Cybersecurity Tip #24 - Don't trust Google Maps? FYI - by abusing a Google local guides account it is possible to add in fake entries into Google Maps such as a telephone number, scammers or con artists can then get calls from the unsuspecting public who just click through on the map search feeds to Con them into giving them account information details such as PIN numbers cvv codes etc in order to suck out cash from their accounts. My advice is skip the Google Maps page & go straight the company website that you're after and call from there and as an additional hint banks will never ask for those critical private pieces of information so be aware and be alert if anyones asking for that kind of thing.



SCAM ALERT - EMAIL COMBO ATTACK In Summary - Staff member clicks on a password scraping link, unwittingly enter their details, those details can be used against them in a Sextortion email for fast cash, the crims can also use the account to send more password scraping emails to all contacts and most dangerously set up a forwarder so that any received emails are collected by the hacker in order to scan for details regarding invoices. Once seen they can inject their own agenda like requesting a change of bank account number for the may not be aware for weeks! How to stay safe? Reset passwords, enable 2FA, get darkweb monitoring for compromised accounts, ask your IT guy to lock down forwarding for only admin, educate your staff to be aware and empower them to ask us for help if they see something weird! 



Cybersecurity Tip #23 - Does your Office Manager have a little book of passwords in her top drawer? Post-It notes on screens? Everyone using the same password or everyone knows each others passwords?

This is so wrong for many many really good reasons - just think if you got ripped off and the bank asked you if someone else could have possibly accessed your account? Or if you are trying to prosecute somone for fraud, you don't want wiggle room for the defense to say "that wasn't me". Setting a policy is one thing but actually giving the team a tool that saves them time and hassle with complying is actually going to give you a productivity boost whilst improving your security posture! Any questions about what to do then reach out and ping me - happy to help!



Cybersecurity Tip #22 - Puncturing the Myth of Security by Obscurity

People still don't understand that their little pc or business is actually valuable to the cyber criminal community, here's why: it's not personal, hacking activity is automated on a massive scale and your single PC can yield all sorts of value from gaming accounts, credit cards, identity theft, banking logins and indirect usage such as leveraging access into corporate accounts, spam email, porn file servers or botnet member used to run a distributed denial of service attack against a business for ransom. Get paid endpoint security software, get advanced spam filtering and Web traffic protection and please ensure that you have applications updated with firewalls in place - it's just being a good citizen on the Internet!




Feeling crushed by business more than crushing it?Crushing it


A lot of what we read on Linkedin is hugely postive, uplifting, motivating, and inspirational. Whilst I love this social media platform it can feel that everyone else is experiencing unbridled growth, success and celebrations galore... just not you. Personally I know that's not the case for everyone and quite likely not even a large minority. Sometimes systems fail, you make a bad decision, the market softens, staff don't perform, clients go elsewhere, margins get squeezed, cashflow trickles...these can pile up, more and more, a pressure piling up on your mind and knawing at your mental health.

I can relate to this. Last year was a shocker for me, the previous years hadn't gone so well but I felt we were moving in the right direction but then a crisis formed out of my control in that I discovered that a trusted employee of mine had betrayed me by defrauding me of 10's of thousands of dollars leaving us in a perilous state. To add insult to injury the person had attempted to cover their theft with a personal greivance claim.

These were dark days and there was a period in the aftermath of this where I wondered what the hell I was doing, was I really an ogre? I could be working a corporate job with no worries about employees, meeting payroll, GST or overdue creditor invoices - why stress myself? I could just take the losses and pack it in.

But frankly, I am not a quitter, there was no way I was going to let this defeat me, nor was I going to default on my responsibilities to my creditors, my staff or my family.

But what to do? Here are 14 strategies that worked for me to survive the darkest moments and that enabled us to push through to a promising 2018/19 FY:

  • ASK FOR HELP! No one can do it by themselves, there is no shame in seeking assistance, for breathing space to make payments, legal/finance advice etc - far more poeple want to see you succeed than fail.You need to talk to someone and honestly I was suprised how many business owners have had similar experiences once I started sharing what was happening.
  • GRATITUDE - be thankful for what you have, make it a daily habit. Life will immediately improve check out:
  • Maintain your ENERGY - partake in intensive exercise regularly, and go to bed on time. It's amazing how little space you have for worrisome thoughts when your lungs are crying out for air!
  • Get CLARITY - I'ld never tried meditation before but 15 mins of daily quiet time with the headspace app quickly settled the internal agitation and gave room for clarity of thought. checkout:
  • Maintain your SUPPORT systems - make time to talk with wife, go for a walk, do stuff with the kids, get some time away with people you love and who love you. Do your bit around the house too.
  • GIVE - be active in community, volunteer for things - I enjoy youth development and outdoor activities so I have fun in Sea Scouts, helping out and teaching the kids. I have a bloody good laugh most weeks. Being around positive people rubs off too.
  • INVEST IN YOURSELF - what do you need to be better at? I realised that I had no idea about marketing and sales so initially I utilised whatever free content I could find, see The Salesman Podcast & Valuetainment on Youtube, well worth it.
  • Daily MOTIVATION - Zig Ziglar said motivation wears off like a bath - that why he recommended you take one daily.
  • AVOID NEGATIVITY - Stop listening Newstalk ZB and watching the News. with a news cycle constantly trying to alarm you it can give you a false sense of doom. Hardly anyting in the Newspaper is relevant to your success. Try it out for a week, I bet you wont miss it.
  • Eliminate DISTRACTIONS - You need to organise yourself and your mind, clear the desk, remove clutter from the office and your home. these kinds of things serve as subtle peripheral distractions that reduce your effectiveness.
  • REFOCUS yourself. For me it worked to distance myself from the fraud investigation after delegating aspects and deliberately kept top of mind that our WHY is found in ceaslessly looking for ways to serve our customers, if we are successfully meeting their needs then our success is much more likely,
  • OPEN QUESTIONS - you may have problems that there is no straight forward answer to, try writing up the problem and pinning it to your bathroom mirror. Ask yourself the open question and see if your unconscious mind can come up with an idea whilst you sleep. eg How can I add even more value to my best clients to improve and protect their systems?
  • ACTION above all else ACTION - when the world is getting you down there is always something, however small, that you can do to improve your situation. If a worry is preying upon your mind then get up and do something, write an email, make a telephone call, visit someone. Don't procrastinate - it is never as horrible as you think and it won't go away or get better by itself.
  • Lastly FORGIVE YOURSELF - we are all human, we all make mistakes, pick yourself up, dust yourself off and try again, try your best and NEVER QUIT!

If you have any questions, need help or just want to talk I am happy to do so, flick me an email at



Cybersecurity Tip #21 - safety hints on using public WiFi.

  • Don't! Use a Mobile 4G hotspot instead!
  • Don't use Open unencrypted sessions UNLESS you are using a end to end VPN tunnel type service.
  • If using a public cafe type WiFi network then check the name carefully against what the place advertises.
  • Make sure the connection is set to a public connection with no file and print sharing enabled!



Cybersecurity Tip #20 - Clear Desk Policies - a keystone of physical security!

Not just a way to please the corporate overlords with a sleek tidy work environment suited for hot-desking but it is a great idea from the perspective of information security. Don't leave any sensitive information that you don't want the cleaners reading out at the end of the day. Lock your desk cabinets and secure your laptop both physically and logically by locking it everytime you leave your desk. The lack of clutter will also help you focus on important tasks by clearing away peripheral distractions!


Cybersecurity Tip #19 what are VPN's and what would you use them.

Accessing a work server over the free WiFi without a VPN to encrypt your traffic? Is that free WiFi really the cafe's or is it a man-in-the-middle scam to collect your passwords? Want to access Geo restricted streaming media content? Want to link two private business systems, securely and inexpensively but control exactly what is accessible? VPN's are the answer!​​​​​​​


6 Reasons why your WiFi is completely crap!
1) Old routers running outdated protocols like 802.11g
2) Signal strength attenuation with thick walls etc
3) Distance from the WAP, speed drops away every meter.
4) Radio interference, there's only so many free channels and your neighbours may be blaring across your frequency
5) Congestion, Wi-Fi is not like a cabled ethernet link, the more people using it the lower percentage of bandwidth is available

THE FIX? Get more new access points sited and configured by those who know what they are doing.



Yesterday I saw a new twist on Fake Extortion emails claiming to have hacked your pc whilst you were visiting a porn site and threatening to send a video of you to all your contacts unless you send bitcoin. This recent example contained a reference to an old password related to the email address of the recipient which gave it a significant air of validity. Now if you have a bad habit of reusing the same password for years across many sites then it is more likely that it will end up exposed in a website breach eventually and thus be used against you in this way.

  • Get a password management tool to help you use good password practices,
  • get a webcam cover and
  • have decent paid security on your computer.
First don't respond! These aren't individually targetted it's just a scripted dump from a database designed to elicit a panic response. Even if the worst happens (and its highly unlikely) then trust me you can weather much worse things in life than embarrassment, remember paying out just rewards scum. I have a bunch these webcam covers so I will send out one to the first 5 people who message me in October.



Slow Internet these days of cloud apps equals lost productivity. 1) Check your gear, is your firewall able to pump out the data packets at the same rate as the UFB, are you using an old wireless access point protocol, is your network switch holding you back? 2) Check your Plan, is UFB now available in your area? Is there a better plan you can shift to? 3) Check your ISP, not all ISPs are equal, some may have better transtasman or USA bandwidth contention ratios. If all else is equal then get a network engineer to do a network path analysis to see precisely what the problem is.




13 strategies to boost computing speeds and your profits!

Some of these are easy and some are cheap, others, less so. All valid things to check when you have complaints about computers or internet being slow. My perspective for businesses is that holding onto a cheap slow PC isn't saving you money, it's costing you thousands is lost productivity! Before you run out and buy the latest PC there are a number of things it's worth checking as like so many other things one slow component can hold back the whole.

  1. Check the Spec's of your computer, for general office work for a reasonably busy person we recommend a computer with an i5 CPU, 8GB of RAM & a SSD. If you computer is less than 3 years old and you are running a regular hard disk drive then consider a releatively cheap solid state harddrive upgrade, it will make your PC fly again! However if your machine is older then it's probably time to replace it with a modern unit which will be more cost effective.
  2. Reboot regularly - pending updates are a common cause of odd behaviour or general slowness, with operating systems being quite stable these days it's easy to forget to shutdown fully and reboot it once in a while especially if you set your laptop to hibernate when closing the lid.
  3. Set power settings to high performance - If you have a laptop then chances are that the default power settings are in balanced mode and some things can be shutdown to save power. Go into the power settings of control panel and switch to high performance mode.
  4. Duplicate AV software - Please please please don't click yes to free security software, some free software apps offer additional free programs during the install process, read what you are clicking yes to and uncheck those boxes. Having two Antivirus programs scanning everything your computer does is just overkill. One fully licensed comprehensive endpoint security product is enough, two is just wasting CPU cycles & consuming RAM slowing you down.
  5. New PC's often come with a bunch of preinstalled applications, do yourself a favour and clear them out. Uninstall unwanted apps and keep it tidy. Having a look in the system startup list also gives you an idea of what programs are being loaded every time you power on, You can uncheck them and free up even more resources.
  6. Browser and application plugins - if like me you like trying out new tools and widgets then you can accumulate tool bars and modules which may not necessarily be fully developed or maintained and often these can cludge up your browser or Outlook. Cull them out from time to time and see if you miss those tools and whilst enjoying a boost.
  7. Why not reset to factory default? - These days if you largely use cloud services and have your data synched up this isn't the pain it used to be to get everything back to normal, plus its good for security too!
  8. Slow on WIFI? There is a lot of complexity to the design of well performing wireless internet services due to the limited number of frequencies available, the distance you are from the access point, the number of people sharing. If your WIFI is running poor try moving the access point somewhere more central, and check the frequencies for interference. There has been a lot of changes in WLAN tech so check that your WAP can handle the new protocols & frequencies like 802.11ac
  9. Try a cabled connection it will always perform better because WIFI is half duplex connection which means only one person can be talking at a time and everyone else must stop to listen. With a LAN cable everyone can send and receive at the same time. The more devices talking on a wireless access point the slower it gets.
  10. If you are already on a cabled link then how old is your switch? Old network switches can be the limiting factor - you may need to dump the old 10/100 switch and get a Gigabit capable one in there.
  11. Check your ISP plan speed & contention - ISP's are usually a bit slack to letting customers know there is a better plan available. Give your ISP a ring and ask if you are on the best plan, you save money and get a better speed line! Early UFB plans were 30/10 but now you can get 100/100, 200/200 or even 1000/500Mb/s links!
  12. If your switch, WAP and ISP link are ok then perhaps you have an old router which can't handle the maximum throughpout now available. Free ISP routers from 5+ years ago weren't necessarily designed with bandwidth now available and they struggle to push the data packets through the door fast enough. Time for a refresh.
  13. Lastly change your ISP - not all are equal! I've recently helped out a client who had a lot of pain with international bandwidth and after doing some network path analysis we were able to prove the issue to be with the ISP's access into the USA. We simply switches ISP's and the problem was resolved. With UFB it's now actually quite easy to do without disrupting the business.

If have tried a few of these things but are still struggling, then reach out to a trusted consultant and get their assistance. I am happy to discuss any of these and give 2 free hours help on how you can improve the systems of your business if you have 5 or more computers.

Reach me here to take up this offer or message me on LinkedIn.

Daniel Watson



It's scary how many privacy breeches come down to an exec loosing a laptop with Gigs of confidental info just sitting on it in clear text form. Even if you have a password on the device the hard drive can simply be taken out and read from another PC! Laptops and phones walk, audit access, encrypt hard drives and enable remote wipe centrally on all devices.



The Top 3 Mistakes IT Guys make with SMB's.

1) Talking down to your customer - they mightily dislike being patronised and whilst it may be unintentional the effect of using arcane acronyms and failing to giving appropriate analogies or simplified explanations is that you'll piss them off and have them start to look elsewhere for support. Generally the people you serve are experts in their own field and are highly interested in the outcome for their business. Not having some basic understanding of the issue is incredibly frustrating and when they don't get it delivered in the right manner from you they will refuse to make a decision or do so resentfully. Take the time to come up with a metaphor for the problem or draw out a simple network diagram to help express the key concepts and link the issue & your solution to business outcomes.

2) Silent Site Visits - it's been a while since I was in the dating scene but I understand that being Ghosted is not a pleasant thing. A common complaint I hear from clients is when their IT guy drops in does something and leaves again without a word. This is just terrible for a bunch of reasons, firstly they will probably blame the next random error that happens upon that IT guys visit no matter how unrelated and secondly if the first time they know is when they get your invoice they may be resistant to paying it. Fiddling with a business's production network during the day without express permission is really poor etiquette. Now I am aware that the IT profession may attract more than it's fair share of people on the Asperger's spectrum but at a minimum guys, Call first before turning up, then when you arrive let the primary contact know you are there and what you are planning to do and finally as you leave let them know what you did, how it went etc whilst making sure everyone is still happy. Super simple customer service that goes a long way but do it every time!

3) Stop trying to save the client money $$$ - Client priorities for IT are generally; fit for purpose, stability, performance and price, in that order. Too often I have come across networks where the business is profitable and growing but the systems they are stuck with are outdated, using second hand out of warranty hardware, suffering frequent outages and aren't implementing a full suite of security. It seems that IT guys can fall into a mindset trap of trying to save the client money and reduce costs on systems. Now perhaps the cause of this is that they get complaints about large invoices for time billing as this will increase if root causes are not being addressed. Well whose responsibility is that? It's the IT Guy's job to recommend the best solution for the business and this means you actually have to ask the client what their priority is in order to offer the best solution that you can support, not necessarily the cheapest. Do everyone a favour and lead with the best option (for everyone) first and then offer lesser choices only after they have rejected the first with a full understanding of their current priorities.


Cybersecurity Tip #14 - Four Core concepts of Disaster Recovery

I had a frustrating meeting with a stake holder recently, it wasn't that he didn't know these concepts but that he didn't seem to understand his business well enough to articulate decent answers so we can design a cost effective solution. It's kind of simple, any downtime of production systems = money lost, directly through wages & productivity loss but indirectly too such as reputation, deadlines not met etc. Do you want a tick the box CYA backup or do you need an effective business continuity system that allows you to ride the waves of misfortune without sinking the ship?


  • RTO - Recovery Time Objective, how quickly after failure do you need be back online?
  • RPO - Recovery Point Objective, if you had to revert back to an older version of critical data, what's the oldest you can live with?
  • Retention - how far back in time may need to look into your backup archives? Days, weeks, months or years?
  • THE 321 RULE - 3 copies of any critical data, 2 different formats and 1 copy stored offside!


Cybersecurity Tip #13 - Complex invoice phishing attacks are getting through!
In this video I show you what to look for specifically and why they are getting through.



Cybersecurity Tip #12 - Outsourcing your IT will lead to a more stable, secure and scalable set of systems for your Business

In order to grow your business into something that will fulfil your goals you need to devote an enormous amount of time to looking after your baby. However if you have ambitions to grow your business to a $1mil or a $2million dollar beast with some real momentum then you have to think of yourself as an asset that has to justify earning the company $500 to a $1000 per hour. SO if you find that you are wasting time on menial activities like being on hold with your ISP, troubleshooting a printer fault or installing a new Wireless Access Point then you are wasting company resources on a low value task. Furthermore as your have literally hundreds of other things your should be doing on your To-Do List you will probably stop when it starts working without taking extra steps to secure the system properly or at least  documenting what was done in a proper manner. Do your business a favour and engage with a professional services company like ourselves who will look after these things for you and take care of the security too.



Cybersecurity Tip #11 - Password scam phishing emails
There seems to be a bunch of these going round, a simple email from a known person from their email account - not spoofed - with a link to a shared document - except it's not, the link will be to a hacked website with a hidden page designed to trick you into giving up your passwords. Get your staff signed up to a Cybersecurity training program!



Thanks to Alex, a Detective of the NZ Police for giving me his time to talk about cybercrime in NZ. We talked about some really interesting topics and cases as well as how individuals or Businesses can better understand the threat, risks and how to protect themselves out there.



Cybersecurity Tip #10 - Spotting internal fraud
This is one where unfortunately I can speak from experience. There are some normally honest people who will rip you off out of opportunity, and some broken people who scam you because if they can you deserve it or will do so because they beleive their own bullshit and thus think they are entitled to what ever they can take. Most horrifically these people can also seem like the nicest most credible people who you may think could never do such a think. Take my warning and just treat everyone as capable and put controls to remove the easy opportunities for your trust to be betrayed.





This seems like a hassle but it really isn't compared to the pain of being compromised. Simply put it's too easy for your login details for your critical business systems to be compromised but if you have 2FA enabled on your Xero Account, Office 365 or Client Database then as long as the kackers aren't holding a knife to your throat they aren't going to get in.




Cybersecurity Tip #8 - USB drives are great for silently spreading an infection. * Scan yours between sites * if you don't use them in your business then block their use * NEVER PLUGIN A FOUND DRIVE! It's been done in the wild in Aussie:



Cybersecurity Tip #7 - Defense in depth

7 Essential layers for your businesses IT security - affordable for young dynamic businesses looking to scale.

1) Spam filtering 2) Next Gen Firewall 3) Web Filtering 4) AV & Antimalware 5) OS & Application updates 6) Staff education 7) an Effective BC/DR plan.



Cybersecurity Tip #6 - If you are looking to travel for business then here are some tips for you to consider:

Before you go abroad for work, 1) check in with your IT people, 2) get your phone on a roaming plan 3) put a PIN on your phone 4) encrypt your hardrive 5) if you lose it then get hold of your IT Partner to get help with either locating it, wiping the data, recovery or to help get a workaround solution in place.



Vertech Cybersecurity Tip #5 - Failing to test is testing on failure. (or in other words check your backups actually work)



Vertech Cybersecurity Tip #4 - updates and yet more frikkin updates..
Daniel says - let us keep your computers and servers up to date - it's all part of running a well behaved system and being a good netizen.



Cyber Security Tip #3 - Lock the damn doors!
Have a method of identifying visitors, Challenge wanderers, lock your critical systems away, operate a clear desk policy, lock PC's, get CCTV.




Cybersecurity Tip #2 - Passwords!

Password Management tools - eg Myglue, lastpass, roboform, keepass, 1password, etc




Cybersecurity Tip #1 - Awareness training!





Have you been Compromised already?

You may not be aware but your personal information, address, phone numbers, email address and passwords could already be circulating around the darker parts of the internet to be sold for use by Cybercriminals and identity thieves.

As Vector Privacy Compromise-109the Facebook + Cambridge Analytica incident showed and now on a local scale with Vector, Apps can be used to access private information on a massive scale.

What can be done?

  • Don't reuse the same password on different sites!!!
  • Have a look at or sign up for proactive DarkWeb monitoring for your company's domain with us and call for expert help.
  • If you have confidential client data to protect then contact your insurance broker to get Cyber Insurance as the Forensic & PR efforts Vector will be putting out will be $$$ huge!
Keep it safe and sensible,



Free routers are not REAL Firewalls!

I see small businesses on a regular basis running with just whatever their ISP has provided, usually a cheap device that provides connectivity and some very basic firewall-like functions such as NAT and SPI. As far as I am concerned these are just like putting a $5 lock on the front door of your Million Dollar mansion. Here is an example why:

"MikroTik RouterOS vulnerability

CERT NZ has been informed of an active attack targeting MikroTik RouterOS devices.Microtik

Attackers are identifying these devices by scanning for public IP addresses running specific RouterOS ports and using older versions of the operating system. Once the vulnerability is exploited, malware is downloaded to the compromised devices. The device is then being used to scan for other IP addresses and spread.

CERT NZ is aware that this attack is active. We strongly recommend investigating and patching any RouterOS devices on your network as soon as possible to prevent them from being compromised."

When Vertech connects a client to the internet we insist on a substantial firewall device like the Sophos XG UTM range which can automatically Hotfix itself when vulnerabilities are found in it's firmware and that also provides additional significant security abilities such as sniffing out malware communications and synchronised security with the computer antivirus software to prevent the spread of the threats. This level of security is not expensive anymore and is absolutely affordable by SMB's - it really is just a case of being a good netizen.

To read more about the vulnerability in what is a very common device in the NZ ISP market place:

Stay Safe,




HP Laptops Keylogging problem

It's come to my attention that on a wide range of HP Laptops there are Synaptics touchpad and Conexant audio drivers (older models only) which have code which inadvertantly records keystrokes in cleartext to the local hard drive. Whilst not malicious in itself it unlocks a door which could be used by malware to gain access to confidential systems.

We recommend setting HP's support centre software to auto update your workstations in general and we will make a point of checking our clients laptops during our normal maintenance times to ensure that the driver versions for these items are not susceptible to being used this way.

Thanks to Jeff Stagg for the Heads Up!




The Wireless Krack: Relative Risks

The recently and widely announced weakness in the Wireless Security protocols in use pretty much everywhere have been alarming and caused great concern for some of our customers but let's weigh the risks.

This is an attack on the client portion of the protocol that deals with how the encryption is negotiated, Pretty much every device that uses the WPA protocol is affected. This means nearly every network enabled device and every company network everywhere regardless of make or model.Krack logo

For detailed info read more here:

That's scarily massive in scope! But lets see why I think this Krack is not as big a cause for worry as it's been displayed in the news.

1) Physical Proximity is required! - In order to implement this attack the attacker needs to be within range of your wireless network. For most this is still 30m from your wireless access point. If someone wanted to get your data this badly that they will take the risk of putting themselves in close physical proximity then they will likely find other less hazardous ways to get to your info. A Phishing scam is a 1000 times more likely to cause a breach in your security and these are launched against your staff multiple times a day every single day.

2) UPDATES! If you update regularly you are going to be fine! This is a newly discovered hack and Vendors are already distributing patches for their equipment. For our clients we select reputable vendors who I can see have already released fixes within days of the public announcement. Together with our automated patching regime for clients laptops and our regular onsite maintenances that include updating the firmware of network devices this vulnerability will quickly be addressed.

Take it easy out there and remember "loose clicks sink ships"





 Are you already exposed?

There has been a fair amount of news regarding hacks where large volumes of private identity information has been exposed to the internet. I know that that can seem remote to us but you would be suprised where your information may have ended up and not every company has been very good at informing people when they have been compromised. I'm talking about name, address, phone number, email and passwords. This info in the hands of of the malicious makes cyber crime so much easier.

Want to know if YOUR Details have been made vulnerable?
Here is a link to a site where you can get a report to see what email addresses in your organisation may be in the hands of criminals.

Do it now - change your passwords, please don't reuse the same one on every site!



There is a new, sophisticated email scam you need to watch out for. Bad guys first send emails with links to inappropriate websites to business email addresses, and then follow up with extortion threats.  It's been tested in Australia and now the USA, so NZ won't be far behind.

The email claims that a virus was installed on a porn website which recorded the victim through their webcam. “Then my software collected all your contacts from messengers, e-mails and social networks,” it says. “If I don’t receive my Bitcoins I’ll send video with you to all your contacts.”

This is a play on shame, the fear of tainting your professional image and using that fear to drive a poor decision.

If this type of scam email makes it through the spam filters into your inbox, do not click on any links, do not reply, and delete the message (or click on the Phish Alert button). Do not download any software to check your computer for viruses, but follow procedure to report these types of criminal emails. Remember: "Think Before You Click", it is more important than ever these days.

Educating your staff and giving them some basic Cybersecurity training is essential as a last line of defense in your business. Message me if you need help arranging this.



Cyber Security


On the Internet, we live in a neighbourhood where every bad guy on the planet lives next door. We have all seen the two massive cyber-attacks in the news of late and I must proudly say that none of Vertech’s customers fall foul of it. I was aware of other IT companies whose customers were hit and were suffering the interruption to their daily business as a result. They tended to be businesses with only ad-hoc support and minimal protections in place such as Antivirus software only.

We offer a Workstation Security Guarantee to Vertech Customers who are under our TrueCare Service plans. We are confident that if a client is protected by our four primary layers of security (Automated Security Patching, Antivirus/malware, Web Filtering and Email Scanning) and are actively managed and monitored there is a low likelihood of their systems being infected.

What’s better is if staff are also empowered to be aware of the red flags and signs of common scams so that even if all these layers are penetrated they can distinguish a legit email from the malicious. Invest in some Cybersecurity Awareness training for your people!

The last line of defense we’ve now implemented for most of our clients is an upgraded firewall system. The system is capable of sniffing your outbound internet traffic for malware communications to the Cybercriminal's command and control servers. Even if a staff member clicks on a dodgy email and gets some ransomware on their computer, it is possible to block the request for encryption keys as it passes through your network and prevents the damaging payload from taking hold.

If your business doesn’t already have protections like I have discussed in place then it’s a matter of hope and luck that you don’t get hit. When you live zero distance from every cybercriminal in the world your doors handles and windows are being rattled all day, every day. These protections are not expensive and are easily afforded by the SMB market. If you are interested in finding out what else we could be doing for your company please call me on 09 972 0367 or email



Business Reading

I’ve been thinking a lot on how I can achieve the goals I have set for myself and the business.It has become apparent that I can’t get better results by being the same person that I have always been. If you want MORE, you have to BE more. By developing your personal capabilities, you display leadership and learn how you can grow the business. There are plenty of material in this vein and if you pick up anything by the authors below you can’t go wrong. I’ve been reading and listening to several excellent Audio Books recently (either through Audible or YouTube) which I highly recommend to fellow business leaders!

  1. The Pumpkin Plan by Mike Michalowicz – A simple but powerful analogy to grow your business with less pain. You don’t need more customers, you need more of the right kind of customer. pumpkin plan
  2. Unshakeable by Tony Robbins – Deals with wealth creation in a step by step manner suitable for anyone. Wisdom distilled from the mouths of the world’s financial titans in a form even a financial simpleton like myself can implement!
  3. Secrets of Closing the Sale by Zig Ziglar – this is a classic, he sounds like an old time southern Baptist preacher but he’s got the chops. At the end of the day we are all in a sales profession and it you don’t ask for the sale then you are a professional visitor.


Don’t have time to read? I signed up for YouTube Red so I can listen to them whilst running with the dog without ads. Motivational stuff is all very nice but without action it’s pointless and what’s more it tends to wear off over time as we get consumed by the minutiae of day to day life. Keep yourself exposed to a steady stream of inspiration, seek out people who have done what you want to do and ask them how they got there, model success!




Over this weekend you would found it hard to miss the news about a new Ransomware attack based upon a vulnerability in a file sharing protocol within Microsoft Windows that affects multiple operating systems. Over 100,000 organisations have been infected so far and Europol expects that  this number will rise significantly as people return to work.

This attack spreads through an emailed zipped attachment. When it's run, the code replicates to other machines on the network, locks the person out of their computer and encrypts what files it can before issuing a ransom demand. If the demand is not paid within a specified time frame the demand is increased and if not paid after another period the files are permanently destroyed.


  1. Patch your computer systems

    • Our clients who come under one of our TrueCare or HomeCare workstation security plans we've confirmed already  had their software patched back in March for this vulnerability so would be already protected from this attack!
  2. Keep your Software Up-to-Date

    • Whilst Windows 7 through 10 have been patched older systems such as Windows XP no longer receive updates and will still be vulnerabile to this attack. Have you got any machines on your network that need replacing?
  3. Backup your systems regularly

    • If in a worst case scenario you do fall victim it's better to restore your files from a recent good backup if you have one , rather than lining the pockets of these Criminal Organisations. Is your backup viable? Is it monitored and stored offsite? Do you get alerts if it fails?
  4. Install Smart Firewalls

    • If you are using a free router from your ISP then it won't have the intelligence to spot malware traffic passing through it. Vertech recommends Cyberoam Unified Threat Management Appliances to act as the perimeter guard dog for the organisation. They are able to spot attacks within your network and block the malicious traffic to limit the extent of the damage. What are you using in your company?
  5. Train your Staff

    • Even with all the technical defenses we can provide at the end of the day your last line of defense is your staff. Hopefully you give them a little more than the 2-Step on-the-job training of "Good Luck and Hang In There"! We can take the hassle out of CyberSecurity Awareness Training for your team and give you stats on how vigilant they are. It's a small investment compared to cost of a security incident I assure you. Give me a ring 09 972 0364 or drop me a line and ask about KnowBe4 training to get a free SIMULATED attack to see how your staff would fare.

If your would like to learn more about what needs to be done to keep your business safe from cybercrime register for my next FREE Educational Webinar here:

Good luck and keep safe!




Being a life long learner

One of the things I like about being in IT is the ever present opportunity to learn new skills and technologies. But technology isn't just limited to electronics, there is plenty of software upgrades for the lump of fatty tissue between our ears and this guy is gold.

I forced my teenage kids to listen to this today! They grudgingly appreciated that I did it out of love for them. I know what questions I'll be posing myself each day. Some have come straight from the Pumpkin Plan.

  • What am I grateful for in my life?
  • What is something that I am really happy with?
  • What can I do today be a better Husband & Dad?
  • How can I improve the profitability of my company?
  • Is there something I can do to streamline our systems & processes today?
  • What could we do to improve the IT systems of our Top Clients?
Something to ponder on, what questions could you ask yourself everyday that could massively impact your state of mind and your business?



Picture this:


“You’re in the departure hall, the flight home is not boarding for another 30 mins. As you place your laptop bag down you spot a shiny new flash drive under the bench. Naturally being an intelligent, curious person anticipating a boring wait till your flight is called you slide your work laptop out and plug the USB drive in to have a look to see what it contains. Who knows? Perhaps you might be able to find out who it belongs to so you can do the right thing and pop in in the post to the unlucky person who dropped it?

Poster16During the post incident analysis of the security breach that encrypted the contents of your business’s network drive it was found that your machine was the source of the attack. The IT team managed to restore the server back to normal without resorting to paying the Ransom. Only half a day’s productivity for 30 staff was lost. Sadly, your only copy of the family holiday snaps under My Documents were permanently lost.”

I am sure you’ve worked out now that it is your employees who are the weak link in your IT Security and the costs can be significant. Social engineering is the number one security threat to any organization. The alarming growth in sophisticated cyberattacks makes this problem only worse, as cybercriminals go for the low-hanging fruit: employees. Numerous reports and white papers show organizations are exposed to massive increases in the number of cyberattacks over the past five years.

At Vertech IT Services we constantly work to close gaps and increasing the robustness of our client’s networks but we’ve realised that we need a way to massively & efficiently provide ongoing awareness training programs to the dynamic SMB sector with the least disruption to their business. We’ve found that solution in the company KnowBe4.comKB4-Authorized-Partner-227

Click here to learn more and access a free Best Practices Whitepaper and to learn how you too can provide Cybersecurity Awareness training to your people.






HaaS. In case you haven’t heard enough acronyms in the IT industry, let me give you one more: HaaS, or “hardware as a service.” Simply, HaaS is an option to “rent” hardware on a low monthly basis instead of purchasing it outright. This eliminates the hefty cash drain for a network upgrade and allows you to pay for hardware as a service. It also puts the burden of repair and replacement on the shoulders of your IT company (us) to keep your equipment up and running. 

With our HaaS offering we'll wrap the computer in our TrueCare Fundamentals Service Option and Gold Workstation Security Package with options for Flat Rate support you will have a guaranteed superior IT experience for your business.

You do end up paying more in the long run (as you would if you leased a car or bought a house on payments), but the results and the ease on cash flow makes this a better option for some people.
Daniel Watson





Virtual Disaster Recovery Testing

Time and time again I have done a new customer audit and discovered that their Backup Tape/Drive that they have been diligently rotating for months contains either nothing at all or backup files so old as to be next to useless. 

Vertech has been countering this with our flat-rate Max Backup cloud DR service and we are now happy to announce that we can provide a regular Virtual Disaster Recovery Testing Service.

Currently if Vertech is visiting your site for a regular maintenance visit the Second thing we do (The First is making sure the server isn't about to burst into flames) is a test restore of files and folders to confirm the backup data chain is intact. Now Vertech upgrade this testing to provide a regular full restore of your Servers into Microsoft Azure hosting platform to confirm that the Servers will actually Boot up! 

Previously doing a full DR restore of servers was an time-consuming and expensive manual service. We are now able to automate much of the donkey work to be able to offer this peace of mind at a much better rate. Further more this test restore can be used as the basis for a Fast full site recovery option should the office go up in a puff of smoke!

If your business needs a reality check on your Backup and DR then give me a call on +64 9 9720364 or email me and I'll be happy to come out and provide a free consultation.

Daniel Watson


Ransomware emails & Staff Training

We've been seeing a steady stream of emails with increasing levels of sophistication targeting clients. Because of the serious risks associated with ransomware we've proactively enabled a new feature on the Vertech Mail Security platform across the board. 

  • From now on, all zipped attachments, executable files and macro enabled documents will be treated as Spam (but able to be manually released from Quarantine).

  • All Scripting type files will be treated as Malware.

If your business may has legitimate email traffic with those types of attachments then please notify our Service Desk here so we can tailor your company email security policy to suit.

NBPlease be careful about making your whitelist entries too generic. eg a subject line of "RE: " in your list of allowed subject is inviting trouble!

Following on from last month's successful Cybersecurity Seminar with Zeald, I am now providing onsite staff group training sessions on:

  • What the threats are

  • How to spot them

  • How to stay safe on the internet. 

Whilst we can put in place some very clever technology to defend your systems, your staff are the last line of defense and also the weak link.



We now offer Staff CyberSecurity training sessions! 

  • Short & to the point

  • Group sessions from $199

  • Give them the knowledge to protect themselves and your business.

Click here for book a session 



Security and Success: How to survive and thrive online


If you are concerned about your security online, then this seminar is for you. The Security and Success: How to survive and thrive online seminar is a primer on cyber security threats for the harried business owner. We will cover various threats to the online user, the effects of these threats and how to mitigate the risks these threats pose to the average Kiwi business. 

Vertech has partnered with Zeald to provide this Seminar at no charge on the 13th of April 2016. The 2-hour seminar will answer your questions about online security and best-practice for your website. Please arrive at 9.30 for registration. The seminar begins at 10am, finishing at midday with a short break for light refreshments. 

register Now-733


Productivity Tip #3


If you have ever torn your hair out trying to get multiple busy people to agree on a single meeting time or 

have spent more time firing emails back and forth than the meeting itself then this might be the thing for you. Microsoft Garage have released a handy free tool for Office 365 and Outlook called FindTime. 

This nifty add-in creates a simple poll of acceptable times that you select and sends this to all parties. They can then vote on preferred possible time slots allowing everyone to reach a consensus as to the meeting schedule. This works for people Both inside and outside of your organisation and greatly simplifies the process! Watch my video below to find out how to install and work with it:Video Tip: Simplify Scheduling using FindTime


New Insurance exemption clauses

This morning I opened the mail and noted that our business insurance (ASB)  had some new clauses with respect to damage caused

exclusion clause-887


to electronic data. Gone is the old clause relating to the Y2K issue (that was a laugh) and in its place is an exclusion for "loss of or 

damage to electronic data from any cause whatsoever including but not limited to, a computer virus"

I guess this means that the insurance industry is seeing a significant amount of claims from this cause and are seeking to eliminate this risk to their profits.

Prevention is better than the cure but always have a good backup plan. Your business insurance may not save the day.

Daniel Watson


Productive Habits


Every couple of months I take a Friday off from the business to attend a business coaching workshop as part of the Velocity program delivered by the marvelous people at The Breakthrough Co.

Last Friday's topic revolved around Habits, how to utilise what we know about habits to encourage productive activity which we can use to develop our businesses and to quarantine the bad habits that suck our energy.

As most people know email is a critical business communication tool vital to the operation of businesses everywhere however as this brilliant comic from The Oatmeal illustrates, it needs careful containment so as to not distract you from your mission. Click the image to view.

My email is a monster

Quick Tips for controlling your Email Monster.




Vertech MAV changes, Vertech Price rise and Windows 10

Fuji-Xerox Printers Special

Purchase selected Fuji Xerox printers and receive up to $150 Cash Back
Offer available til 31st October 2015

Purchase this black and white laser printer for $239 ex GST and with the promotion you can get $75 cash back. Click the image for specifications.

Vertech's Managed Printer Service: Unbeatable value & Convenience.

Vertech's MPS agent monitors your printer to check for faults and consumables levels. When levels get low a replacement Toner cartridge is automatically dispatched. If there is a fault with the printer then a Xerox tech will get in touch and resolve the problem under warranty. For the printer above for example we bill you $5 per month plus a monthly usage fee of just $0.0285 per page!

We can provide this service from this simple black and white lasers through to large colour A3 multi-functions and can provide leasing arrangements to suit your business.

Email us now to put in your order or if you would like pricing on other models;

Vertech MAV Service:

The current underlying software for our Managed Anti-Virus service is Vipre Business which was previously one of the best performers in the market; however nothing is forever and recent industry product test have shown that there are better products available.

As part of our commitment to ensure that our clients receive the best protection we can offer we will be progressively migrating your agents to the new platform based upon Bitdefender.

Bitdefender’s antimalware technology ranks consistently as the best available on the market and is currently the top-rated business antivirus software on independent review site AV-TEST.

There will be no cost for initiating the crossgrade nor is there any price change for the monthly workstation package (part of our Silver and Gold plans) and it should be seamless apart from a reboot to complete the installation. If required; we will contact you to check when the servers can best be rebooted.

If you are not currently utilising our MAV (Silver or Gold Workstation Packages and Silver and Gold Server Packages) and If you would like any further information on the advantages of moving your existing AV to Bitdefender, please drop us a line

Windows 10 Upgrade?
You may have seen the Windows 10 Logo in your system tray appear in the last month and you may be wondering if you should upgrade to Windows 10.

At Vertech we take a cautious approach to new operating systems. Whilst there are some of us who love to have the latest and greatest new thing most businesses prefer to reduce the number of suprises in their daily operations.

This new Windows operating system does look and feel very slick and will be quite familiar to anyone who was happy with Windows & Pro. You may experience a speed improvement over windows 7 or 8 on an older PC. The Windows 10 OS is the same across all platforms and thus is the way forward from Microsoft. They are providing free upgrade rights from Windows 7 for one year so there is no rush.

Our recommendations for Windows 10:

  • Beware that if you have older accessories or printers as finding drivers may be an issue.

  • Whilst it does feel familiar and is an improvement upon Windows 8.1 there will be some training required and this may affect productivity

  • It does take several hours and approx 5GB of download to complete, you certainly don't want to kick off the upgrade on a whim first thing in the morning.

  • If you are at all unsure give us a ring and let us help you out.

Vertech Price Rises:
We will be standardising our ad-hoc support rates to $130/hr from 1 Oct 2015 for those clients who are not under a current existing support agreement.
The good news is that we are not raising our Pre-purchased and Onsite Maintenance Hour rates ($115/hr). Dan will be endeavoring to meet with all clients over the coming months to discuss past average support usage and how you might save on support costs by moving from ad-hoc to pre-paid hours.

As of 01/10/2015 the following Rates will apply:

  • Vertech Remote support up to 10 minutes: No charge

  • Vertech Remote support for more than 10 minutes: $130.00 per hour Minimum of 15 minutes, billed in 15 Minute increments

  • Vertech On site visit: $130.00 per hour Minimum of 30 minutes

  • Site Visit Fee - Greater Auckland Area: $65 per visit

  • Site Visit Fee - Outside of Auckland: Travel time at $130/hourOr travel expenses by negotiation

  • Vertech Pre-booked Engineering hours and Maintenance Support either Remote or Onsite: $115.00 per hour

  • Site Visit Fee Pre-booked onsite Maintenance Support: $55.00 per visit

  • Vertech IT Consultancy Support: $170.00 per hour



Why it's the Perfect Time for a Security Intervention

The following article is taken from Dan Kaplan's excellent post at Trustwave here.

2014 was a year of reckoning for IT and security professionals globally. Like never before, the crushing consequences of risky business behaviour, combined with continued hacker acumen, were hung on full display, for the world to see. And evidence of the fallout was everywhere: from high-profile vulnerabilities like Heartbleed and Shellshock, to innovative malware attacks such as Backoff, to devastating data breaches that brought household brands (and countless others that you'll never read about) to their knees.
At the rate things are going, 2015 is setting up to be even direr. No doubt, awareness of the threats has catapulted security onto the boardroom agenda, but the fact remains that most organisations are operating at some level of denial - somewhere between "It won't happen to me" to "We checked the compliance boxes, so we're good to go." At a point, however, businesses that have been making - and paying for - the same mistakes for the past five years must arrive at a collective awakening.
It can - and likely will - happen to you: Experts have been claiming for some time that data breaches are a when, not if, prospect. Yet they continue to happen, and responses remain poor - 71 percent of compromise victims don't even detect the breach themselves. Incident response and readiness, therefore, must become a priority. Invest, test the plans regularly and get everybody on board with them.
Your perimeter is dead: Mobility and BYOD is king, and the whole notion of the "internet of things" is just as real for the business environment as it is for the home consumer. Increasingly devices are internet-connected, and it's critical to understand which systems are trying to connect to your network. Also, mind your outsourced suppliers. Vendor risk management is more important than ever.
How safe are your staff devices? At present 60 per cent of New Zealander's own a smartphone and or Tablet/iPad and this percentage is expected to continue to climb. However, many people don’t apply the same safety standards to smartdevices that they would to their PC at home or at work even though they store a huge amount of personal and work data. Here are some key precautions to be aware of:

  • Use a complex PIN lock and treat it like your EFTPOS PIN i.e. keep it to yourself so no one else can access your information

  • Use an antivirus app and make sure it’s up to date

  • Upload “locate and lock” apps to help you find, lock and wipe your smartphone if it is lost or stolen

  • Back up your important information like contacts, photos and documents  - there are plenty of cloud storage options that allow you to do this

  • Use approved apps – not all apps are nice! Install apps only from Google, Microsoft and Apple stores

 Only store information and files on your phone that you can afford to lose, otherwise store it somewhere else.

Advice from Daniel:Daniel Watson Managing Director

The world's gone mobile. Staying connected is cheap and it's everywhere and more people than ever want to - need to - work across a number of platforms and devices. Yet despite its benefits, working in this way can be a major security issue for employers if adequate device management isn't in place. Vertech now offers a Mobile Device Management service to take care of these issues so you can rest easy.


Additional advice from Jay:

BYOD or Guest devices should not be able to access to any of internal network resources because it can have virus on it, and spread it to the office network. The WIFI for BYOD devices should be on a segregated VLAN and can go to internet only and unable to see any of internal network to isolate BYOD devices.


Your employees are mistake-prone: As advanced as threats may be, oftentimes they are meaningless until they are welcomed inside the virtual door of a business. That deed typically is done by an unwitting employee who, for example, uses an easily crackable password or clicks on a link or attachment that they shouldn't have. Social engineering ruses, like targeted phishing attacks and blended threats, are getting better at tricking innocent users, but one can't overstate the importance of a regularly refined security awareness program that receives executive-level support.

Advice from Mital:Mital Patel Network Systems Engineer

Change passwords from time to time – employees don’t like it because they find it difficult to memorise the new password.
Customer's often request us to disable password expiry or allow simple passwords however we strongly discourage this and recommend complex passwords (a mix of numbers, letters, case & punctuation marks of at least 7 characters length) changed on a monthly -  quarterly basis.

Top Password Tips:         
* A good password doesn't have to be entirely random, you can create a memorable password out of song lyrics or three unusual words with substitutions. eg. W@l1ays = We @ll live 1n a yellow submarine or 6redPhone!
* Don't share passwords!

* When a person leaves the organisation, please contact us to remove or disable the account - we can give you options on how to retain access to that staff members data & email. We can help you document an Staff exit procedure.