Feature Friday

8 posts

Posted September 15, 2017 | Feature Friday | No Comments »

Feature Friday: 5 Cyber Security Issues and how to Address Them

We’ve got a brilliant Feature Friday to share with you this week from Pulsant. Since 1995, Pulsant has been “providing high-quality IT infrastructure services” and now have 15 datacentres in 6 different locations around the UK. This article was written by Director of Professional Services, Todd Whaley, and details 5 ways in which businesses can experience cyber security issues and how to solve and prevent them. So, let’s hand over to the experts to find out more…

Feature Friday: 5 Cyber Security Issues and how to Address Them


5 Cyber Security Issues and how to Address Them

Cyber security has worked its way to the top of the business agenda over the last few years. The reason is easy to understand; just consider that cyber criminals managed to steal £124 million via the internet in 2016. Add to that, it’s estimated that in the first quarter of 2017 alone, UK businesses suffered 43,000 attacks…each. It is not, however, all doom and gloom as far as cyber security is concerned. There are many ways to combat attacks and keep organisations protected, which I’ve summarised in my blog below:

1. ZERO DAY VULNERABILITIES

A zero-day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it — this exploit is called a zero-day attack.

There is little that you can do to combat a zero-day vulnerability. A typical enterprise uses firewalls, intrusion-detection systems and antivirus software to secure its mission-critical IT infrastructure. These systems offer good first-level protection, but despite the best efforts of security teams, they can’t protect enterprises against zero-day exploits. By definition, detailed information about zero-day exploits is available only after the exploit is identified.

A good security team will have reliable, preventative security practices in place. These include:

  • Real-time protection software deployed like intrusion-prevention systems (IPS) that offer comprehensive protection
  • Well planned incident response to immediately combat a security breach
  • Mechanisms architected into the network and infrastructure to quickly prevent the spread of the security breach

How to prevent zero-day vulnerabilities

Patch your systems. The most common unpatched and exploited programs are JavaAdobe Reader, and Adobe Flash. It’s been this way for a few years now. But strangely, not a single company that has ever been audited has ever had programs perfectly patched.

The following are key signs you would see when attacked with a zero-day exploit:

  • Unexpected potentially legitimate traffic or substantial scanning activity originating from a client or a server
  • Unexpected traffic on a legitimate port
  • Similar behaviour from the compromised client or server even after the latest patches have been applied

2. PHISHING SCAMS

Phishing is the attempt to obtain sensitive information, such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons. Scammers send seemingly legitimate emails from trustworthy sources.

Most phishing scams are fairly transparent, and sophisticated users rarely fall for pop-ups asking for a password. However, attacks could soon include a password text box cloned over a legitimate one to trick users into delivering their passwords to an attacker. Google is now developing a special password-alert feature to help protect against future phishing attacks.

A good example and the biggest phishing scam was the Nigerian scam, also known as 419.
In every variation of the scam, the email sender is promising obscenely large payments for small unskilled tasks. This scam, like most, is too good to be true. Yet people still fall for this money transfer con game.

Many organisations have software that filter out unsolicited emails. However, this software is not 100% reliable and emails that are dangerous do get through. Therefore, it is essential that you train your user community to identify unsolicited emails.

Enjoying the article so far? Continue reading here…

 


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook Facebook logo to keep up to date with our latest news and vacancies.

Continue Reading

Posted August 18, 2017 | Feature Friday | No Comments »

Feature Friday: How to Master Your Mobile Game’s Soft Launch

How to Master Your Mobile Game’s Soft Launch is this week’s Feature Friday! An article written by the great people over at deltaDNA,  it looks at the key considerations software developers need to take into account when planning to successfully soft launch their mobile game. Founded in 2010, the team at deltaDNA “combines games industry heritage with extensive marketing & analytics expertize to deliver dedicated tools & technology for game developers by game developers.” Now that we know a little bit about deltaDNA, it’s time to find out what they have to say about mastering a mobile game’s soft launch…

Feature Friday: How to Master Your Mobile Game's Soft Launch 2


HOW TO MASTER YOUR MOBILE GAME’S SOFT LAUNCH

Feature Friday: How to Master Your Mobile Game's Soft Launch 1

Many developers use a soft launch as a valuable way to test the waters and refine their game to see how well it performs, in front of an unbiased group, before launching it for wider distribution. It allows them to isolate and optimize successful factors and problem areas strategically. To ensure a successful soft launch, you need to use an analytics service to gather data, analyze, spot bugs, study and understand the players in detail before full distribution. We outline the key things to consider when looking to master a soft launch for your mobile game to make sure it is a resounding success.

1. Optimum length

Deciding on your soft-launch’s time frame will vary slightly depending on resources and cost, however the optimum length to soft launch is between two to three months. Our data shows that the longer the soft launch lasts, the higher the retention rate is; a 20% plus increase in D1 retention in fact, for games that spend longer than a month in soft launch. Timing can also have a positive impact on both your In App Purchases (IAP) and advertising strategy, a 24% boost in IAP if in beta for longer i.e. two to three months. However, timing is everything and there is such a thing as too much time spent. Therefore, strategically consider the best use of time and focus initially on early retention such as D1, then look towards monetization and finally late retention. This sequence will ramp up the number of players considerably.

2. Don’t launch on bad metrics

It’s always better to spend a few more weeks in soft launch to make sure your metrics are the best they can be. D1 and D7 are vital, so run multiple A/B tests, try out different messaging, segment players and devise funnels. To help maximize the time you have available, look at testing specific messages for a couple of hours or days to see what their impact is. Use your soft launch time wisely and find the most effective messaging variables for each segment with your A/B tests as there are correct actions for different type of players. For larger-scale soft launches, you can test in-app purchase offers to see if they are ready for monetization.

 

Enjoying the article so far? Continue reading here…


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook  to keep up to date with our latest news and vacancies.

Continue Reading

Posted July 21, 2017 | Feature Friday, Technology Industry | No Comments »

Feature Friday: Colocation, Cloud Services and Hybrid Cloud?

This week, we’re hearing from Tim Threlfall, Operations Director at Storm ID as he discusses cloud hosting solutions and how to differentiate to find the best option for your business. Storm ID has been at the edge of the digital frontier for 15 years, helping their clients “to transform processes and experiences, re-imagine legacy business models, and even entire companies.” On that note, it’s definitely time to hand over to Tim to find out exactly what colocation, cloud service and hybrid cloud really are, and which one will suit your business best.

Feature Friday: Colocation, Cloud Services and Hybrid Cloud?


Colocation, Cloud Services or Hybrid Cloud?

After having heard the terms ‘Colocation’ and ‘Cloud Services’ being thrown around in the world of Information Technology, you now want to get into the nuts and bolts of these two concepts – to understand in detail what they are and which is most advantageous for your company.

Both of these cloud hosting solutions are concerned with outsourced IT facilities. They both provide the benefit of reducing the costs associated with running these facilities and equipment independently or in-house.

The difference between colocation and cloud services

There are clear differences between these hosting solutions. In a nutshell, colocation refers to managing all your company-owned IT equipment from a shared and rented physical space, while cloud services involves outsourcing everything from the equipment and space to the management of the IT workflow from a cloud services provider (CSP).

 

Colocation Cloud Services
  • Housing for company-owned IT assets like servers, other hardware, and software.
  • Your company manages, monitors, and maintains all above-mentioned equipment and workflows.
  • The colocation facility provides affordable floor space, and other cost-saving features like shared costs in operating power, cooling systems, security, and communications.
  • Provides all needed equipment off-site, plus cloud-based software services.
  • CSPs manage, monitor and maintain all hardware, software, troubleshooting, power and backups, and everything else the company’s  IT department would otherwise be responsible for.

 

 

Enjoying the article so far? Continue reading here…


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook  to keep up to date with our latest news and vacancies.

Continue Reading

Posted July 07, 2017 | Digital Media, Feature Friday, Software, Technology Industry | No Comments »

Feature Friday: The Agile Mindset

We hear from Valerie McLean at TicToc Digital this week on Feature Friday! Valerie, an Agile Delivery Manager and Project Lead, discusses the thought process and functions behind the Agile mindset, how this was implemented at TicToc and why, plus how it could work for you! TicToc Digital have been doing all things online since 1999. They specialise in creating digital success for businesses and have their finger on the pulse at all times. With this said, it’s time to hand over to Valerie and find out about the agile mindset…

TicToc Digital Logo - Feature Friday


The Agile Mindset

Agile. It’s not just a buzzword, it’s a mindset.

It can mean Scrum, stand ups and Kanban, but these are just names. Agile, to us, is the commitment to regular self-evaluation and continuous self-improvement. The act of Agile brings empowerment and grows confidence, not only within your self, but within your team and with the client too.

An Agile methodology moves away from the idea that one department must finish their whole part of a project before moving to the next (also known as Waterfall). Adopting an Agile mindset takes an open mind – it can be hard to break free from the idea that everything must follow a chronological process. However, not doing so allows greater flexibility in timescales.

The process starts with an in-depth user workshop – evaluating not just what your company’s internal stakeholders think they need for launch, but what the primary users need to complete the key goals defined. From here, we establish a minimum viable product, as well as other “nice-to-haves” for development further down the line.

Usermapping - Feature Friday: The Agile Mindset

This way, costs, expectations and timescales are clear. Working to this process sees things move quick – feedback is quick and expert eyes from all channels feed in from the get go.

The result? A better product. Higher quality. Delighted users. Client goals smashed. Trust between agency and client is strengthened.

 

Enjoying the article so far? Click here to continue reading.


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook  to keep up to date with our latest news and vacancies.

Continue Reading

Posted June 23, 2017 | Feature Friday, Software | No Comments »

Feature Friday: Insider Threat – What is it and how to Deal With it

We’re bringing you an insightful and thought-provoking article focussed around the subject of insider threat from the cybersecurity specialists at ZoneFox this week on Feature Friday. ZoneFox strives to assist businesses throughout the world to protect their business-critical data against insider threat and is a market leader in user and entity behaviour analytics. With this said, it’s time to hand over to Eilidh Curtis at ZoneFox and find out everything we need to know about the insider threat and how we can tackle this…

Zone Fox - Feature Friday: Insider Threat - What is it and


The Insider Threat: what is it and how to deal with it

As if it wasn’t enough to have to defend from industrial spies, nation states, and script kiddies residing outside your network, one of the biggest threats to our information assets resides within our own environments. The insider threat, intentional or otherwise, is now one of the major concerns in cybersecurity, and with good cause. Within many organizations these days, users have more access to data than they need, cloud storage services have created a phenomenon called Shadow IT, permitting users to save potentially confidential data to the cloud for future access, and with the (understandable) requirement of user-friendliness throughout IT assets, security controls are often disabled rather than tuned. While the insider threat can be a pain in the backside, there are ways to protect yourself and keep your users happy simultaneously.

What is the insider threat?

In order to properly defend yourself, you need to understand what you’re up against. The insider threat comes in many forms, but you can narrow them down into either malicious/intentional threats, or threats that stem from carelessness or lack of knowledge and skill within your workforce. You may have a user that thinks it’s okay to throw the classified document that they were editing up onto their favourite cloud storage platform so that they can access it later. One of your users may provide their credentials to a malicious third-party after being subject to a social engineering attack. You may have a malicious insider who is looking to steal or destroy data because they are disgruntled or under the employ of a competing organization. In the world of startups and small businesses, security controls can sometimes be sacrificed to allow for speed of delivery, lack of knowledge, or user satisfaction. Now that you better understand the threat, we can help you get a handle on the situation.

DEFENSE #1: CREATE ENFORCEABLE POLICIES

Good documentation makes a good cybersecurity practice, and policies are a staple in said documentation. Policies back up your decisions, provide guidance for your cybersecurity controls, and give you a base for user education. Acceptable use, privacy, and mobile computing are three base policies that should exist in most organizations. The policies exist to provide the following:

  • Acceptable use policy puts parameters around how your assets can be used. Are your users allowed to store company data in cloud storage? Are USB drives allowed for backup purposes? These answers and others should reside in this policy.
  • Privacy policy tells your users what they are able to do with company data. Does classified data exist on the network? If so, how will your users need to handle it to avoid disclosure? What safeguards are in place to protect your users’ data? How is employee data stored and encrypted?
  • Mobile computing policy lays out rules for mobile access to company resources. Do your employees take laptops home? How do they access company data remotely? Are there specific rules required for travel to high-risk countries? Mobile phones; are they provided by the organization or do you live in a BYOD world? All of these mobile devices access your organization’s resources, your mobile computing policy dictates how.

Once you have a base set of policies in place, your next step is to educate your users about their existence, and what it means to them.

 

Enjoying the article so far? Click here to continue reading.


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook  to keep up to date with our latest news and vacancies.

Continue Reading

Posted June 09, 2017 | Feature Friday, Technology Industry | No Comments »

Feature Friday – On the Horizon: Quantum Computing

This week, we’ve got a really interesting article from the brilliant people over at This Is Milk; the business transformation specialists based in Glasgow. Founded in 2013, This Is Milk set out to do things better. Their expertise lies within the realms of digital strategy and delivery which they use in order to help businesses “predict, understand and implement the changes required to successfully compete online in an ever-changing digital environment.”

This fifth instalment of their excellent “On the Horizon” blog series – in which they take a look at future business and society trends -explores Quantum Computing and the impact this could have. So let’s find out what they have to say…


On the Horizon: Quantum Computing

TIM - quantumcomp

This article was written by Denis Yordanov

Throughout the ‘On the Horizon’ series so far, we have looked at various technologies and innovations that can have a profound impact on business and society. There is one thread that runs through the four topics mentioned so far (self-driving cars, blockchain, industry 4.0, and AI) that serves as the foundation for those innovation, without which they would have been impossible, and that is computing. Computers have arguably shaped and reshaped our way of life in the last 20 years more than anything else has in that period of time. They are at the core of so many aspects of our lives that listing them will be pointless. Given the direction of development it stands to reason that the role computers play in our lives will continue to grow in the future. It’s all possible because of computing.

Computing can essentially be broken down into mathematical problems. Every action that a person executes at a computer is interpreted and resolved as maths problems by the computer. Traditional computers understand and store information through transistors, which can be either on or off. In programs this is represented by ‘bits’, which can be either 1 or 0. Simply put, ‘the language’ of our current computers is comprised of series of bits that are either 1s and 0s.  However, if those transistors are reduced to extremely small sizes they begin to exhibit quantum physics effects, such as ‘superposition’. ‘Superposition’ means that those bits can be both 1 and 0 at the same time, and in such state are called qubits. How is it possible for a qubit to be a 1 and a 0 at the same time? No one really knows definitively. But the implications of this ‘superposition’ state for computational power are astounding. If one qubit can store both 1 and 0 at the same time, then two qubits can store four values, three qubits can have six values, and so on, resulting in computing power ramping up exponentially.

The idea of quantum computing and the value that it holds have been around for a while. But more recently some organisations have been successful in reaching the elusive quantum computing state and have begun to harness its power. For example, IBM announced that it now offers free public access to its cloud-based 5 qubit quantum computer IBM Q, and also has plans to offer ~50 qubits systems commercially. Another example is D-Wave’s quantum computer that Google and NASA have been testing since 2013.

 

Enjoying the article so far? Click here to continue reading.


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook  to keep up to date with our latest news and vacancies.

Continue Reading

Posted May 26, 2017 | Feature Friday | No Comments »

Feature Friday – Website Migrations: Finding & Fixing SEO Issues Post-Launch

This week on Feature Friday, we’ve got a brilliant article to share with you – written by Emily McLaren, SEO Team Leader at Equator. A big numbers digital agency that’s been growing and developing since 1999, Equator are all about genuine insights and a deep understanding of consumers – that’s what makes them great at what they do! With this said, we’re excited to bring you Website Migrations: Finding & Fixing SEO Issues Post Launch. Emily takes us through the critical post-launch SEO work which can make or break your visibility in organic search. So, let’s find out what she has to say…


Website Migrations: Finding & Fixing SEO Issues Post-Launch

 

Around 90% of the search engine optimisation (SEO) work during a site migration takes place prior to launch. But the remaining 10% – post-launch – is critical. After all, it could take just one or two small missteps to potentially obliterate your digital footprint in organic search.

Thoroughly auditing a website post-launch allows you to catch and fix any of the SEO issues that may have slipped through the net – and ultimately protect your SERP real-estate.

Below are step-by-step instructions on how to:

For a full checklist of all the pre-migration, during-migration and post-migration SEO tasks as well as a list of some of the useful tools referenced within this guide, please download our site migration SEO checklist.

Auditing redirects

Immediately following the launch of a website, it’s essential to audit all website redirects to identify any instances of rogue 404s as well as redirect chains that may have occurred due to the migration.

Redirect chains can significantly affect page load speed and a high volume of 404s can impact search engine visibility. Addressing issues with redirects will not only give visitors a more consistent and high quality user experience – it can also have the potential to improve rankings.

Below are two of the most useful tools to use when auditing redirect chains – Screaming Frog and IIS SEO Toolkit. Screaming Frog is an SEO spider tool which can crawl websites and fetch key website data in real-time. And IIS SEO Toolkit is a free optimisation tool which performs a detailed analysis of your website and will provide suggested fixes for the specific migration issues we’ve identified.

Screaming Frog

To find redirect chains using Screaming Frog, follow the below steps:

1. Navigate to ‘configuration’ in the top navigation > select ‘spider’ > select ‘advanced’ tab > tick ‘always follow redirects’

2. Navigate to ‘mode’ > ‘list’ > select ‘upload’ and then either upload all legacy URLs from a file, enter them manually or paste all URLs > hit ‘start’ and run the crawl

3. Once it reaches 100%, navigate to ‘reports’ within the top navigation and select ‘redirect chains’ from the dropdown menu

Site Migration Blog 1

IIS SEO Toolkit

Redirect chains can be found in the following view within SEO Toolkit:

1. Select ‘create a new analysis’ > name the crawl & input the domain into the ‘start URL’

2. Within the ‘advanced settings’, customise the settings to suit your needs

3. Navigate to ‘violations’ > ‘violations summary’ and look out for “the redirection response results in another redirection” (as shown below) > double click to open the violation and find full details of the issue and recommended action

4. Alternatively, navigate to ‘report’ > ‘export all violations’ > open Excel spreadsheet > apply filter > filter column ‘violation code’ > filter to ‘RedirectToRedirect’ > find the full details of the issue and recommended action within the column ‘violation description’ and ‘violation recommendation’

Site Migration Blog 2

 

Enjoying the article so far? Click here to continue reading.


Enigma People is an award-winning technology recruitment consultancy. Visit our job search page for the latest vacancies in digital, electronics and software in Scotland. You can get in touch with us hello@enigmapeople.com or call us on 0141 332 4422.

Follow us on Twitter,twitter  Linkedin LinkedInor Facebook  to keep up to date with our latest news and vacancies.

Continue Reading

Posted May 12, 2017 | Digital Media, Feature Friday, Software, Technology Industry | No Comments »

Feature Friday: Utterances, Slots and Skills – The New Vocab of Voice

This week, we’re introducing an exciting new item to our blog; give a big warm welcome to Feature Friday! From today onwards, we’ll be featuring awesome articles on a range of different topics and from a whole host of brilliant companies within the industry, every second Friday.

Who better to kick this off with than Screenmedia and their interesting insight into the new world of voice application development vocabulary! The innovative digital practice is at the forefront of voice application development and in 2017, Screenmedia was the first UK company to launch a smart home action for the Google Home. Their industry leading voice development team also works with a range of voice platforms including Amazon Alexa, Google Assistant, and Siri. So, let’s find out what Screenmedia have to say about The New Vocab of Voice


Utterances, Slots and Skills 

The New Vocab of VoiceScreenmedia's image - The New Vocab of Voice

Since Amazon opened up its voice platform Alexa to developers in 2015, the platform has seen several thousand new ‘skills’ launched. Those trying to get their head around designing and developing for voice will quickly come across some unfamiliar terms which require decoding before the work of skill-building can begin. Having recently undertaken flagship UX work building skills on the platform for our clients, here is a quick guide to getting your head around the key terms Amazon uses when developing for Alexa.

Note: the following is applicable to Amazon’s Alexa. Other companies have their own glossary of terms, some use the same terms, others use their own terms, but Alexa is currently the most widely used platform.

Alexa vs Echo

In discussions and in the media, the terms ‘Alexa’ and ‘Echo’ are often conflated when in reality they refer to specifically separate things. Echo refers to the Amazon Echo, a physical product, with a speaker and ring of microphones. Echo can also refer to the Echo Dot, the main Echo’s smaller cousin.

Alexa is the cloud-based ‘intelligent personal assistant’ which processes your requests and supplies answers back to you. If it’s easier, think of Alexa as the ‘mind’ of the ecosystem, while Echo is the ‘body’. When you speak your conversation is with Alexa — Echo is just the mouth and ears. Alexa isn’t constrained to just the Echo though, you can also speak to Alexa through Amazon’s Fire-branded products, as well as a growing number of third-party consumer devices.

Wakeword

The Echo devices have a ring of always-on microphones, meaning the device is always listening to what is around it but in a dormant state. It will only ‘wake up’ and actively pay attention to you when it hears a specific word or phrase, called a wakeword. Amazon offers a choice of ‘Alexa’, ‘Amazon’, ‘Echo’, or ‘Computer’ for these wakewords, with the default being ‘Alexa’. This wakeword cannot be changed beyond these four options by users or by developers. The only time the wakeword options have changed is when Amazon added ‘Computer’ in late 2016.

Note; a ‘wakeword’ wakes the assistant, but does not trigger your specific skill, that would be an invocation (we’ll get to this later).

Skills

The simplest way to describe a skill is ‘an app for Alexa’. But try to avoid this, as it can cause confusion with the Alexa App, (which we’ll come to later on). Amazon maintains a list of available Alexa skills on its site.

Skills aren’t downloaded in the same way that a phone app is and are instead ‘enabled’. This is because the code and content for a skill are not stored on the Echo device, but in Amazon’s cloud servers along with Alexa itself. If a user wants to use your skill, they ‘enable’ it, either within the Alexa App or by asking Alexa to enable it. This then gives the user the ability to invoke and use your specific skill.

There are three types of skill:

Custom Skills

This is the most common type of skill, and gives you the most control over the user experience. This type of skill lets you develop just about anything you can imagine.

Smart Home Skills

This is a type of skill specifically for controlling smart home appliances. It gives you less control over the user experience, but is simpler to develop.

Flash Briefing Skills

This type of skill is specifically for compatibility with Alexa’s native ‘Flash Briefing ability. This type of skill also gives you reduced experience control, but again is simpler to develop.

Enjoying the article so far? Click here to continue reading.

 


Want to work with Screenmedia? We’re currently recruiting for a Voice Application Developer and Senior Front End Developer. You can take a look at the roles here or contact dmains@enigmapeople.com directly for more information.

You can also find all of our latest vacancies here and for general inquiries, contact hello@enigmapeople.com

Follow us on Twitter for all the latest tech, business and recruitment news @enigmapeople  twitter or LinkedIn  LinkedIn

Continue Reading

Subscribe or follow for the latest job vacancies