Blog

News, opinions and updates from the Virtuoso team.

May
31

Virtuoso launch Local Government IoT platform and Mobile Citizen Engagement Solution

PSS-LDN-2018

Continue Reading
May
16

10 Free Microsoft Apps and Tools to Boost Productivity

As our lives get busier, we’re all looking for ways to boost our productivity. The good news is that there are an abundance of apps and tools out there to help you increase your productivity. From to-do list apps to note-taking tools, browser extensions to image storage, Microsoft has got it covered and sometimes you just need a point in the right direction to discover these handy time-savers at your fingertips.

Continue Reading
May
09

8 ways to improve Community Engagement in Local Government

Community Engagement is a very visible and effective step on the path of digital transformation. Communities need personalised, targeted communications in order for them to feel that they are getting value from their council on the services they care about. With so many places where people can find information it is becoming harder to cross the digital divide. Because of the sheer diversity of available communication channels, it is easy for communities to feel disengaged because they just don’t know where to look.

Continue Reading
Apr
05

Microsoft 365 Adds GDPR Tools And Makes Teams The Hub For Communications

Microsoft updates enterprise suite with compliance, security and usability tools ahead of GDPR next May, while Teams replaces Skype for Business as main comms tool

Continue Reading
May
06

Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe

Not too long ago, the New York Times’ website experienced a well-publicised attack, which raises the question – how can this happen to such a world-renowned organisation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive?


The short answer to that question is nothing. In the New York Times’ attack, the attackers changed the newspapers’ Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is.

The perpetrators of the New York Times’ attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS.

Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Times’ site.  The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted. Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.

For now...

There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road.

Here are a few ways to stay safe

Select a Registrar with a Solid Reputation for Security Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files.

Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack.  It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Times, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.

So what else can be done?

Set Up a Registry Lock & Inquire About Other Optional Security

A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.

Ask your registrar about registry locking and other additional security measures like two factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.

While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.

Continue Reading

Enquire now