Service Providers (MSPs) : Acronis – Omdia Report

Here are 10 things every startup must know to safeguard their company.

1. Add cost of security to budget

Where most entrepreneurs get it wrong is at the budgeting and planning stage of their startup. They do not see security as a fundamental necessity in the early days. Consequently, they never factor in the cost of cybersecurity services when drafting the company’s budget. More often than not, this lack of foresight in security measures inadvertently makes most startups easy prey for cyber attackers.

2. Startups are not invulnerable

Most times, new founders like to nurse the notion that their startup’s relatively small size somehow makes them inconspicuous to hackers. However, what they fail to note is that big or small startup, hackers do not discriminate. Cyber attackers spread malicious malware using scripts that exploit vulnerabilities in a company’s system. If you are running a startup, do not make the mistake of leaving your business unprotected by harboring the notion that hackers are not concerned with new companies. Always ensure to protect your business against cyberthreats from the first day of launching.

3. Educate your employees

Cybercriminals exploit the ignorance of people to gain access to sensitive information. Granted, your employees are the backbone of your organization, but they are also the weakest link. It’s your responsibility to inform and educate your workers about the cunning devices of hackers and cybercriminals. The latest security protocols and information must be readily and speedily disseminated through calls, messages, and memos, to always keep your team security conscious. You can benefit from the advantages of using HughesNet Voice to communicate with members of your workforce wherever you are without having to worry about network interruptions and communications breakdown.

4. Beware of ransomware

If you have not heard of or experienced a ransomware attack before, you better guard yourself against it, so you don’t fall victim. Ransomware is a malicious software that encrypts files on a mobile device or laptop. The malware prevents you from accessing your information except you pay a ransom, after which the hacker will provide you with a key to decrypt your files. Most hackers will charge anything from $500-$3,000 as ransom. Paying the ransom does not guarantee that the hacker will provide the decrypting code, anyway. Always back up your company’s file on a secure server regularly so you can easily retrieve your files should you fall victim of ransomware.

5. Tighten your website’s security

Your website should have security features like SSL that encrypts sensitive information and prevents unauthorized access to your files. When you use an SSL certificate on your site, you can comfortably send and receive data using an encrypted connection. More importantly, if your company stores customers’ credentials online, an SSL will prevent hackers from gaining access to such sensitive files. Also, customers are more willing to trust a website with SSL security, so be sure to enable it on your site.

6. Be cautious of phishing

The easiest and most common way for your startup to fall prey to cyberattacks is through phishing. Phishing occurs when hackers create a similar webpage of a popular website and ask people for their login details. Once these hackers collect these passwords, they may steal sensitive information and sell them on the dark web. When running a startup, all workers should receive training to spot phishing attempts and never submit login details on any website.

7. Use two-way verification systems

Sometimes, hackers can discover passwords to your files when you or your employees submit such information on a phishing site. The best way to prevent unauthorized login is to use a two-way verification system that works by asking for a specially generated code after entering a password. This code could either be sent to you or a worker in charge.

8. Have varying levels of access

Not everyone is your company should have full access to complete information. The fewer the people that are privy to sensitive information, the lesser your susceptibility of being hacked. Ensure to place access restrictions on private files so that only employees with a specific clearance level can see or use such data.

9. Monitor your company’s data

Sharing information with third-party vendors is vital to build and grow your startup. Sometimes, this partnership with a third-party may come to a natural end with all access privileges logically revoked. Other times the end of partnership could be the departure of an employee. Incidentally, most startups make mistakes when they forget to cancel administrative rights and change existing passwords. Luckily, some cybersecurity firms can help you track and monitor your data, so you know who knows what and when.

10. Use security patches

Apart from phishing attacks, an unpatched machine still opens a startup to the possibility of hacking. Don’t use unpatched versions of any software, be it Flash or Java. In addition, always make sure all your security patches are updated continuously because hackers always create new programs and scripts to bypass major security systems.

Understanding the Security and Data Backup Market for Managed Service Providers (MSPs) : Acronis – Omdia Report

Conclusion

A successful cyberattack on a company can prove detrimental to the growth of a company. Sometimes, it’s not the loss of finances, it’s the damaged reputation and recession in customers’ trust that spells doom for most startups. When it comes to cybersecurity, startups should understand that the cost of employing a cybersecurity firm is greater than the benefits. Also, startups need to cultivate a culture of security consciousness from top to bottom. Employees should know that hackers may exploit their ignorance and that protection against cyberattacks begins with them.

Read Next: Security is top most requested service customers want from MSPs: Acronis-Omdia report

Categories
Articles

How to set up a poll on your WordPress website and not have issues with site speed?

So, you want to embark on a blogging adventure or on an adventure of creating your own website, but you’re wondering what’s necessary to do before starting those. Will you be able and will you know to lay a good foundation on which to build a successful and profitable blog and website later? We have good news at the very beginning – you’ll be able to! All you need is the right instructions so you don’t make some of the most common beginner’s mistakes.

Blogging is a great way to share your knowledge with those who cultivate the same affinities as you, to help them and inspire them to take the actions needed to achieve a certain result and to make money, of course. The decision to start your own blog can turn out to be one of the best decisions you’ve ever made. On the other hand, making your own website will help you promote your brand and grow your business.

Why’s WordPress the best platform for blogging and making sites?

When you start your online appearance through a blog, you’re “pounded“ by many options of various blogging platforms, such as Wix, WordPress, GoDaddy, and many others. Each blogging platform has its advantages and disadvantages.

Many of these platforms are, moreover, free platforms, some from Google, but they come with many limitations, such as you don’t get the ability to make more advanced changes to your blog, Google can delete your blog at any time, etc. But when it comes to a WordPress blog with your host, you’re the real owner and it’s your responsibility to take care of it.

WordPress is a free open-source blogging tool and content management system (CMS) based on PHP scripting language and MySQL database, created in 2003. Since then, WordPress has grown and became the best blogging platform in the blogosphere. WordPress has great looks, performance, and security options that attract many bloggers to use it.

MySQL database, on which WordPress is running, is an integral part of many web hosting services. However, there are some hosts specialized in hosting for MySQL database management more so than others. These are MySQL hosting providers and plans who are reviewed and rated on this link. Features such as unlimited databases and phpMyAdmin for file management are essential for MySQL hosting to be of quality. So, keep an eye out for the above-mentioned features when opting for MySQL services.

Given that so many blogging platforms exist, what are the reasons to choose WordPress before others?

  • Plugins
  • Free and premium themes
  • Easy to update
  • Most professional bloggers use it
  • Security
  • Support
  • SEO advantages

As for websites based on this platform, the simplest answer to the question asked in a subtitle is – because of finances. As we already said, WordPress can be installed completely free of charge. Users are given the opportunity to start working on creating their own websites immediately after installing the software.

Keep in mind that WordPress is one of the easiest software to use and that it takes quite a little bit of time to create a website, whether you have experience or not. And really, there are many other reasons why it’s good to use WordPress as a CMS for your site.

If financial reasons aren’t enough, here are some more that go in favor of using WordPress, of which some coincide with the reasons to use it for a blog:

  • Unlimited use
  • Standalone software
  • Easy to use
  • Lots of themes and templates
  • Functionality
  • Harmonized standards
  • SEO
  • Large community of users

Why are WordPress polls important?

One of the ways to improve interaction with the visitors of your blog are surveys and online polls. If you decide to communicate with your audience like that, you can get feedback on different topics in a simple way – through only a few clicks from your audience.

Use surveys and polls to find out who’s reading you and who might be reading you – their age, gender, occupation, interests, etc. Invite them to get in touch with you, introduce themselves, and talk about what they like on your blog/site. Why did they decide to follow you? What types of posts are their favorites? What kind of content gives you credibility in their eyes?

Some online services, more precisely WordPress plugins, will make it a lot easier to receive the needed info. At the same time, polls and surveys attract more users and engage them longer on your website or blog. This user engagement is also good for your website’s/blog’s search engine rankings.

But how to choose the most suitable WordPress poll plugin for your site?

  • Its design and styling features should enable creating interactive polls.
  • They must load quickly and not impact the performance of your site.
  • Multiple options showing the results of the polls and surveys (graphs, charts, etc.) should be included.
  • It should allow you to display results on multiple pages.

Having said that, in this article we’ve picked the best of the best WordPress poll plugins for you that won’t slow down your site and chase your audience away.

Crowdsignal

For creating professional polls, Crowdsignal (formerly Polldaddy) is a great, perhaps the best solution. We’ll mention that such large conglomerates as Microsoft and the BBC are among the users of this platform.

Crowdsignal supports 15 ways and forms of creating questions, from the simplest to rather complex. You can also add videos, pictures, Google Maps, and other items to your questions. You get the opportunity to brand your polls, so there are plenty of options to improve functionality. The PC app helps you collect your answers online and have it statistically processed in detail, exported in PDF, Excel, and other formats.

One of the best features is that you edit the poll using the “drag and drop“ principle, as well as the ability to add media content. Crowdsignal supports HTML and CSS sections and ways of creating a poll. You can add your logo to the created poll, integrate it with WordPress, and use the app to collect answers even when you’re offline.

Crowdsignal platform exists in free (each poll can have a maximum of 10 questions and 100 offered answers) and premium (unlimited number of questions and up to 5,000 offered answers per poll) versions.

WPForms

It’s considered the best WordPress plugin in general, and also one of the most popular plugins for creating polls. WPForms may not be a free plugin, but it has one of the most comprehensive and easiest apps. Not only does it offer pre-built templates and a drag-and-drop interface, but it allows you to use conditional logic, input management, and other features that can help you generate leads.

The online polls can be displayed in your WordPress pages, posts, sidebars, and other areas that are widget-ready. Important: its polls shouldn’t affect the speed and performance of your website.

WPForms allows you to display the poll results in graphs and charts, and gives you access to embedded poll results across your WordPress site. These results can then get exported to PowerPoint presentations, Excel sheets, and more.

While it has everything you can look for in terms of a poll, contact forms, and online registration forms, it’s not an ideal option for website owners who have tight budgets. You can use the “lite“ version without any limitations, but you won’t have access to the features that make WPForms special. To get the most out of this plugin, it’s best to wait until you start generating significant traffic.

Responsive Poll

This WordPress poll plugin falls into a group of several plugins for the purpose for which we’ve written in this article, that doesn’t have many things special but it’s worth mentioning it simply as a comparison with Crowdsignal and WPForms as the best ones. Responsive Poll is an online poll plugin that can be used to add simple and beautiful polls in WordPress, allowing you to create multiple polls and display them on the same page.

Responsive Poll has the option of adding multi-choice polls, polls start/end date, image + text choices, vivid results display, and customizing your poll designs. It comes with a free and paid version. The free version has limited features and you need to upgrade it to the premium plan to unlock all the options.

READ NEXT: How to Prepare Your Website for an Influx of Traffic

Categories
Articles

How Google PageSpeed Insights can save you time and money

In our modern world, everything is about speed. If you are not first, you are last; and if your website is running slowly, you are not only losing your audience, but chances are, you are also losing money. It is no secret that a slow page load time decreases customer’s interest. If a website user cannot actually use your website, how much use is it? Here is where Google’s free PageSpeed Insights tool comes into the game.

Generally, our attention span is very short, and most website visitors expect a website to take no more than two seconds to load. Your site may offer the freshest content, the most creative design, and top-notch service, but if your load times are too slow, you will struggle to increase your monthly visitors. On the off chance that your pages take longer to load, a lot of users will leave and find what they were looking for somewhere else. Faster Loading times equal a better user experience (UX) and, with it, lower bounce rates.

Google PageSpeed Insights will not just help you to identify what is slowing you down; it will also give you the keys to online success and the power to take control of your website.

What is Google PageSpeed Insights?

Google PageSpeed Insights was created as a free web performance tool that can help you make your website faster and more mobile-friendly. It analyzes how your web pages run and can show you the necessary steps it needs to improve the page load time by following recommendations on best web practices.

The tool measures the performance for desktop and mobile devices and provides reports as well as an overall score of the performance of your pages. Using the information collected, it also makes suggestions on how it can be improved. The PageSpeed Insights Score ranges from 0 to 100 points, where a higher score stands for better performance.

Why do you need PageSpeed Insights?

A lot of users will abandon a page if it takes too long to load, and most will go try  your competitor’s website instead of accepting any more delays. While headlines, the design of your website, or the right placement of a Call-To-Action (CTA) button are important, the page load time is absolutely essential for your conversion rate. If you do not want to deal with a high bounce rate, it is time to start using Google’s PageSpeed Insights tool. After you perform the tests on your site, you can make any necessary corrections needed to increase your score. The goal is to keep your web page size down and optimize everything you — or the tool — can possibly think of. 

How you can improve your score

As mentioned above, the best way to increase the time a user stays on your page is by delivering a fast and enjoyable UX. The score report will present the areas where it detects loading issues in yellow and red (depending on how bad you are scoring), which shows you where you should focus your efforts.

In the following, we will explain the various error messages and give you suggestions on how you can improve your rating. Moreover, once you understand what causes the issues, it will become easier to avoid them in the future.

  • Prioritize visible, above-the-fold content

Your page load time is not just determined by how quickly your page loads, it is also connected to perceived performance, which describes the feeling a user has while it loads. If the code is structured incorrectly, it can create a lag for content on top of the page, which makes the page load time appear slower. You can improve it by prioritizing the loading time of the areas that are likely most important to the user. Therefore, you should concentrate on the content above-the-fold to load first.

  • Avoid landing page redirects

If your website was not created for responsive use, which means the page adjusts itself to the device that is being used, it could result in a redirect. You want to avoid that a page user is redirected to an optimized page, and the additional seconds this adds to the page load time. You can prevent this problem by opting for responsive web design. 

  • Enable compression

If you serve the full content of your page with uncompressed files, your page load time can go up by a lot. By enabling gzip, a file format used for file compression and decompression, the page can shrink in size and deliver much faster load times. Compressed files allow a web server to provide faster requests to your users.

  • Improve the server response time

When a user opens a website, the web browser he or she uses sends a request to your server to view your content. The server response time refers to the time your server needs to begin loading the page content. It can be slowed by a number of factors like slow routing or database queries, but it mainly depends on the hosting platform you have chosen. There are some options out there, like the Secure Web Accelerator with DDoS protection from 101domain, that offers you excellent server response time with increased uptime, and protection from malicious cyberattacks.

  • Optimize your images

Graphic elements like pictures, logos, or icons can harm your page speed; in fact they can be responsible for up to two-thirds of your page’s total weight. But taking care of this part of the score is relatively easy. Start by checking all the pictures that are included on your page and evaluate if you really need them. If you decide to keep them, you can use free tools to optimize the size.

  • Leverage browser caching

A web browser needs to display various items to load the page completely, and this can take time. Caching allows a browser to remember what was previously loaded, which will result in a faster page load time. The more elements your browser can cache, the fewer it has to load when a user makes a request. Your best bet is to follow Google’s recommendation of a minimum of one week of caching.

  • Minify CSS, HTML, JavaScript

When you code a page by using unnecessary or redundant HTML, CSS, or JavaScript data, it can affect how the resources render in your browser. Removing this data without affecting how the page is processed by the browser can speed up your web pages considerably and increase your score.

  • Remove render-blocking JavaScript

If Google’s PageSpeed Insights tool tells you to eliminate render-blocking JavaScript, you have to deal with JavaScript code that is affecting the loading process for above-the-fold content on your page. Keep in mind that synchronous scripts pause the entire page-rendering process, while asynchronous scripts, on the other hand, allow a browser to load elements simultaneously.

Conclusion

Whether you like it or not, playing by Google’s speed rules will drive down your load time. Using the free tools, the company is providing, can help you improve your page speed and give you the best chance to succeed online. A recently published article from the experts of the WebDesignBooth will provide you with additional insight on how you can speed up your website’s performance even more.

Read Next: The history of web hosting

Categories
News Partnership

ZNet and Plesk bring SolusIO virtual infrastructure management solution to help ISPs, MSPs and CSPs address digital transformation challenges

Image Source: SolusIO

ZNet Technologies (https://www.znetlive.com/), India’s leading cloud distributor offering cloud infrastructure and managed services, today announced that it will step up its product portfolio with SolusIO, a new platform best suited for in-house virtualization and cloud hosting solution. With SolusIO, businesses will be able to prioritize customer experience and get a better way for simplifying virtualization management.

SolusIO offers a set of powerful virtualization technologies, including support for hypervisor and container-based virtualization. It utilizes cloud-init for configuring and managing virtual servers, permitting maximum compatibility with the pre-built images available from leading vendors. It allows users to modify or build their own images without additional costs.

SolusIO, a Plesk product, will help ZNet Technologies – a distributor of Plesk solutions in India, to eliminate virtual infrastructure management complexities that enterprises and ISPs experience, with blazing fast, on-demand VMs, a simple API, and an easy-to-use self-service control panel for the customers to grow their business.

“SolusIO has already been deployed a few thousand times among its 500+ beta testers. We can’t thank our community enough. We’re now relying on our partners’ contribution to show SolusIO to the entire world, as we continue to improve and shape it into the best in-house virtualization and cloud hosting solution.” stated Plesk CEO Nils Hüneke.

Munesh Jadoun, CEO, ZNet Technologies said, “SolusIO is an innovative product by Plesk. With it, hosters can launch their own self-service based VPS offering with world-class User Interface (UI) in an automated way. This will help them in getting better returns, while providing state of the art services.”

SolusIO v1.1 has been released recently. Read the full announcement here.

Key features of SolusIO:

  • Customizable, self-service control panel.
  • Support for cloud-init
  • Open vSwitch support
  • Simple, user-friendly API
  • Integrated with Plesk, cPanel and WHMCS
  • Support for managed services
  • Ubuntu 20.04 support

For more information, visit www.solus.io.

READ NEXT: Enhancing on-premise solutions market in India: ZNet becomes a distributor of Acronis

Categories
Articles

7 API testing tips for beginners

API testing is the process of testing APIs (Application Programming Interfaces) and their interactions to ensure that they deliver the proper output. A lot of testers’ occasionally miss out on API testing while performing UI and functional testing. Such errors happen because of the complexity of finding bugs through the various connections between networks, databases, and systems.

Here are some simple tips for beginners to help them carry out API testing.

1) Document the API requirements

Before you carry out any testing, it is essential to document the purpose of the API and the application workflow. You should also record all integrations that the API supports, and the various functionalities as well as the features of the API. With such a document, it becomes easy to strategize the API testing process.

2) Determine if you have the correct API

 You need to ensure that APIs in use are appropriate for the development of the application. For example, teams that work on geolocation and weather application development utilize weather APIs. If you are working on something similar, you can get better test results by choosing one of the APIs recommended by RapidAPI.

3) Identify the expected test results

Once you have well-defined requirements, you must finalize the expected output of the tests. Some outputs are binary, i.e., they have a pass or a fail status, while some tests may not have an output. Carrying out such an exercise makes it simpler for you to address any challenging test output. 

4) Use small test cases

 API testing brings the best results when you use small test cases. Doing so helps you gain a clearer understanding of whether you get an expected output or an unexpected one. After carrying out small tests, you can quickly put together the various API functions that gave successful test results.

 5) Automate your testing procedure

 Manual testing is a tedious affair. Automating the testing procedure speeds up your entire process. Using API test automation tools will help you get quicker results. Some of the factors to consider while choosing such a tool are:

– Does the testing tool support carrying out tests on the API/Web services that your application is using?

– Does the testing tool support the authorization methods your API uses?

– Does the testing tool support data-driven testing methods?

6) Carry out security testing

 A lot of beginners underestimate or ignore security testing. Nowadays, hackers can quickly identify system vulnerabilities and exploit them. It is your job as a tester to carry out API security testing to ensure that the application under test is secure from external threats. One way to do this is to write tests that invoke the API functions without implementing appropriate security rights.

 7) Define entry and exit points

 You should define the entry and exit points of individual tests as well as the start and end of the entire testing process. Doing so helps determine how the API test performs. It also enables you to decide how to schedule upcoming tests.

Suggested Reading: Microsoft’s GitHub buys Pull Panda for effective collaboration among development teams

In Summary

Rigorous API testing is critical in this day and age of technology undergoing a shift in the direction of IoT and Artificial Intelligence. Following the above steps will help you as a beginner to get a handle on API testing. As a result, you will be able to test and deploy secure applications without compromising on quality.

Read Next: Singapore Unicorn Acronis Released The World’s First Complete Cyber Protection Solution, Tailored To Fight Pandemic Cyberthreats And Improve Remote Work

Categories
Cloud News New Products News

Singapore Unicorn Acronis Released The World’s First Complete Cyber Protection Solution, Tailored To Fight Pandemic Cyberthreats And Improve Remote Work

Enabling service providers to cut costs and defend their clients against cyberthreats through AI-powered integration of data protection and cybersecurity – with total Zoom security, COVID-19 URL filtering and a 100% detection rate

Acronis, a global leader in cyber protection, announced today the availability of Acronis Cyber Protect, an innovative new cyber protection solution that integrates backup, disaster recovery, next-gen anti-malware, cybersecurity, and endpoint management tools into one service. Acronis Cyber Protect eliminates complexity, improves productivity, and enables managed service providers (MSP) to efficiently make security a focal point of their portfolio – ensuring their business can meet client expectations for data, applications, and systems security and protection.

Related Reading: Enhancing on-premise solutions market in India: ZNet becomes a distributor of Acronis

The primary challenges MSPs face are complexity, inadequate security, and low productivity. The lack of integration between the patchwork of vendor solutions they use to build their services decreases security, complicates employee training, productivity, and usability – all while increasing support and licensing costs with multiple vendors. Acronis Cyber Protect changes the game by giving MSPs a single solution to deliver backup, anti-malware, security, and endpoint management capabilities such as vulnerability assessments, URL filtering, and patch management.

These integrated capabilities create new opportunities for MSPs to deliver enhanced cybersecurity. With Acronis Cyber Protect, MSPs can proactively avoid cyberattacks, minimize downtime, ensure fast and easy recoveries, and automate the configuration of client protection to counter the latest cyberthreats. The result is improved margins, better profitability, easier SLA compliance, greater performance, and decreased churn – all at a lower cost.

Planned since last year, this is a truly unparalleled solution that’s been custom-made to help businesses that were caught off guard by the pandemic. A cyber protection life vest for MSPs struggling to cater for their customers changing needs.

Suggested Reading: India vulnerable to ransomware attacks: DSCI-PwC report. How to prevent your organization in 2020?

AV-Test, the respected German security institute known for putting malware security solutions through rigorous testing on a  computer running Windows 10 Professional – testing both the status and dynamic detection rates of Acronis Cyber Protect, scanning a set of 6,932 malicious Windows executable (PE) files. Acronis scored perfectly with a verified 100% detection rate, and delivered a perfect result in the lab’s false-positive test, causing zero false positives. More information about the test is available here.

Acronis recognizes that even with these test results and AI-enhanced protection, it is impossible to achieve 100% security at every moment. If a threat does slip through the security measures, Acronis Cyber Protect provides the best business continuity to ensure businesses are able to restore affected data, applications, and systems quickly and effectively.

Helping MSPs secure remote work amid COVID-19

Acronis rapidly developed a holistic set of features for Acronis Cyber Protect to help MSPs and their clients smoothly and safely meet the challenges of today’s remote work environments including:

  • To help with finances: The ability to pause billing for non-paying customers while preserving their backups; Launched Acronis #CyberFit Financing and promotions through July 31, 2020; No extra charges for Acronis Cyber Protect and no billing for Acronis Cyber Backup for new clients
  • To help protect employees: Voice-enabled, touchless control for remote connections to office machines for end-users; Security alerts from Acronis Cyber Protection Operations Centers related to COVID-19
  • For remote work devices and users: Default templates with secure protection plans for remote work devices; Native VPN capability; Secure file sync and share integration; Remote data wipe

The industry needs unified, modern cyber protection

“Traditional backup solutions are dead because they are not secure enough, and traditional anti-virus applications do not protect data from modern cyberthreats. Legacy solutions are no longer able to counter the dangers today’s businesses face,” said Acronis Founder and CEO Serguei “SB” Beloussov. “Service providers need to offer their clients integrated cyber protection that covers all Five Vectors of Cyber Protection – safety, accessibility, privacy, authenticity, and security. With Acronis Cyber Protect, service providers have the ability to deliver solutions that ensure their clients are #CyberFit and ready to face any new threats.”

Acronis Cyber Protect is a demonstration of the power of integration. It features one unified licensing model, one agent and backend, one management console, one user interface, and a high level of integration among services – sharing data and automating actions to greatly improve the security posture for endpoint and edge devices.

“The unique cyber security features of this solution are yet unrivalled on the market, they will allow businesses in India to operate remotely securely and indefinitely – even after the pandemic is over,” said Munesh Jadoun, CEO, ZNet Technologies, a distributor of Acronis solutions.

“The unique integration of AI-powered data protection and cybersecurity in Acronis Cyber Protect enables Ingram Micro Cloud to satisfy the cyber protection needs of service providers, small and medium businesses, and enterprise-edge workloads,” said Tim Fitzgerald, Vice President, Cloud Channel Sales, Ingram Micro.

“Acronis is among the companies on the forefront for integrated data protection and cyber protection,” said Phil Goodwin, Research Director, Infrastructure Systems, Platforms and Technologies Group, IDC. “We believe that Acronis Cyber Protect is among the most comprehensive attempts to provide data protection and cybersecurity to date.”

The Acronis Cyber Protect roadmap expands the availability of Acronis Cyber Protect to businesses worldwide, with an on-premises edition scheduled for release in the second half of 2020. Until then, any customer can leverage the advantages of Acronis Cyber Cloud as a managed service through their MSP. A personal version of the solution is also planned for release in Q3 2020.

Availability and Promotions

Please visit https://www.acronis.com/en-us/business/cyber-protect/ to sign-up online or request a fully-functional trial. To support businesses during the COVID-19 pandemic, Acronis Cyber Protect is available at the same cost of Acronis Cyber Backup Cloud for all service providers until July 31, 2020.

Read Next: ZNetLive rolls out Acronis Backup Cloud to provide businesses with constant data availability in changing threat landscape

Categories
Articles

Smart Card Attacks: How to Protect Your Cards

Completing a transaction, opening security systems, and achieving diverse other operations in this smart technology era may only require a simple smartcard swipe. Smartcards use has continued to gain popularity over the world, and security attacks have increasingly targeted owners and users. Information on technology-based use and applications is always available to keep you ahead of an attack.

Smartcards use microchip technology and secure authentication to provide security and have been relied upon to give the go-ahead for data transfer in a multitude of transactions. As robust as they seem, smart hackers have found various techniques of observing their operations aimed at gaining access to credentials, funds, and information contained in the microchips.

In this article, we aim to provide you with adequate information to ensure you protect yourself from hackers and the continued safe use of your smartcards.

Ensure Your System is Secure

If an attacker successfully gains access to a computer device connected with your smartcard, it’s super easy to complete transactions using your card. Most successful attacks result from unpatched software, or because you’re running something you shouldn’t.

The smartcard technology is of no effect once attackers gain access to your computer device because it’ll be easy for them to authenticate transactions, posing as you. They achieve this by copying digital certificates from your local cache if available or keying in your PIN at requests.

To protect yourself, ensure you don’t fall for click baits. Ensure the software you install is not compromised and regularly run anti-malware software on your computer.

Suggested Reading: Enhancing on-premise solutions market in India: ZNet becomes a distributor of Acronis

Keep Your PIN Safe and Secure

Smartcards are different from RFID cards, programmed to produce specific codes once activated. RFID cards are powered by a magnetic field and use radio frequency to transmit. Hackers can steal information from this kind of card by setting up RFID proximity readers and collecting IDs from unprotected cards.

Unlike RFID cards, smartcards use Personal Identification Numbers (PINs) for protection. They have a memory that can store information and employ a “challenge and response” system while communicating with a transaction terminal. It means, before completing a transaction, you would have to provide your PIN at the terminal.

Physically protect your PIN and don’t freely expose it to fraudsters.

Guard Against Hacks From Your Transaction Terminals

Hackers can stage attacks on your smartcard at transaction terminals. There’s a way to obtain credentials during communication between your card and payment terminals.

To enhance your safety precautions, remove your cards immediately upon completion of payment submission. Payment terminals should ideally be standalone machines, and not used to access other web services.

Owners of such terminals owe the responsibility to ensure software used on such terminals has an appropriate patch and support. Terminal operators can run anti-malware software periodically. It’ll reveal attempts at hacking card credentials.

Consider Using Mobile Phones Instead

Your phone can serve as a payment gateway for you. Setting up your device for mobile payment and connecting it to a smartcard is pretty straightforward. There’s a pool of apps you can download and use to handle your payments.

Using apps is safer than cards. Apps generate a one-time authentication code, used solely for the current transaction. The chances of losing this code to hackers are slim, and even if you did, it’d be of no use to them. Ultimately, a smartphone reduces the chances of having your card credentials stolen.

Most payment terminals equally accept scan payment using mobile phones, and you’re not limited by where your phone can serve.

Use Cards from Trusted Suppliers

Where you get a supply of your cards is an essential factor for consideration. Cases exist where one or two members of staff to companies attempt stealing card credentials. Some companies equally fail at providing adequate security measures for their cards.

Using smartcards provided by trusted establishments like Cardzgroup, for instance, will eliminate fears of losing your card credentials from company negligence.

Cards are easy to be mixed up. Fraudsters can smartly exchange your smartcard if you have no means of identifying it. Ensure your name is on your card and unscripted with high print quality and durability, such that at the expiration of your card and possible recycling, the inscription would still be clear.

Page 3 of 7
1 2 3 4 5 7