January 26, 2017 Jason Chapman

Websites that don’t go full site HTTPS may be in for a surprise in the coming weeks. Google and Mozilla Firefox, popular web browsers, will now show a warning to users who visit websites not accessed through a secure connection. While only sites that collect passwords are impacted, that will still include a vast majority of websites.

Google, particularly, has been focused on creating a more secure and faster web; ranking secure, fast, and mobile friendly websites higher than their counterparts. In fact, site speed and security is now built into Google’s core search engine ranking algorithm.

Traditionally, e-commerce websites that collect sensitive customer and payment information have been the only sites to secure via SSL and HTTPS, while most customer-facing marketing sites have not even bothered to due to the cost and headaches associated with setup. However, over the past few years it has become much easier. Community driven projects like Let’s Encrypt, a community supported certificate authority, are now offering free SSL / TSL certificates. Not only that, web hosting companies are now integrating that service directly into their administration panels for webmasters to procure and install instantly.

It sounds like a no brainer, right? While it may seem as easy as setting up SSL and installing the certificate, there are a few gotchas. Your web team may have to perform additional work to ensure your site works properly over HTTPS.

Why? For one, most web pages actually load resources from several domains and CDNs (content delivery networks). Not only do websites need to load assets from their servers over HTTPS, they also need to make sure all third party assets (images, data, external javascript libraries) are also loaded over HTTPS. If not, your browser will display a mixed content warning which could be even worse. Essentially, this warning will tell customers that the site they are on thinks that it is secure, when it’s really not 100% secure.

Google has provided a list of considerations, but the following highlight the main areas that would need to be considered when going full-site HTTPS:

  • Server side redirects – your website should redirect all HTTP requests to HTTPS, so that your site is always accessed via HTTPS (secure), not HTTP (insecure)
  • Use the Fetch as Google tool to make sure your website is accessible via HTTPS
  • Ensure that www and non-www requests are encrypted

In the end, it may be a very easy fix for your site, or a complicated one, depending on your requirements, infrastructure and change-agility. Regardless of the effort involved, it’s your duty to ensure a safe browsing experience for your customers and of course they will greatly appreciate a company that provides them safety over a company that does not!

January 26, 2017 Elizabeth Schneider

These days you can’t send a text or any written form of communication without including some sort of abbreviation.  Whether it be LOL, TTYL or JK on a tweet, text or Facebook post, the way we articulate is laden with this type of rhetoric.  Let’s face it, we at MNJ (Max, Nick and Jake), love our acronyms too.  The technology realm is no different.  For the seasoned technology professional, the day-to-day telco-jargon is easy to decipher.  However, many business owners aren’t “in the know” on many of these terms.  Below are the Top 10 telecommunication acronyms you need to know.  BTW (by the way), did you know that MNJ is equipped to provide all of these services to our customers?

1)   MPLS (multi-protocol label switching)  Does your company have more than one office?  If so, as an organization, how do you connect your locations?  An MPLS network allows businesses the ability to create a private network between all sites.  This enables them to direct their data (or voice) from one network node to the next prioritizing based on importance.

2)   SIP (session initiation protocol)  Over the last decade the voice industry has endured many changes.  We have seen the analog and digital phone age come and go.  However, as we shift towards being reliant on high-speed data networks, we find that voice is making that transition as well.  SIP is the protocol for signaling of multimedia communications utilizing an IP or data network.

3)   VoIP (voice over internet protocol)  SIP is the foundation of a VOIP network.  These two acronyms can be interchangeable.  As companies move away from a digital infrastructure that can be costly, they find tremendous cost savings by switching to SIP or VOIP.  Since the voice traffic passes over the internet, the cost for an additional circuit at each site is not necessary to provide dial tone to the business.

4)   UCaaS (unified communications as a service)  Unified Communications is taking over the way we communicate.  As companies shift to more of a work from home mentality, the need to collaborate is of utmost importance.  From Jabber, single number reach, voicemail to email, and conferencing, UCaaS allows companies and their road warriors to stay connected on any device, over any medium at any time.

5)   IaaS (infrastructure as a service)  With the era of virtualization, companies no longer need to have their networking equipment in house.  IaaS allows companies a computing infrastructure, to utilize resources on-demand from their large pools of equipment located in data centers.

6)   SD-WAN (software defined wide area network)  As MPLS can be costly, SD-WAN can be the answer to organizations looking to decrease costs, but also increase redundancy and reliability.  The SD-WAN appliance can bond two internet connections together.  It brings redundancy by introducing an alternate data network, but decreases costs by allowing companies to use two bulk internet connections (DSL or Broadband).  In the past, a company wouldn’t want to risk running mission critical data over a public bulk internet option.  However, with the SD-WAN solution, it creates an MPLS-like environment for a fraction of the cost.

7)   DIA (direct internet access)  A wired dedicated symmetrical internet access.  Where broadband and DSL can give you fluctuating speeds, a DIA will provide a secure reliable connection that maintains the same speed at all times.  These circuits offer both QOS and an SLA.

8)   QoS (quality of service)  Have you ever picked up the phone and felt that you were reliving your youth talking into a tin can?  Jitter, Packet Loss, and Latency are many of the reasons voice quality is subpar.  By running voice over an MPLS or DIA, QOS can be guaranteed to meet industry regulated standards on voice.

9)   SLA (service level agreement)  You just signed an industry standard three-year agreement with a company that will be providing the life source of your business – your voice and data network.  Many thoughts might run through your head at that exact moment.  The first one being, “What happens if the service is not good?”  Well my friend, meet your best friend, the SLA.  This agreement ensures that your network is up and running 99.999% of the time (also referred to as the “5 nines”).  If it does not hit the federally regulated requirements, this document will legally allow you to get out of your contract.

10)   VPN (virtual private network)  For some companies, an MPLS network might be overkill.  They need the ability to connect to their network, but they don’t require all of the nuances an MPLS network might bring them.  A VPN can create a private network across the public internet.  This allows applications to function outside of the main site with the utmost security.