.uk Domain Names Have Arrived!

.UK Domain Launch
On 10th June .uk domain names were made available by the UK registry Nominet.

The launch lets UK businesses register the shorter 'example.uk' domain names alongside the existing 'example.co.uk' or 'example.org.uk'. This will come as a welcome addition to many domain portfolios and opens up the opportunity for short, snappy web addresses.

Another key benefit of the new .uk domain extensions is the ability to create your online identity in a brand new space while signalling a clear connection with the UK.

Those currently holding domain names with a .co.uk or .org.uk extension will be given right-of-refusal on their .uk domain name for five years. After that, the domains will be released for general sale.

This move brings the UK inline with countries like Germany and France who have held their own equivelant shorter domain names for years. Nominet originally intended to ensure that applicants had a verified UK presence but fears that this rule would be too stringent led to it being relaxed and now applicants will only need a physical UK address at which they can be contacted.

To find out whether your are able to register your .uk domain name, check your eligibility using the rights lookup tool on www.dotuklaunch.uk.

Optinium were recently awarded the Accredited Registrar Status by Nominet recogising that we are amongst the top 2% of registrars in the UK. Click here or contact us if you would like to see our full range of domain name offerings.
David Robson, Network Engineer
June 2014

Managed Firewall Services

Managed Firewalls
Security should be at the forefront of your business' operational policies. To this end, a firewall can be instrumental in protecting your digital assets and mitigating risks associated with your public facing network components.

Businesses fall victim to security breaches on a daily basis. Only recently, online auction website eBay suffered just such a breach resulting in them having to request password changes from their entire user base. A company like eBay can bounce back from this type of breach but for a smaller busineness it is vital to avoid them in order to maintain your reputation and protect your clientele. The slightest question of confidence in your service can be fatal.

A business's network is under external pressure 24/7 and it needs a solution to strengthen it's defences. Unfortunately there is no product which works 'out of the box', proper configuration specific to your needs is required. On top of this, regular patching, testing and ongoing management is the only way to maintain a high level of security.

Keeping on top of new threats and vulnerabilities requires time and expertise. This can waste valuable IT resources and put unnecessary strain on your business. A managed service is a sound option for any business looking to increase network protection whilst keeping operations as cost effective as possible. As well as negating the expenditure associated with internally maintaining a firewall, there are other benefits to a managed solution. A professional managed firewall provider will usually have an SIEM platform providing real-time monitoring of both security alerts and unusual activity. To implement this level of control would be impractical for many businesses.

Another benefit that comes with a professionally managed solution is a site to site VPN. Any data shared between two remote locations will always be vulnerable to interception. By creating a secure encrypted VPN, you can extend your network across multiple sites knowing that your data will never be visible to malicious parties whilst in transit. No additional software is required, as the firewall itself manages the VPN between sites. Again, implementing a VPN would otherwise require third party software or a VPN server and certainly some considerable outlay in IT resources.

Traffic Shaping
If you have ever experienced dropouts in your VOIP calls then you could have simply used all your available bandwidth from your ISP. The problem is not just limited to VOIP calls, without a traffic shaping policy, network traffic which exceeds your current available bandwidth will be indiscriminately dropped. This can often result in loss of service and yet can easily be avoided. A managed firewall service is capable of shaping your traffic so that primary services are given a reserved bandwidth amount, leaving any remaining bandwidth free for secondary services.

If you have more than one ISP, a managed firewall can perform load balancing by splitting traffic across each connection. For example you can route critical traffic through your favoured ISP and leave the rest to your less favoured ISP. Alternatively you can simply split the traffic to use both on a somewhat equal basis. In the event of a loss of service from one of your ISPs, the firewall will handle the problem and route all traffic over the remaining connection (provided it can handle the bandwidth).

There are many aspects to implementing and maintaning a properly optimised firewall. For most businesses, a managed service is a great solution. We have a range of options designed to suit any business and we focus on accommodating your individual needs. If you would like an overview of the services we offer, you can read more about them here or to talk in more detail about what you require then feel free to get in touch.
David Robson, Network Engineer
May 2014

Control Panel Two Factor Authentication

As you can imagine, security is a major concern at Optinium Internet. We don’t want your online brand to be compromised in any way. To this end we have recently implemented precautions which help to further safeguard your business.
“…40% of all passwords appear in
a list of the top 100 passwords…”

Passwords alone are repeatedly being proven to be an ineffective measure in online security. According to a study by Mark Burnett (xato.net) , 91% of all users’ passwords appear in a list of the top 1000 passwords while 40% appear in a list of the top 100 passwords. Mark’s data set was comprised of around six million usernames/passwords and 99.8% of those represented the 10,000 most common passwords.

Your account has always been protected by a stringent password policy and any considerable changes such as domain transfers have been handled manually by a member of our team. Moving forward, this level of service will be maintained with the added benefit of Two Factor Authentication.

Passwords are becoming less and less secure. Malicious groups of people can gain access to your online accounts through phishing techniques, malware, brute force attacks or plain old guesswork. This single line of defence is no longer enough to keep your business’s online brand protected. Two Factor Authentication does exactly as the name suggests, it adds another step into the process by which you access your account.

You have probably already used Two Factor Authentication when banking online, for example PayPal and Google require you to validate your identity with each login on a new computer by sending you a six digit code. In this case, as well as needing your password, malicious individuals also need your mobile phone instantly making the hacker's job much more difficult.

Two Factor Authentication uses a Time-based One-time Password Algorithm (TOPA) which creates a one-time password from a shared secret key and the current time. It has been adopted as Internet Engineering Task Force standard RFC 6238. It combines the secret key with the current timestamp using a cryptographic hash function to generate a one-time password. A new password is generated every thirty seconds so this is the window in which any given one-time password will work. To account for differences in time synchronisation, our system will allow passwords generated from timestamps which differ by ± 30s from the client's timestamp. To learn more about TOPA, feel free to visit the links at the bottom of this article.

Two Factor Authentication is configured through your Control Panel account. You will notice a new section on the ‘Edit User’ page entitled ‘Two Factor Authentication’. From here you can set up Two Factor Authentication on any user’s account. Simply scan the QR code with your smart phone and then enter your one-time six digit password when you login to the Control Panel:

Two Factor Authentication

You can read more about Two Factor Authentication by visiting the Help Documentation here. You will find a detailed overview along with commonly asked questions and Android/iOS setup instructions. New and existing customers are free to use Two Factor Authentication at their discretion although we highly recommend it.

Internet Engineering Task Force (IETF) Documentation - http://tools.ietf.org/html/rfc6238
Wikipedia article on TOTP - http://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
Optinium Two Factor Authentication Documentation - https://cp.optiniuminternet.co.uk/Help/TwoFactorAuthentication
David Robson, Network Engineer
May 2014

Nominet Accredited Registrar Status

Nominet Accredited Registrar We are very happy to announce that we have recently been awarded Nominet's coveted Accredited Channel Partner status.

Of Nominet's three classifications for registrars, the Accredited Channel Partner status is reserved for those registrars who have demonstrated high standards of data quality and customer service.

Further to this, we have been proven to adhere to Nominet's strict policies regarding following the correct processes and assuring our customers that they can use our domain services with the utmost confidence.

It is worth mentioning that at the time of writing, less that 1.7% of UK Registrars have been found worthy of the Accredited Channel Partner status.

From our customers' point of view, we can now perform domain registrant ownership changes at no cost. Without the Accredited Channel Partner satus, these changes had to be dealt with directly through Nominet and incurred a £10+VAT charge.

This brilliant acheivement means that we are now better equipped to manage your domains efficiently and maintain qualitative data.
David Robson, Network Engineer
May 2014
Our Blog is a repository for company news, networking related articles and other useful information.
Accreditation 01 Accreditation 02 Accreditation 03 Accreditation 05 Accreditation 06 Accreditation 07