01905 426364info@backofficeit.co.uk
01905 426364info@backofficeit.co.uk

Category Archives: Security and compliance

Home » Security and compliance

Look after your customers – reboot your router!

Posted on
By:Mark Pattison
A typical WiFi router

A typical WiFi router

If you offer WiFi to your customers you are probably letting them down! Whatever you might think about customers coming to your café, and then sitting glued to their smartphones, it is a service that most people expect. Certainly if you offer it then it’d better work! I’m sure you think everything is fine. Your customers – probably not so much! So, what’s the issue here? We need to go a bit technical, but the fix is easy!

Here are the salient points:

  • For a device (laptop, mobile, whatever) to connect to your network it needs an address. We don’t need to get too technical, but just know that there’s a limited number (about 200) available & each device has to have a number different to anything else on your network.
  • When the device connects, your WiFi router will hand it an unused number from it’s pool.
  • When the router runs out of unused numbers then no more devices can connect.

You might think 200 devices is plenty – and, in a domestic environment, it is. But in a busy shop, café, railway terminal etc. it’s not that generous. Sure, the provision of the number to a device has an expiry built in (called TTL or Time To Live). This means that, when a customer leaves, their number will eventually be returned to the pool for re-use. But, judging by the number of times I fail to connect to a facility’s WiFi, it doesn’t happen fast enough.

What does it look like when your customers suffer from this lack? Their mobile will say “connected, obtaining IP address” and not have Internet access.

So, what can you do?

  • The first, and easiest, remedy is to regularly power-cycle the router. Yes, the old “turn it off, then turn it on again!” trick. Make this part of your morning start-up routine.

For the rest, we need access to the router – more specifically the DHCP portion. If this is beyond you then you can always give us a ring.

  • Inspect the DHCP ‘pool’, and ensure it’s a big as possible. Different routers display the setting in different ways. But you should make sure that the pool is at least 225.
  • Turn down the TTL. This is normally expressed in seconds, so 3600 is one hour. Probably plenty. If this is too large then the router will hold onto that allocation well after the customer has left*.
  • Change the WiFi password regularly. If you don’t then that one-time visitor from last year will walk past your café, automatically connect, and bag an address from the pool.

A few notes for the curious.

  • What we are talking about here is IPv4 addressing. This is generally expressed as four clusters of three digits (e.g. 192.168.121.064). You can’t fiddle with the first three clusters, it’s only the last one that changes: and it varies from 000 – 255 For various technical reasons you can’t use the first or last. And the router will use one, generally 001 (or 254 if you’re a BT customer). I generally set the pool at 011 – 240. If you are really curious have a look here.
  • If the TTL expires while the device is still connected it simply gets renewed, so not a problem.
  • If you have ‘static’ kit (network printers, tills, card machines etc.) then always deal with these using a “DHCP Reservation” – NEVER NEVER allow them to have a “hard-coded IP address”!

Blocking scam emails

Posted on
By:Mark Pattison

I thought you’d like to see what all this email compliance effort looks like in practice. The image is of stats for our outgoing email, as seen by our monitoring system. The green represent compliant (i.e. genuine) emails that we have sent – viewed as a percentage of our mail traffic. The red represents non-compliant (i.e. scam) emails that we didn’t send (mostly originating in Russia). There is a lot of them! These emails claim to be from us (i.e. someone @backofficeit.co.uk) – but, because they fail the compliance checks we have put in place, the receiving servers have blocked them. Which is what we want.

It’s to avoid this deluge of scam emails that servers around the world are tightening up on compliance. If your email is non-compliant one of two things are going to happen.

  1. People are going to receive scam emails claiming to be from you. This is why many professional bodies are now insisting that email systems are made compliant, because you can see how much damage this could cause.
  2. Well-behaved servers will receive your email and, because it isn’t compliant, delete it just to be safe.

I leave it to you to decide which is the worst option.

What amazes me is how many people we tell about this have still not done anything about it. Apart from an hour of someone’s time there is no cost*. And yet we point all of this out to people and, weeks later, nothing has improved. Why? It just needs to get done.
* For all the features & delivery stats there is a small annual fee. But the important basics are free.

The end of Windows 10

Posted on
By:Mark Pattison

Winver displayMicrosoft are starting their countdown to the end of Windows 10. If you have the very latest version (Windows 10 22H2) then that date is October 14th 2025. Older versions expire sooner! An yes, this is because Microsoft want you to move to Windows 11!

What does this mean to you, and what do you need to do about it? Let’s dive in.

  1. What version have I got? To find out type winver into your computer’s search box on the taskbar & press return. You’ll get a box like the one in the illustration. You can see my PC is Windows 11 Version 23H2.
  2. When does my version expire? Microsoft have published a guide here.
  3. Can I update? If you go to the Windows Update task on your computer you’ll see what you can update on your current system. This page will tell you if you can update to Windows 11 – or not, as the case may be.
  4. Should I update? In general, the answer is ‘yes’. Keeping your Windows (indeed, all your software) updated is a crucial part of maximising the security of your system.
  5. My machine says I can’t upgrade to Windows 11 – what can I do? In general this means a new PC/laptop. This is because certain key security features in Windows 11 rely on bits of hardware that may not be present in older systems.
  6. And if I don’t? Your PC will not stop working overnight! What will actually happen is that Microsoft will stop researching & developing fixes for problems within the Windows10 operating system. The concern is that should a hacker discover a flaw in Windows10 they can exploit it a will, as the flaw will not be discovered & remediated by Microsoft. If you are a domestic user then that might be a risk you are willing to run. For a business user, however, this is unacceptable. Your Cyber Essentials certification, and probably your business insurance, let alone your liabilities to your customers & suppliers would all be in a dire straight, should you be running an unsupported version of Windows.

 

As ever, if you need help or advice, give us a ring on 01905 426364