Blog

With not 1 but 2 of the most significant projects we're had the pleasure of producing on our schedule, apologies if we've skipped a Blog update or Two over these past few months.

As regular readers would be well aware we very rarely use this forum to spruik about our achievements, but in this case as they are so important to our stakeholders it justified an exception..

The first milestone was the March completion of the 12 months process of upgrading the iASP™ Powered Work Health and Safety Management Platform we've continuously developed on behalf of Employers Mutual Ltd. since 2010. 

The platform, which consists of several independently branded instances, including HEMsafe, is a Cloud-based system that provides all the tools and resources organisations across multiple industries need to manage their day to day WHS related obligations and maintain health and safety within their workplace.

While the upgrade included enhancements to the front-end public website, the primary focus was the Member-only features and functions.

The application framework was re-engineered to facilitate mobile device compatibility as well as improved desktop version usability.

Additionally, the entire platform was expanded from a single-user focus to an enterprise level application with the introduction of powerful access controls and extensive workflow and version controls.

Key new features include a new Workplace Homepage featuring several interactive dash-board like functions including a calendar based display of all relevant activities and reminders, which provides individual Users with instant access to all tasks that require action.

The second major project, which is scheduled for live launch next Monday, is a Strata Management platform which has been developed with the guidance of one of the largest Strata Management providers in Victoria.

StrataPort, which will launch with around 20,000 initial customers, is a Cloud-based platform that seamlessly integrates to existing internal Strata Management systems and then translates and publishes relevant information for individual Users in a secure, password protected environment that can be accessed from anywhere, anytime from any Internet connected device.

In addition to publication of all Building, Lot, Meeting, Insurance and other data, StrataPort capabilities include submission of "smart" requests such as Meeting Proxy Forms and Insurance Certificate of Currency Application Forms.

The system also features an integrated Support Ticket system that can be paired with external systems as required.

The launch of StrataPort and the generational upgrades to the WHS Management Systems reflect the evolution of the iASP™ technology platform into a truly Enterprise Level Application and marks the beginning of the most exciting stage of our journey to date.

We look forward to the future with great excitement.

Watch this space!


Keep in Touch

Follow on our Facebook Page to stay up to date with what's on at iASP Central.

And if you think we can help your business to improve with Enterprise Software, then Get in Touch.

Flash content is now in the last stages of becoming a relic of Internet past after another major web browser dropped native support of the Flash Player plug-in just last month.

While it isn't the final nail-in-the-coffin for Flash Player just yet, it is the final notice for developers and advertisers that still use Flash Player to deliver their content.

Apple Safari and Mozilla Firefox web browsers dropped native support for the Flash Player plug-in long ago, forcing users to change their browser security settings and update the plug-in regularly to view Flash content. And now Google Chrome has joined the group with the latest version of the Chrome web browser also natively blocking Flash content.

None of this has come unexpectedly to marketers and developers in the industry, however.

The end for Adobe Flash Player became almost guaranteed after Apple founder Steve Jobs famously announced that Apple iOS devices would not be supporting Flash Player (and therefore, Flash content) due to the poor reliability and poor security that Adobe Flash Player was well-known for.

Without going into unnecessary detail, the demise of Flash Player comes down to the capabilities of HTML and web browsers finally catching up to those that Flash enabled decades ago - without the performance issues and security holes that also come with using Flash Player.

Now, in a very similar fashion to the infamous web browser Internet Explorer, Flash Player is set to hold a place in Internet history as an example of what was once considered to be ground-breaking technology that helped to push the Internet to where it is today.

In the early 1990's, Macromedia Flash (as it was known at the time) truly introduced the world to the new possibilities that the Internet could provide. The Internet shifted suddenly from being a static medium, with content made up of text and images only, to something that could now potentially compete with the likes of television.

A graphics and animation editor all-in-one, the simple to learn nature of the Macromedia Flash application allowed people to create animations and interactive multimedia easily, without the need to understand computer programming languages. Even entire websites were developed in Flash.

Flash movies and Flash games quickly became a popular form of content, as it was difficult to deliver content in other formats across the Internet at the time that was comparable in quality (particularly video content).

Flash also became the platform of choice for marketers and advertisers, as it allowed for the production and delivery of banner advertisements that were higher in quality than anything else available.

Still, as with all technology, Flash Player has inevitably become redundant and is being cast aside for a faster, better, stronger replacement.

It is important to note that the Adobe Flash application itself is not dead, however, and has evolved to allow developers to produce animations and multimedia applications using the newer platforms such as HTML5 Canvas and WebGL.

In memory to Flash Player and the Flash content era that came with it, we share our favourite portal website that was one of the original pioneers in all things Flash - Newgrounds.

Further Reading:

• Why Adobe's Flash Player is Dead
• Flash Will Soon Be Obsolete
• Flash is dead. So what now for marketers?
• Adobe Flash

Don't you just love SPAM e-Mail?

How much productivity is lost globally, filtering genuine e-mail from the countless, useless, unwanted and sometimes downright offensive e-Mail messages.

What frustrates us as professional web developers is that so many organisations directly invite SPAM by making one of the most common and costly mistakes: Publishing e-mail addresses on websites.

Publishing e-mail addresses on websites is the #1 way to attract SPAM.

It's that simple!
No cheats or gimmicks.
No sneaky fees or subscriptions.
Guaranteed to work every time!

Publishing your e-mail address on your website is about as clever as publishing your credit card number. It's just inviting trouble.

There are countless SPAMbots - simple computer programs that scan the Web looking for e-Mail addresses and adding them to SPAM lists or marketing databases.

And while SPAM might be just one of those things you have to deal with on the Internet, reducing the severity of the problem will always make life easier.

So how can you publish your e-Mail address without leaving it open for Spambots?

Well, there are 3 main methods:

1.) Miscellaneous Teckky Tricks

The end goal is to display an e-Mail address in a readable way to a real viewer, while hiding the e-Mail address from spambots.
To achieve this, there are a few "tricks" you can use to try to "hide" your e-Mail address.

One "trick" is to type the e-Mail address backwards, then use CSS to display it the right way.
A spambot will see 'ua.moc.sserdda@liame-my', but the reader will see 'my-email@address.com.au'.
The difficult part to this trick is correctly writing your e-Mail address backwards. Did you notice my mistake?

Another "trick" is to break up the e-Mail address with HTML code, which is then hidden using CSS to display the e-Mail address correctly.

And yet another "trick" is to replace the @'s and .'s in an e-Mail address with AT or DOT.
Because nothing says "professional" like 'my-email AT address DOT com DOT au'.

These tricks have been around for centuries however (in Internet time), and spambot developers have become wise to them.
They will easily unpick your "trick" and add you to their spam list.

2.) e-Mail Address Obfuscator

An e-Mail obfuscator is a small javascript that adds your e-Mail address to the page after it has loaded, or unjumbles your e-Mail address so that appears jumbled to spambots but becomes readable when the page is loaded.

Like the "tricks" above, however, this method is becoming outdated as well.

Spambot developers are learning how to find if an obfuscator is being used, and how to get around them.
This means that obfuscators need to be adjusted semi-regularly to change how they alter an e-Mail address so it doesn't become predictable.

And now with Google's ability to execute javascript to index websites better, you can bet that it won't be long before spambots can do the same thing.

3.) A Contact form

Really, THE ONLY WAY to save you from the need to publish your e-Mail address on the Web while still allowing people to contact you by e-Mail is to use a Contact form.

The first two methods still leave your e-Mail address wide open for nefarious types to find with a little bit of effort.
A contact form removes the need to publish an e-Mail address entirely, making it much more difficult to find.

Using a contact form also allows comes with some advantages for analytics and visitor tracking as well (if you're into that kind of thing).

Conclusion

While just publishing a link to your e-Mail address may save you some time and appear to be more aesthetic.
It is nothing compared to the pain of deleting SPAM e-Mail every morning after your e-Mail address ends up on SPAM lists around the globe.

All iASP powered websites come standard with a Contact form module, and customised versions are one of many options available.

If you're unsure of how to add a Contact form to your iASP powered website, or you'd like some advice about publishing an e-Mail address, Get in Touch.

Resources:

• Warning: don't publish your email address!
• Avoiding Spam When Posting an Email Address

Since our beginnings as Canberra based Internet Service Provider ACTWEB.NET in the 1990's, we've learned that Domain Name related issues are one of the most common causes of significant service issues on the Internet.

Sadly we've also seen many scams and cons that take advantage of unsuspecting Domain Name owners.

In this article we highlight the most common Domain Name related scams and list our top tactics to help make managing your Domain Names a breeze and avoid falling victim to the scammers.

Common Domain Name Related Scams

There are several different types of common Domain Name related scams.

Many involve a variation on the theme of sending Domain Name owners what appears at a glance to be a legitimate invoice for Domain Name Registration renewal.

The fake Domain Name Registration renewal scams usually fall into one of three categories:

• 1: An invoice from a source claiming to be the Domain Registrar for a real Domain Name that is in fact registered with another Domain Registrar
• 2: An invoice for a different version of a real Domain Name. Either closely related spelling i.e. if the real domain is abc.com the invoice might be for acb.com or for an entirely different extension of the domain name i.e. abc.net
• 3: An invoice for a totally unrelated service that is carefully worded to mimic the appearance of a legitimate Domain Name Registration renewal, such as the one pictured on this page.

The image on this page relates to a scam we received recently from http://www.trafficdomainer.com.

The scam relates to an actual Domain Name we owned at the time: iaspestore.com.

The scam message arrived via e-mail within days of the actual registration renewal date of the Domain Name.

The sender of the e-mail was marked as "Domain Service", and the subject was "iaspestore.com notice".

The notice was properly addressed and contained the words at the top: ATTENTION: IMPORTANT NOTICE.

Of course, when you read the fine print, they are actually selling seo domain name registration - whatever that is - apparently a totally unrelated service that the message later warns "failure to complete...may make it difficult for customers to find you on the web".

Which is 100% BS!

While most of the Domain Name registration scams arrive via e-mail, some arrive in the form of physical mail.

We also recently received a very similar scam to the one above via the post - supposedly from an Australian based organisation, whom we reported to Justice Victoria.

Domain Name scams that originate overseas can contain give-aways in the form of poor spelling and grammar, but those sent by Australian based organisations can be harder to tell apart from the real thing.

What makes some of these scams so successful is they not only appear to come from Australian based organisations, but they contain accurate Domain Name owner contact information and are often well timed to coincide with the actual Domain Name registration renewal date.

The good news is that when armed with just a little information about your Domain Names, even the most official looking scams become much easier to spot.

Our Top 5 Tips to Avoid Domain Name Scams

Tip 1:

When you register a Domain Name create a calendar reminder to re-new the domain name 1 month before the due date. Be sure to also make a note of the Domain Name Registrar you used to register the domain name.

Tip 2:

If you have multiple Domain Names registered via different Domain Registrars or contained in multiple accounts a single Domain Registrar, consolidate all the Domains into a single account for easy management.

Provided all your Domain Name contact details are current, transferring Domains Names between Registrars and Registrar Accounts is a very straight forward process.

Tip 3:

Make sure the contact details, especially the Registrant e-mail address (where renewal notices are sent), associated with all your Domain Names is current.

Tip 4:

If you buy or sell any type of operation where Domain Names are involved be sure to provide or request a letter signed by both buyer and seller addressed to the relevant Domain Registrar on the official letter head of the seller explaining that transfer of ownership has occurred.

Be sure to follow up with the relevant Domain Name Registrar until the Whois Registry is updated with the new Domain Name ownership details.

Tip 5:

When a Domain Name Registration renewal notice arrives, don't ignore it - check it against your list of registered Domain Names - does it come from the actual Registrar of a Domain Name that you are expecting to expire?. One of the consequences of the prevalence of Domain Name related scams is that legitimate renewal notices often go ignored. This year alone three of our clients have experienced the inconvenience of website and e-mail services going off-line for extended periods because they ignored legitimate Domain Name Registration renewal notices.

Summary

If you select a reputable Domain Name Registrar and follow the advice outlined in our 5 tips above you'll be a long way in front of most of the current Domain Name scams you're likely to encounter.

Unfortunately, clever new scams surface from time to time, so keep an eye on the Australian Government's SCAMWATCH website and other sites such as your local State based Australian Consumer Affairs website.

If you're unlucky enough to fall victim to a Domain Name related or any form of scam please don't be embarrassed and report the matter to the relevant authorities, that way other potential victims can be educated and warned of the dangers.

In case you missed it, last week was Privacy Awareness Week.

With over 700,000 Australians becoming victim to on-line identity theft in just the past year, protecting customers on-line privacy is one of the most critical issues website publishers must consider.

Under Australian Law, the privacy rights of Australians are protected by the Privacy Act 1988 (Privacy Act), which relates to the protection of personal information about an individual that does or could identify them.

According to the Office of the Australian Information Commissioner, the Privacy Act outlines the "standards, rights and obligations for the handling, holding, accessing and correction of personal information" which privacy law aims to protect.

It may surprise you to know that most Australian small-businesses are not covered by the Privacy Act, meaning they have no responsibility to ensure the privacy of their customer information.

There are however moral and commercial pressures: online privacy is already so important to some customers that it is a determining factor when choosing one eStore over another.

So what can eStores do to allay the fears of increasingly privacy-conscious customers?

We've put together 10 simple but powerful tactics that website owners can use to reduce the fears of customers that are concerned about their on-line privacy:

1. Ensure that areas of the website that collect personal information (such as the registration form, or the checkout payment page) are secured using HTTPS - Consumers are now learning to "look for the lock" and discriminate if they don't see it. (Pro Tip: Make the whole website HTTPS secure).
   
   
2. Only collect personal details that are absolutely necessary to conduct business - If you don't need it to conduct your business, don't collect it. The more personal information a customer needs to fill into a form, the more wary they become. (Pro Tip: Never collect a customers Date of Birth unless it is a legal requirement for your industry)
   
   
3. Have a clear and easy to understand Privacy Policy, that is easily accessible and visible - Don't just put your Privacy Policy in a small link at the bottom of your website, link to it where ever you are collecting personal information and make it very clear that privacy is important to you.
   
   
4. Clearly state the personal information that you will AND will not collect and what you will do with this information - This allows customers to know exactly what personal information and why they need to provide it. 
   
   
5. Give visitors access to view the information that has been collected about them, and allow them to update it easily. 
   
   
6. Don't use sensitive personal information which could identify a customer in e-Mail or newsletters - e-Mail is an insecure medium. Not only is a bad idea to include sensitive personal information in e-Mail, it also decreases customer confidence when they see their personal details being sent over an insecure medium. (Pro Tip: Never send a clear password in an e-mail: instead send a partially masked password hint or preferably, allow the customer to re-set their password securely)     
   
   
7. Encourage your customers to protect their personal information by using strong passwords, and to change them regularly - Protecting privacy is as much a responsibility of the customer as it is of the business
   
   
8. Where appropriate, allow visitors to interact with your website anonymously - It isn't always necessary to collect personal information to conduct business. This may just be a case of allowing the customer to browse without needing to register first, or allowing them to post comments anonymously.
   
   
9. Opt-In to the Australian Privacy Act, and advertise this fact - Show your commitment to good privacy practice by opting into the Australian Privacy Act. Doing so will have your business name added to the public Opt-In Register, which can increase consumer confidence and trust.
   
   
10. Have a data breach response plan - as some organisations such as eBay have learned, honesty and open communications are the best policies to keep customers informed. A response plan will not only serve to decrease the impact on the affected individuals, having such a plan can also improve customer confidence.
    
    

Personal privacy is a very important part of everyday life, and this extends to using the Internet including sending and receiving e-mail, browsing the Web, using social media and especially shopping on-line.

Anything website and eStore operators do to improve customer confidence, including addressing increasingly important privacy concerns, should improve customer experience and satisfaction, and a happy customer is much more likely to be a returning customer.

If you are unsure whether your business needs to comply with the Australian Privacy Act, you can use the OAIC Privacy Checklist for Small Business .

Resources:

• Privacy Awareness Week
• About privacy
• Ten tips to protect your customers' personal information
• Privacy Checklist for Small Business
• Opt-in register
• Privacy Act 1988 (ComLaw)