What’s the Deal With GDPR Compliance?

How Data Protection Affects You

GDPR, or General Data Protection Regulation, is a regulation from the European Union that helps protect web users’ data.  Wait, I know, I know.  Before you say it: You are in the United States!  But before you hit ‘delete’ calling this irrelevant, let me explain how it affects you.

If you collect names, IP addresses, session cookies, or e-mail addresses (which most websites do), you collect personal data. This personal data should be protected, right?  True.  But starting May 25th, some US websites were also required to abide by new European website privacy laws.  Of course my head was spinning trying to understand why we should be required to follow European laws.  So I did some research.

After digging deeper, this law will apply if you market (even by accident) to the EU (European Union) or a country within.  Business owners with no market share in the EU, who don’t target the EU in marketing, and don’t own an overseas domain name, have little to no required changes to make.  Or do you?

For those that might be (even inadvertently) marketing to Europeans, and those wanting to tighten your own privacy reigns, let’s take a look at their laws.  The theme is this: Be more transparent with your potential clients.  We can all learn about transparency and protecting our clients’ data!  So here are the highlights behind this regulation.

  1. Explain who you are, how long you’re keeping user data, why you need it, and who on your team or externally has access to it
  2. Get explicit and clear consent to collect data through an opt-in
  3. Give users access to their own data, the ability to download it, and to delete it from your records completely
  4. In the event of a hack or security breach, let your users know about it

So these aren’t too bad.  But the fines for not complying are!  “You could get fined 2% of your worldwide annual revenue for failing to disclose a data breach, or up to 4% for failing to ask for user consent when storing data.”1

What should I do?

Perhaps you don’t market to the EU and don’t service these clients.  It’s probably a good idea, however, to have an easy-to-read privacy policy and explanation on how you use personal data.  Get to know what personal data you actually collect, and make sure it’s being handled with care.  Lastly, (this will also improve your Google ranking) get an SSL to protect personal data in transit from your server to your customers.

If you sell or market to Europe (or the EU), now is the time to pony up and get that privacy policy written.  Get a clear statement on how you handle cookies and personal information.  Check out these easy-to-read articles by Elegant Themes here and here.  Also, you can check out this article by Fortune and this one by Forbes.

If you need help with compliance, we’d be glad to offer suggestions or setup your pop-up!

1 https://www.elegantthemes.com/blog/resources/a-quick-guide-to-data-protection-regulations

 

So I Think I’ve Been Hacked!

10 STEPS TO RECOVER FROM A COMPUTER HACK

So you think you've been hacked?So a friend tells you that you’re sending spammy-looking emails out.  But it can’t be–you had no idea.  You even check your sent email folder to see if you’re crazy, but all the emails look familiar.  You respond bewildered to your friend, not knowing what to do.  Have I been hacked??

The first thing to do is stay calm!  Part of the scam here is to get people worried and scared that everything on their computer has been stolen, which is terribly unlikely.  It’s most likely that this message was spoofed with your name and/or email but that your email wasn’t hacked.

If you think your computer has been hacked, but no-one has contacted you about a strange email, start at step 4.

Let’s do some discovery. Then figure out how to get cleaned up!

1. The first thing to do is to get a copy of the email “headers.”  This is the code sent through the servers that contain an email.  The headers are found by different means in each email client.

In Apple, click View —> Message —> Raw Source
In most Outlook versions, open the email in a new window, click File —> Properties
In Gmail, Click the down arrow, then click Show Original

All headers read from newest to oldest, so the top being the latest messages and the bottom being the originating headers.  So look towards the bottom of the header and search up for the first instance of these:

Look for:
“Received From: example1.com” and this server is who really sent the message
Look for the next “by: example2.com” to see who then received the message
X-Mailer is the device used to send the message.
You can also look for the line “DKIM-Signature” and find the d=somedomain.com.  This is a third party sending an email but is authorized by somedomain.com.

 


Example Header


*A more simple solution is to paste the header into Google’s Header Check at https://toolbox.googleapps.com/apps/messageheader/ and confirm the servers used match the real sender

If example1.com matches the From name domain, then this verifies this email as legitimate.  If you notice that the example1.com is somewhere located in India or Belgium, completely different than the sender, it’s fair to say that this was a spoofed email.

If you’ve been spoofed, then it’s time to tell your friend that he/she should run their virus and malware scanner and add that sender to their blocked list (since it really isn’t you).  In this case, that’s all.  Spoofing happens all the time and there’s little you can do to prevent it.  You haven’t been hacked, nothing has been stolen.  No need to proceed to #2.

But, if your discovery from above shows the email to be legitimate, then someone is likely sending email on your behalf.  This changes things.  If you determine someone is sending emails on your behalf (or you aren’t sure), then you should take some action. Go on to #2.Virus Stamp

2. Change your email password(s) and security questions immediately.  If you have a lot of sensitive information on them, consider enabling 2-factor authentication.  If your email has been blocked or you can’t log in, Use the recovery methods provided by the email company.  Check your contacts list to make sure it’s still there.

3. Notify your friends that you’re account has probably been hacked and to not open any strange emails from you, especially attachments.

4. Virus Scans. Run your Antivirus Scanner in “Full Scan” mode.  This will take a while, but you need to do this.  Consider running a full Virus scan on your other computers to make sure nothing has spread.

What Virus Scan?  Use whatever virus scan you have installed or consider switching to Kaspersky or Avast, which have the top ratings in 2018, if you think it’s not finding the virus.  The best FREE antivirus is Avast, rated by Toms Guide and PC Magazine.

Free vs. Paid?  Well, under normal conditions I recommend using free virus scanners.  They usually take less resources and don’t bog the computer down when running a scan.  However, these are circumstances I’d recommend a paid service:

  • You have kids (or you) like to click on a lot of things, not always knowing if it’s safe.
  • Your computer stores a lot of sensitive information.
  • You want to “set it and forget it” and don’t mind paying for it.
  • You think you may have been hacked big time!  Now’s probably the time to pony-up.

 

Do I have a virus?

5. Run a good malware scanner.  Malwarebytes.com has a free one.  For serious hacks, consider paying for a virus and malware scanner combo.  Avast has a very reputable one this year.

6. Make a backup of your computer.  Everyone should have a backup! Google “creating an ‘Image’ of your hard drive.”  Keep this backup in case things get worse.

7. Contact Credit Agencies.  Depending on how much sensitive information is stored un-encrypted on your computer (ie. bank info, social security numbers), consider contacting the credit agencies to see if anything has been run through your credit.  Change banking and other sensitive website accounts you use online.  If you don’t save a lot of this type of information, you can skip the hassle.

8. Run a scan of your Windows Operating Files to be sure your operating system is running correctly.  To do this, in the search field, type “Command” without the quotes.  Right-click on the Command Program and “Run as Administrator.” On a command line type “sfc /scannow” without the quotes.

9. If you can’t access your computer, follow instructions given by LifeWire.

10. Monitor your computer!  If, after trying all of the above steps, it’s slow, freezes, restarts on its own, the next step is to reinstall Windows.  But that’s for another article!

Feel free to reach out to us if you need any help.  We offer free consultations by phone or through the help desk.  Happy computing!

 

Make a Website Yours – It’s Simple

Getting a website going doesn’t feel like small potatoes!  Creating logos, styling, creating the content, and cost can all seem so overwhelming. Where do I start?  Is it worth the investment?

Well, listen up!  I’ve got you covered.  I’ll share a few things to ease your mind.

Let this information sink in:  About 81% of adults have a smartphone and use it over 1 1/2 hours a day to look at media (stats by Nielson Co.).  It’s wild to think about!  That’s a whole lot of eye balls potentially viewing your products or services!

3 Benefits of a Self-Hosted Website

1. A Website Makes You Visible

It’s a noisy, distracting world out there.  How is your business seen unless it stands above the crowd?  Window shopping is now done by searching Google (notice I didn’t say Facebook) before making a purchase.  Your website becomes a platform for you to stand above the crowd.

2. You Can Be Heard

A website is your place to be heard.  Here’s where you share the heart of your business. Once you capture their attention, you are able to provide value to these prospects, even on a large scale.
You’ll then also be able to:
  • Provide Value
  • Give Credibility
  • Convey Your Company Values
  • Make Your Business Legitimate
  • Provide Another Marketing Channel

3. Engage With Your Audience

Social media has changed the way we do business.  A website is no different!  You can engage with your REAL customers that come to your site, collect information, gather feedback, and more!

 

Don’t Make It Too Complicated

Here’s what you need…

1. You need a website name (domain name).  Need help choosing a name?  Check out this article here.

2. You’ll need, well, a website.  This is the creative aspect and initial investment.  This may help you see what services you’d need.

3. Then you’ll need a company to “host” the website on their computer.

The hardest part is gathering good content and quality pictures!

All of these things can be done on your own or done with the help of a web design or marketing company.  Obviously the cheapest, but sometimes least professional way, is doing things all on your own.  If you are gifted this way, great!  I’m happy to be a resource for you to call with questions.

Doing it yourself can be tiring, though.  If it would distract you from what you really need to spend time doing, then have someone help you.  But avoid the temptation of using sites like Wix, Squarespace or WordPress.com, which you wouldn’t fully own in the end.

I’d love the opportunity just to talk with you about your specific situation and how we can meet your individual needs.

 

3rd Annual Earth-day FREE Recycling

Our 3rd Annual Earth-Day FREE Recycling Event Takes Place April 13-23rd! 

We are excited to be able to help you out around the house while keeping electronics from our landfills.  Since we are a computer company, we can’t think of a better way to help out!  We are also extending the recycling this year to include batteries (any household type, including lithium) and those mercury-containing light bulbs.

If you are local and want to participate, read more…