Vodafail by another name: 3 Mobile demands payment during overseas trip.

Brace yourselves – this is a rant.

In my opinion, mobile phone companies are right down their with real estate agents and used car salesmen. But let me lay out the facts and you can decided for yourself.

After receiving a wedding invitataion, we decided to pack up the kids and head to Wellington for a 10 day holiday. We’re self-employed with clients who rely on us, so by ‘holiday’ I mean ‘time away from the office’. We accept that our lifestyle means our phones come with us and so does the laptop. Then again, we didn’t have to get annual leave approved.

As bad luck would have it, someone’s server decided to have an inexplicable brain fade on the first business day of our holiday. This meant a number of phone calls and SMS messages over a 48hr period. A big number. Fine, that’s the cost of having your own business and deciding to go overseas, without staff back home to handle it. I was expecting to pay a premium for it.

Our first contact from 3 was an SMS asking us to contact them about our bill, currently $338.  No biggy, I thought, I knew why the charges were high. Great customer service that they are warning me that there might be something dodgy going on, or I may be unexpectedly be racking up mobile data charges by putting my happy snaps on Facebook.

The next day, Tony missed a phone call then I received a call from a blocked number. The Indian call centre wanted to talk to me about the large bill. But because I couldn’t remember the PIN number I had set on the account 9 years ago, though I could tell them a million details about the account, they refused to talk to me about the account. I explained the situation to them but they refused to listen.

Two minutes later, we both receive an SMS stating we needed to call 3 urgently about our $883 mobile bill or our account would be terminated. W T F ?

So, Tony calls them and explains the situation, to be told the following: 3 Mobile are allowed to demand immediate payment of a large overseas roaming spend or terminate our account. Note, we are on a business post-paid account here. And apparently this little clause is in the terms and conditions (not that I can find them on their website). So, we’re out sightseeing with our family, with no access to the internet and facing termination of our mobile service WHICH IS ESSENTIAL TO OUR BUSINESS.

We asked for them to extend the deadline until close of business the next day, still extremely unhappy about the whole thing.

Once we’ve returned to our friend’s house, I jump on the internet and can find no way to pay our account. Being post-paid, it’s normally taken out by 3 via direct debit, so I have no BPAY history to them. I could do a new BPAY payment if I had the reference number off my bill .. which hasn’t been sent to us and I don’t have last months because it’s back in BRISBANE. It’s not even viewable on the ‘My 3′ website.

Rock, meet hard place.

I’m not a young backpacker who doesn’t know how global roaming works. I still think it’s a complete rort that telcos get away with such huge roaming charges. I understand there’s extra admin between the visited country and the home country, to get your costs back to your home bill. But the extra amount they charge for that is ridiculous. This is Australia & New Zealand we are talking about, 3 & Vodafone (or should I say Vodafone & Vodafone).

But to demand that the phone user pay that amount immediately or be disconnected is complete bullying tactics. And to point out ‘it’s in the contract conditions’ is a complete waste of time and a cop-out. I’m still yet to find this clause, by the way.

So, that’s the first part of the saga. I’ll update you when I have more to add. Right now I’m starting down the barrel of another phone call back to 3 to hand over my credit card details presumably to pay the bill that I’ve just incurred. So much for monthly post-paid.

Let this be a warning, all you business owners. If you ever go overseas and, heaven forbid’ actually need to use your mobile phone for business purposes, you better keep your credit card handy and stand by for the call from the accounts department. Because, like me, I’m guessing you won’t have read all of the fine print of the mobile service you signed up for 9 years ago.

-SCuffy.

When Breastfeeding becomes your PR disaster

OK, this one is a ‘mini-post’ to ‘get the subject off my chest’ – yes, pardon the pun.

On the news yesterday we heard of a mother who was approached by a staff member at a council-run public swimming pool, because another swimmer was uncomfortable with this lady breastfeeding her baby at the poolside. The mother was embarrassed & humiliated and chose to leave the pool. To her defence, she stated that she was supervising her other children who were still in the pool. It’a also against the law to discriminate against breastfeeding mothers in public places.

I don’t like confrontation myself, and I would have done exactly the same thing – left. She had a right to feel upset and now it’s hit the national news and turned into a breastfeeding in public debate.

To me, it feels a little like a time warp that we’re even having this conversation. Again. But I’m not going to tackle that side of the story. I’m going to talk about the staff.

The council-run pool had a couple of opportunities here. The first was training their staff before the event. Teaching them what they should and shouldn’t do, what the law is, how to handle customer complaints. We don’t know if that was done or not. The second was the staff member involved. Did they talk to a supervisor before approaching the mother, to check it was ok or not? We don’t know. It’s not even reported that the staff member asked the woman to leave or to cover it. She may have just said that someone else had complained. That would make me uncomfortable enough to leave, even though I had a legal right to stay.

In hindsight, it’s easy to see what should have been done. The staff member should have said to the compaining person ‘I’m sorry you’re uncomfortable but she has a legal right to feed her baby here” and left it at that. Perhaps the staff member was a peace-maker who thought any confrontation would be calmed by quietly mentioning it to the mother? We don’t know.

What we do know is the stunning amount of silence coming from any pool representative. No explanation, no public apology, no ‘we were wrong in how we approached this, breastfeeding mothers are welcome here’. Media silence. This is how you turn a complaint into a PR disaster.

Every complaint gives an organisation an opportunity to turn things around, but they can’t ignore it, especially when the media is involved. And if they sit on it for too long before speaking up, the public goes ‘oh well, now you’re just trying to save face because you’ve been bad-mouthed all over the news’.

The caveat on this is that I’m not a PR expert. But as someone passionate about business, my thoughts went into problem-solving mode. What went wrong? What should have been done then and straight after the incident?

There’s a Seth Godin-like lesson in this. Businesses, please talk to your staff this week about when you legally can ask someone to leave and about how they should handle a customer complaint.

And mums, keep feeding your bubs when they are hungry.

-SCuff

To the cloud .. or not? (A personal account)

This isn’t intended as a comprehensive argument on how to evaluate if Cloud Computing is right for you or not.  I’ve written it to show where we use Cloud Computing in our own business, and where we don’t.  As most of my readers aren’t IT Providers, you may find something relevant in this, or you may not.  But I’m a firm believer in recommending the best solution to a client for their individual needs, so our own decision on Cloud Computing has been based on our current business needs.

To the Cloud … Website, System Monitoring, Ticketing & Job Management

Website – We have our own server, and it currently hosts our http://www.ctaspley.com.au website (as at Feb 2012).  We did this because we could, when we started our business nearly 8 years ago. It gave us full control of the website and a chance to practice with website publishing, in an environment that wasn’t too critical (and was backed up).  Since then, our franchise has developed WordPress sites with common themes on a hosted server at another location.  I’m slowly customising (re-writing) the content of those pages and when I’m happy with it, we’ll change our website address to point to this new site.  Our website will then be ‘in the Cloud’ .. so to speak.  The downside? I won’t have full control over all of the design elements. But you know what – I don’t really care. I’m happy with the structure and as long as I can update the content to suit, I don’t need to change the design.  In this case, we are the exception to the rule, as most businesses don’t host their own website anyway.  And if you did want full design control, there are plenty of hosting companies that will let you have that.

System Monitoring –  Now we use some pretty amazing software that monitor’s the health of our client’s computer systems, especially those errors that are screaming silently into the event log. Our access to this is through the Internet to a server managed by a fellow Computer Troubleshooter in New Zealand, who also provides access to North America and the UK.  Whilst the company we buy this software from doesn’t have this internet hosting capability, our NZ group have paved the way for our global franchisees to use this in the Cloud. Once again, I have no control over the server. Once again, I don’t care. As the information on this system is only really useful when it’s real-time, it will re-generate on the current status of the systems when it comes back up.  There are also other monitoring providers that have cloud-based systems as an option (or the only option).

Ticketing & Job Management – Details of our work, including billing hours, are stored in a cloud-based system. This is far more advanced that the previous in-house effort, for a fraction of the cost, plus it has the advantage of the input from thousands of other IT providers in terms of functionality requests, bug reports etc.  At worst, we stand to lose our historical data to some extent – the data centre has hourly backups and offsite backup storage. This information is transferred to our accounting software too, so we have two sources (one in-house, one in-cloud) of our billing information.  And once again, as long as the system works, I’m happy to do the data entry and let the provider take care of the systems administration.

Not in the Cloud … Financial software, Applications, Email and File storage

Financial software –  Our financial software is something that I would have considered using a Cloud-based version of. The problem is that Cloud versions are not compatible with the integration we get from our Job Management software. In English, if I do a job and bill some time, I can transfer that invoice directly to the financial software installed on my PC. I can’t transfer it to a Cloud-based financial system.  So, to save double data entry, the financial software is staying on my PC.

Applications & Email – As an IT Provider, we’re fortunate to get a great deal from Microsoft on their computer software. This includes the latest versions of pretty much anything, so we can use them, learn them and recommend them.  And while some may argue that many Cloud apps are free, I like my Microsoft benefits and most of my clients run Microsoft software too.  It’s a bit hard for me to troubleshoot or duplicate an Outlook\Exchange problem if I use gmail, or a Word problem if I use OpenOffice. Ever heard the term ‘eat your own dog food’?

File storage – Our files are on our server, because we could. Once again, we had the means to have our own server, support it ourselves and experiment with it. Primarily, it provided our email, website, file storage and printing.  We could also experiment with it. So it made little sense to place our file storage in the Cloud, with our local server handling the job quite nicely and also giving us remote access to these files from the Internet anyway.  Yes, it’s backed up.

We did contemplate switching our server to ‘play only’ mode – making it a box that we ran up when we needed it, instead of it being on 24×7. After moving our website, we could have setup a print server box, a Network Attached Storage device (NAS) for our files (or gone Cloud), and moved our email back to our franchise headquarters (as a POP only service, which would have limited some of our functionality).  But we like having a server because it keeps our skills current.

So, as you can see, it is possible to run a mix of in-house and Cloud IT solutions in your business.  You have to weigh up the pros and cons of each, and also look at the big picture. What’s the point in moving to Cloud for email if you still have a server doing file and print?  Where do you think you will save money? If you think that IT support is expensive, have you looked into a Managed Service (with a fixed price and a results focus) instead of support at an hourly rate?

I’m not saying ‘don’t investigate the Cloud’. It’s enabled us with some capabilities that would have been significantly more expensive to do in-house.  And that’s where I think it absolutely rocks for small businesses.

If you want to look at Cloud Computing, make an informed decision that looks at the bigger picture of your business needs, your current IT infrastructure and your support costs.  Whatever route you decide to go, as long as it supports and enhances those three principles, you’ll be on the right track.

-SCuffy.

Attention!!!! All your personal files were encrypted with a strong algorythm RSA-1024 …

.. and you can’t get an access to them without making of what we need!

Read ‘How to decrypt’ txt-file on your desktop for details

Just do it as fast as you can!

Remember: Don’t try to tell someone about this message if you want to get your files back! Just do all we told.

*Eeek*  If your computer’s desktop has suddenly turned very pale and is displaying the above message, I hope you have a good backup*.

Computer Troubleshooters franchisees started to see reports of this from November 25, 2010.  The virus ‘Trojan.Ransom-U’ is ransomware – it hijacks your files and renders them unreadable, threatening to delete them completely unless you wire transfer $120 and email datafinder@fastmail.fm  The ransom note is contained in the How to decrypt files.txt file on your desktop.

Your virus scanning software may detect a strangley named executable file (.exe), where the name is a random string of  numbers and/or letters. 

At the time of writing (Nov 29 2010 AEST), there is no known way to clean or un-encrypt your files.  The only recovery steps are to turn off Windows System Restore, scan and clean your computer in safe mode and restore your files from your last known-working backup. 

If you are fortunate enough to be reading this BEFORE your own PC has become a victim, follow the advice from Lloyd Borrett for AVG to secure your Adobe Acrobat PDF Reader software, with a few changes to its settings: http://ctaspley.wordpress.com/2010/08/24/protect-your-pc-against-adobe-pdf-reader-security-flaws/

Oh, and make sure your backup is working

*  For single PCs, we recommend Carbonite Online Backup

Protect your PC Against Adobe PDF Reader Security Flaws

Not an original blog entry this time, but advice definately worth sharing from the security experts at AVG – thanks Lloyd!

Melbourne and Amsterdam, 13 August 2010 – It should go without saying that the best way to deal with malware is, of course, not to get infected in the first place.

Lloyd Borrett, Security Evangelist for AVG (AU/NZ) says, “Being aware of what products are being targeted by the bad guys may help you as well, so it may be useful to know that at the moment Adobe products are virtually the number one target across the world with millions of PCs being hit by infected Adobe PDFs. Others are being pwned via Adobe Flash ads via Facebook and other social media web sites.”

Attackers send a file that has malicious code embedded in it. Once the file is opened, the computer is infected, typically with some form of identity theft malware that then steals data.

The Adobe PDF and Adobe Flash browser plug-ins are also used in “drive-by download” attacks where malware is downloaded onto the PC while the user is surfing the web.

“Adobe products, just like Microsoft Windows and Microsoft Office, have near universal use on home and business computers making these applications prime targets for the bad guys,” Borrett continues. “Unfortunately, since the bad guys realised this and turned their attention to finding security holes in them, they have been very successful.”

Of course, the easiest way to avoid the risk of being compromised via these Adobe products is not to install them! However, this is virtually impossible for most home and business Internet users.

So if you must use Adobe Reader, then please take the time to secure it.

How to secure Adobe Reader  

1. Open the Adobe Reader application and choose ‘Edit’ and then ‘Preferences’.
2. On the left you will see several different categories of options to modify.
3. Under the ‘JavaScript’ category there is a checkbox ‘Enable Acrobat JavaScript’. Make sure this checkbox is not ticked/selected so that you disable Adobe Reader’s ability to run dangerous JavaScript from a PDF.
4. Under the ‘Security’ category, to specify that digital signatures are handled securely make sure the ‘Verify signatures when the document is opened’ checkbox is ticked/selected.
5. Under the ‘Security (Enhanced)’ category, make sure the ‘Enable Enhanced Security’ checkbox is selected to help with data protection and privacy.
6. Under the ‘Trust Manager’ category we’d recommend you disable Acrobat’s ability to call external applications to handle non-PDF file attachments. So, after the ‘PDF File Attachments’ heading, make sure the ‘Allow opening of non-PDF file attachments with external applications’ checkbox is not ticked/selected.
7. Then click on ‘OK’ to exit changing the preferences.

Adobe is working to address the security vulnerabilities in its products, so it’s vital to make sure you regularly check for updates to Adobe Reader, Adobe Flash and other Adobe applications. Turn on the automatic updates so that your Adobe software stays up-to-date.

Borrett adds, “And also don’t forget to install a complete security suite solution like AVG Internet Security that will provide you with total protection as you work, shop, bank and play games online.” 

AVG (AU/NZ) has a comprehensive range of security tips for home and business users on its web site at www.avg.com.au/resources/security-tips/.

About AVG (AU/NZ) Pty Ltd — www.avg.com.au

Based in Melbourne, AVG (AU/NZ) Pty Ltd distributes the AVG range of Anti-Virus and Internet Security products in Australia, New Zealand and the South Pacific. AVG software solutions provide complete real-time protection against the malware, viruses, spam, spyware, adware, worms, Trojans, phishing and exploits used by cyber-criminals, hackers, scammers and identity thieves. AVG protects everything important and personal inside computers — documents, account details and passwords, music, photos and more — all while allowing users to work, bank, shop and play games online in safety. 

AVG provides outstanding technical solutions and exceptional value for consumers, small to medium business and enterprise clients. AVG delivers always-on, always up-to-date protection across desktop, and notebook PCs, plus file and e-mail servers in the home and at work in SMBs, corporations, government agencies and educational institutions.

Talk to Us

Siobhan MacDermott

AVG Technologies – Investor Relations

E-mail: siobhan.macdermott@avg.com

US Mobile: +1 415 299 2945

For more detailed information please contact:

Lloyd Borrett         AVG (AU/NZ)      03 9581 0807

Shuna Boyd         BoydPR      02 9418 8100

Technology considerations for your new startup business

If you’re thinking about starting a business (congratulations!!), then technology might be the very last consideration on your mind.  With a long list of tasks in front of you (like getting a logo and stationery designed, finding an office, and working out your marketing plan), you may just requisition your home computer to start running your new business.  Let’s look at some of your very first technology decisions.

New computer or your home PC? – For a while, your home computer may be adequate to handle the necessities of your business.  However, if your computer time is conflicting with the children’s need to surf the internet for their homework, it may be time to consider a dedicated business computer.  Study any system specifications carefully and check the manufacturer’s websites.  Many ‘cheap’ retail deals are superseded models, cannot be upgraded easily or may not connect to a bigger computer network, which will all be important as you grow.  Also, talk to your accountant about any tax benefits that may be gained from leasing instead of purchasing your IT assets.

Voice over IP – When considering a phone number for your business, take a look at your Voice over IP options.  The quality of this technology has improved significantly and it can provide great local, national and international phone rates.  Today’s systems can plug into a standard cordless phone and your internet connection, so your computer doesn’t have to be turned on for you to make and receive calls.  It makes a fantastic ‘second line’ for businesses that run from your home.  You can have your office phone answered outside of business hours and still receive personal calls on your standard home phone line. 

Internet domain name – Once you have decided on your business name, look at registering your internet domain name.  This will prevent someone else from registering it.  Having your own domain name (like marysmith.com) will give your emails a more professional look and enable you to have a simple webpage established.  Don’t think you have to spend a fortune on a comprehensive website before your first day of actually doing business.  As long as your contact details (phone number, email address, fax number, and location) are easy to find and you have some great information about why your business is different from your competitors, you will be giving the search engines something to find.  This is much better than an ‘under construction’ picture or no internet presence at all.  Use your domain name in your email address to look much more credible than someone operating from a free email account (like myname@gmail.com).  You can still use your internet provider for your email service.  Make certain to check what protection they have in place against email viruses and spam.  Remember to include your website and email address on all of your stationery and marketing materials.    

Email marketing – Investing in an email marketing program provides you with a great communication channel to keep your business in front of your future customers on a regular basis.  Supplement your email marketing with monthly newsletters and occasional special offers.  Get permission to store your customer’s email address from the day they start doing business with you and you’ll build up an impressive database.  

Talk to your local Computer Troubleshooters about how to make the right technology decisions that match the needs of your new business.

Planning the survival of your business

If your technology stopped working, would your business stop functioning too? Is your business totally reliant on the information stored on your computer systems or could you continue to deliver 95% of your products and services and catch up on the computer work later? No matter which end of this scale your business is at, you will fare much better during a major technology outage if you plan in advance, before it happens. This month we take some of the mystery out of Business Continuity Planning.

Business Continuity Planning (BCP) is the process of working out how your business will continue to function during a disaster. These threats to your business could include:
Fire      Burst water pipes      Burglary       Flooding (severe rainfall)      Earthquake      Influenza outbreak      Hardware failure      Software Failure      Internet outage       Tornado/Hurricane/Cyclone      Severed phone cabling      Security breach       Damage by disgruntled employee      Employee error      … And many more!

BCP begins with identifying the possible risks and the impact they would have on your business. What functions would be affected if your main administration PC crashed? How long could you be without internet access? It’s important to evaluate the probability of these incidents occurring and the severity of their impact. This will help you to determine which incidents are the highest priorities to be addressed.

Next, you look at how these risks can be prevented, or the impact of them lessened. This could include copying data to a different site or having a laptop that has the same business-critical software applications as your administration PC.

Finally, you plan the actions that would be needed to help you respond when this incident occurs. Do you need to go to another site to get a copy of your data or bring the laptop in from home? Do you need to temporarily relocate to another site that does have internet access? Can you run a paper-based system until you can access your computers again? Think about who will be responsible for doing what and what resources they will need. This also needs to include any third-party suppliers of your business, like your local Computer Troubleshooter.

Your Business Continuity Plan should be examined, tested and maintained on a regular basis. This is to ensure it still reflects the changing needs of your business and also to make sure that the key parties within your business understand their roles in the process.

Whilst it may seem a little daunting, some forethought and planning will save you a lot of time, stress and money when things do go wrong.

Office 2010 – great new features!

Written for the Computer Troubleshooters franchise for distribution to our global client base:

Microsoft’s release of Office 2010 has been somewhat overshadowed by the recent Apple iPad release, however the new version of Office has some fantastic improvements that are worth shouting about. This month, we highlight a few of the features that will make your life easier.

Work better together – Do you e-mail files for people to review, managing revision numbers and tracking editing changes? Or do you use technology like Google Apps for internet-based sharing and collaboration? With Office 2010, your document can now be shared easily on the internet and edited by multiple people at the same time (for real-time co-authoring). This feature alone may change how teams work together internally and how businesses work with their customers.

Office wherever you need it (and it’s free!) – Office Web Apps will offer lightweight versions of Word Excel and PowerPoint from your web browser, for free. Whilst these products are missing many features, they’re designed to complement the full products and provide great basic editing from any location.

Look before you paste – Even the humble paste feature is overhauled, with the new Paste Preview. You can now choose to keep the source formatting, merge the formatting or keep the text only of your pasted content. As you hover the mouse over these options, you’ll see a preview of what your content will look like before it’s inserted. There’s now also a built-in screen capture tool and screen clipper giving you more control over the screen images you wish to copy.

PowerPoint embraces multimedia – Microsoft has stepped up the video capability of PowerPoint with advanced video editing functions now built into the application. You can also embed YouTube videos into your slides, though you’ll need an internet connection to display them when you run your presentation. You can also distribute your slides as a video, or easily broadcast your presentation over the internet.

E-mail’s new look – Outlook inherits the wide ‘ribbon’ toolbar that other applications had in Office 2007. The new Conversation View lets you follow the threads of a discussion more easily and inside an e-mail you’ll see meetings, attachments and other emails that are related to the sender. You’ll even be able to include them as a social networking contact with the Add button. For repetitive tasks, Outlook introduces macro-like QuickSteps, enabling you to action several tasks with one click (e.g. reply to a message and delete the original).

Never lose a document again? – If you’re not happy with the latest changes to your file, the Autosave feature now keeps the last 5 versions that it saved and you can preview and compare their contents. If your computer crashes or your laptop battery dies and you suddenly remember that you haven’t saved the masterpiece you’ve been working on for the last hour, Office now keeps unsaved documents for 4 whole days before automatically deleting them.

Talk to your local Computer Troubleshooter about how you can take advantage of these features and other software and technology benefits.

The 5 things YOU must know about your business’s computers

If someone else is responsible for the technology in your business, it can feel fantastic that you don’t have to worry about that part of your business operation.  But whether that person is an employee, a freelance computer guy or a larger I.T. support company, the responsibility for this part of your business still ultimately lies with you.  Here’s a list of what all business owners should know about their own computers: 1. Administrator passwords – ‘Local administrator accounts’ have full access to make changes to your computers.  If you have a server, there may also be a ‘domain administrator’ account.  Make sure you have a record of these account passwords in a safe place.  If your business provides laptops and mobile phones to your staff, also keep a record of any passwords or PIN numbers that are used to secure these mobile devices (e.g. are prompted for when the device is turned on).  This may seem a bit over the top, but it only takes a disgruntled employee or an issue with your support provider and you can find yourself locked out of your own systems, at the mercy of someone else who knows the passwords when you don’t.  I’ve actually seen I.T. companies refuse to release administrator passwords.  Remember, your information is your property, not theirs. 2. Domain name details – If you have your company name registered as a domain on the internet (e.g. for your website or email addresses), make sure you know when your domain is due to expire.  Domain name registration only lasts for a certain period (commonly 1, 2 or 5 years) and must be renewed.  We’ve seen websites and emails stop in their tracks because the domain name registration company couldn’t (or didn’t) contact the business owner to process the domain name renewal.  Also associated with your domain name is a password or PIN number (sometimes known as a registry key).  This proves you are the rightful owner of the domain and is required for making any changes.  It’s a long process if you need to get this password reset because it’s been forgotten, so make sure it’s stored in a safe place. 3. Internet connection details – The modem that connects your computers to the internet is configured with some details that are specific to your account with your internet provider.  This may be as simple as a username and password, but may also include security settings or even ‘port numbers’ for allowing or denying internet access to some software programs.  If you have internet connection problems and the modem needs to be reset back to the factory defaults, this information will be lost.  It can also happen due to a power failure or if the modem is faulty.  Once again, this only takes a few minutes to document, but can save you a huge amount of time when you need it. 4. Last successful backup test – Your backups are only as good as your last successful ‘test restoration’.  If someone else manages your backups, ask them to test that they can restore the data and provide you with a monthly report so you know it’s been done.  If you look after your own backups, make sure this testing is performed by someone in your company and that you receive a report from them to show when it happened.  5. Software licensing proof – Like the financial and taxation side of your business, the responsibility for legal software ownership rests with the business owner.  Don’t think that you’re only a small business so no-one would audit you.  Keep a safe record of your software license keys and proof of ownership (e.g. purchase receipts).  This also makes license numbers easy to find if your computer software needs to be re-installed or moved to a different computer. Please make it your ‘New Financial Year’s Resolution’ to obtain this important information and store it safely.

The trials & tribulations of a digital certificate file (aka why you should listen to your husband)

I should have listened to my husband.

Armed with my shiny new copy of Windows 7, I was keen to install it onto my laptop to see if the claims were true that this new operating system would give my laptop a new lease of life.  “Remember to take an image* of it first”, called hubby.  I logically thought this through and reasoned that all of my important files were in My Documents which is synchronised to our server, therefore there was nothing else on the laptop that I needed to keep.  I even thought about my digital certificate file from the ATO, and remembered that I’d previously made a backup copy of this file on another location on our server.  So, with all of my bases covered, I began to format my hard disk.

I should have listened to my husband. 

Windows 7 worked like a dream.  I installed all of the latest Windows Updates including Internet Explorer 8.  The ATO’s Certificate Signing Interface (CSI) software installed perfectly and then the fun began.  I realised, with a lump in my throat, that the backup copy of my digital certificate files was old (as in expired).  It had been renewed, but I hadn’t backed up the renewed version of the file.  The ATO Business Portal wasn’t going to let me do a thing with an expired certificate and it was 3 days before my BAS was due. 

Call #1 made to the ATO helpline which told me that all of their agents were busy due to unprecedented demand and I’d have to call back later (beep, beep, beep).  Somehow I didn’t think they would let me use that as an excuse for lodging my BAS late though (but you wouldn’t answer my call!).

Call #2 made when I found a more direct number to the Technical Helpdesk.  After a 25 minute wait I told them a shorted version of my story (“Ah yes, computer problems .. mumble mumble .. can I have a new certificate please?”).  I received the standard response of “You’ll receive a letter in the mail within 10 business days with your new certificate’s password, you’ll still have to pay your BAS now and I’ll transfer you to the customer service team to register an extension on your lodgement date”.  More time on hold.  Lodgment granted.  Stern warnings about sending money anyway. 

The password letter promptly arrived in the mail but mentioned that I’d also receive an email with my certificate’s PIN number and download location.  Email? What email? I haven’t seen any email?  Off I went to check my junk mail, my spam filter and my other email accounts.  Nope, definitely no email.  Being somewhat of a technology expert (who doesn’t listen to her husband), I was sure that emails are supposed to arrive quicker than postal mail.

Call #3 was made to the ATO, advising them that I didn’t receive the email and could they please resend it.  I was told I had to wait 48hrs before I called them back again, because that was their service level agreement for response times and they wouldn’t even give me the time of day before that timeframe was up.  48hrs later – still no email.

48hrs later, call #5 was made to the ATO, telling them that I still hadn’t received the email and could they please check which email address they were sending it to.  48hrs later – still no email.

Call #6 to the ATO (another 48hrs later) stating that I had not received the email and could they try sending it to a different email address.

Within 24hrs I had received a test email from the ATO and also the required email with my digital certificate’s PIN number.  You see, along with my husband I obtained the last name of ‘Cuff’ which is apparently impossible to hear correctly over the phone.  I therefore get everything from Cliff to Cluff to Cuss, to which I have now resorted to the ‘Cuff, like the end of your sleeve’ explanation.

So, with the time ticking away on my lodgement extension, I proceeded to download my certificate file, change its password, save a backup copy on the server, and import a copy into the CSI certificate store on my laptop to take home for the weekend.

The next problem is that when my laptop is not connected to our office network, the CSI software cannot see the certificate in my ‘domain profile’ (as opposed to the local, cached copy it accesses when disconnected).  This meant a Sunday afternoon visit back to the office to reconnect to the network and prove I could once again see my new certificate file.  Note the word ‘once’ in that sentence?  That means that after successfully loading once, the CSI software then refused to start up correctly, no matter how many times I re-powered or threatened my laptop. 

You can imagine how happy I was, especially after hubby announced he had upgraded Java on my laptop that weekend.  CSI needs Java like fish need water.  Off to the System Restore feature it was then, to roll back the Java update.  After many, many more minutes, I attempted to log onto the domain again and re-try it … but I was greeted by an error that the computer’s account in the domain was invalid, and my log on was going nowhere.

Fine.  Plan C – install the CSI software on another computer, browse to the backup copy of the certificate on the server and away we go.  Until we get an ‘incorrect password’ error.  Huh?  Yes, the password that I thought I’d set on the backup copy of my new certificate file was not working.  So, I looked for the original email from the ATO, hoping I could download the certificate file again from their website.  Not a chance – the certificate file has already been downloaded.

I really, really should have listened to my husband. 

My last hope was to check out the copy of my user profile which had re-synchronised with the server when I successfully logged in that one time.  Joy of joys, it held a copy of the CSI software’s database store.  I copied those files to my second PC which now had CSI on it, and I was in, with a working password!!

Things were looking rosy again, until I remembered that MYOB was on my laptop and my laptop wasn’t allowing anyone to log onto it.  I now had ATO Business Portal access, but no BAS statement to get the figures from to enter into it.  What a great way to spend a Sunday afternoon.  Sitting at home was a printed copy of said BAS report, all ready to be entered.  So off home we went, armed with a working copy of my digital certificate file safely copied to my USB key.

My home PC was then loaded with the CSI software and had the certificate imported and I logged in to the Business Portal with my BAS report in hand.  *baited breath*

You have to be kidding me.

‘G1’ is a required field, but G1 on my computer didn’t actually give me a little rectangular box to enter anything into, and the business portal would not budge until I’d entered a number into the required field!

Quick mental checklist – home PC is Windows XP, Internet Explorer 8 with latest Java update. According to the ATO website, IE8 is not a supported browser.  Perhaps the Firefox browser would play?  Nope.  Could this be the curse of the latest Java update once more?

“Dad, have you installed any Java updates on your computers lately?”  Dad also happens to be a small business owner.  “Yes dear, on the PC .. but not on the laptop”.  Brilliant, let’s see if his laptop would work.  Um, nope, same G1 field problem. 

By now I’m seriously thinking it’s personal.  To prove it wasn’t, I asked Dad to log onto the business portal with his own certificate and company details and he was denied the G1 field too.  Having well and truly had enough, I went to bed that evening with visions of the ATO beating down my door for not lodging my return in time. 

Monday morning dawned with the sun shining.  Optimistic after a night of sleep, I logged on to give this thing one more try before I faced the dreaded on-hold time to the ATO.  I did think I could enact some sort of revenge by forcing the poor ATO staffer to listen through my entire story.  The mere thought of that must have scared somebody, because the fabulous G1 field appeared in all it’s editable glory!!

BAS now lodged.  Certificate backed up (again) with a correct password.  Husband confessed to.

Now I know this tale is a series of unfortunate events – events which I was not prepared to let get the better of me because I’m a technical expert and I just would not be beaten.  But if you have learnt anything from it, dear reader, please test that you have a current backup copy of your ATO digital certificate file and you can successfully enter it’s password.  And listen to your husband!

*image = like a backup, but this ‘snapshot’ preserves all of your settings too, so everything can be placed back on your PC identical to the way it was before.