All posts by Paul Stradling

News

Tech Insight : What Is Patching or Patch Management?

In this article, we take a brief look at the importance of patch management in maintaining security.

Patches and Patch Management

Patches are the software fixes for known security vulnerabilities in software such as operating systems, third-party applications, cloud-platforms, and embedded systems. Patch management is the ongoing process of distributing and applying those important security updates to the software so that business computers and network devices are up to date and are capable of withstanding low-level cyber-attacks.

Why Is Patch Management Important?

In addition to patching to guard against potential security breaches through known vulnerabilities, patch management is also important for:

  • Compliance and avoiding penalties for non-compliance (e.g. data protection)
  • Maintaining and improving productivity and business continuity and avoiding costly disruption. Keeping patches up to date avoids crashes, outages, and downtime. Also, patches often include new features that can improve productivity.
  • Guarding against additional risks posed by ‘Bring Your Own Device’ (BYOD) e.g. by installing patches across all devices, whatever their physical location.
  • Keeping ahead of market developments.  For example, no new patches could indicate no new version on the horizon, thereby giving a heads-up to looking for alternatives for some software.

Patch Management Systems

Although patch management is an important (basic) security measure for businesses of all sizes to take, businesses with a large number of IT assets could find it particularly challenging without having a system of patch management in place.

A patch management system can involve teams or automated software determining  which tools need essential patches, how, and when. Installation can be centralised or installed separately on different devices. A patch system also involves testing code changes and deciding which patches are right for each software program, as well as developing and maintaining schedules for the installation of patches across different systems.

An example of the steps involved in developing a simple patch management system include:

– Carrying out an inventory of IT Assets and categorising them by risk and priority.

– Building-in the ability to scan the network and identify any missing patches.

– Developing suitable testing and evaluating patch stability.

– Setting up monitoring and evaluating systems for Patch updates.

– Making sure that backups are created on production environments.

– Making sure that automation can be built-in where possible, and that checks are in place to ensure the reliability of automation.

– Setting appropriate schedules and developing a guiding policy.

– Implementing the system.

Patch Management at Work

Keeping up with patch management is vitally important for an effective system. Common ways that businesses actually operate patch-management in the real world include enabling and using Patch Manager features in their Operating Systems and using cloud-based, automated patch management software themselves or through their MSPs.

What Does This Mean For Your Business?

Patching is not simply about maintaining cyber defences against old and new threats, but is also vital for maintaining compliance and productivity, and, therefore, business continuity and the avoidance of penalties and market fallout that could threaten the life of the business. Finding automated, reliable patch management systems can help businesses stay up to date, and focus more of their time on their actual businesses processes and marketing. Many businesses now trust the expertise and specialist knowledge of their MSPs to help them put effective patch management systems in place and to manage them on their behalf.

News

Tech Tip : Using Alexa As An Intercom System

If you have Amazon Echo devices in your home (or office), the ‘Drop In’ feature allows you to use Alexa as an intercom through your Echo devices.  Here’s how:

– Open your Alexa app.

– Tap ‘Devices’ (lower-right corner).

– Tap ‘Echo & Alexa’ to display a list of all of your Echo devices and enable ‘Drop In’ on each device.

-Scroll down to ‘Communications’ and select ‘Drop In’ (to select from ‘On’, ‘My Household’, or ‘Off’). ‘On’ allows only permitted contacts to Drop In, ‘My Household’ is so only devices on your account can Drop In.  For no Dropping In, choose Off. 

To Drop In (use the Echo as an intercom):

– For a specific device: say “Alexa, drop in on Living Room Echo” (or wherever the Echo is). The name of the device can also be used if you know it.

– For a group of devices, if there is more than one on in one area e.g., the living room: say “Alexa, drop in on Living Room.”

– To speak to the whole household/all devices: ask Alexa to “Drop in everywhere.”

– To end the Drop In connection: say “Alexa, end drop in.”

News

Tech News : Google Users To Be Auto-Enrolled In Two-step Verification

In a recent blog post, Google has announced that the automatic enrolment of Google account users in Two Step Verification ‘2SV’ is coming soon.

Passwords – Single Biggest Threat To Online Security

In the blog post on ‘On World Password Day’ (May 6), Google’s Director of Product Management, Identity and User Security, Mark Risher, shared some of the measures that Google would be taking to improve the online security of Google account users by reducing the risks posed by the password-based login.

Mr Risher shared Google’s belief that “passwords are the single biggest threat to your online security” due them being easy to steal and hard to remember.  He also pointed out how, instead of making and trying to remember more complicated passwords, 66 per cent of Americans have admitted to using the risky practice of ‘password sharing’ (i.e. using the same password across multiple websites and platforms).  This means that if one of those websites is compromised and the password stolen, all the other accounts (sites) are then vulnerable.

Mr Risher also noted that, in 2020, searches for “how strong is my password” increased by 300 percent, thereby indicating a growing demand for better and safer login and verification methods.

Two-step verification (2SV) 

The best way to protect an account from a breach or bad password, according to Mr Risher’s Google blog post, is to have a second form of verification in place, thereby enabling confirmation that it is really the account holder who is logging in. 

Although Google has been offering two-step verification (2SV) for years, according to the blog post, the plan now appears to be to “start automatically enrolling users in 2SV if their accounts are appropriately configured”.

Google has also built its security keys into Android devices, and launched the Google Smart Lock app for iOS, to enable people to use their phones as their secondary form of authentication. 

Password Manager

Password Managers are a practical and secure way to store and get access to different passwords for different programs and platforms when needed. Google has its own Password Manager built into Chrome and Android and iOS, uses the latest security technology to protect your passwords across multiple sites and apps.

Google’s Password Manager is also integrated into its single-click Google Security Checkup to tell users if any of their passwords have been compromised, show if passwords are being used across different sites, and indicate if passwords are strong enough.

What Does This Mean For Your Business?

Although Google will be automatically enrolling users in 2SV to improve security, a passwordless future and biometrics are likely to be the way that tech companies go to offer greater security going forward. 

For example, Microsoft’s Corporate Vice President and Chief Information Officer Bret Arsenault has signalled the corporation’s move away from passwords on their own as a means of authentication towards (biometrics) and a “passwordless future”.  Also, in August last year, Google announced that users could verify their identity by using their fingerprint or screen lock instead of a password when visiting certain Google services (e.g. Pixel devices and all Android 7+ devices).  This was because of Google’s collaboration with many other organisations in the FIDO Alliance and the W3C that led to the development of the FIDO2 standards, W3C WebAuthn and FIDO CTAP that allows fingerprint verification.

Unlike the native fingerprint APIs on Android, FIDO2 biometric capabilities are available on the Web which means that the same credentials be used by both native apps and web services. The result is that users only need to register their fingerprint with a service once and the fingerprint will then work for both the native application and the web service. Also, the FIDO2 design is extra-secure because it means that a user’s fingerprint is never sent to Google’s servers but is securely stored on the user’s device.  Only a cryptographic proof that a user’s finger was scanned is actually sent to Google’s servers.

It is clear, therefore, that although password authentication/verification systems such as 2SV can provide just about enough security, for now, biometrics appears to the way forward and the way to stay ahead of cybercriminals using ever-more sophisticated ways to crack or steal passwords.

News

Tech News : Old Router Risks Could Affect Millions

An investigation by consumer watchdog ‘Which?’ has highlighted how millions of people around the UK are using old routers with security flaws.

The Investigation

The Which? investigation surveyed 6,000 UK adults and, with the help of Red Maple Technologies, looked at the security aspects of 13 models of (commonly used) old routers from companies such as Virgin, Sky, TalkTalk, EE, and Vodafone.

Could Affect Millions

It was discovered that 6 million users may have router models that have not been updated since 2018 at the latest, with some not being updated since as far back as 2016! The investigation discovered issues with more than half of all routers (of those surveyed).  This suggests that as many as 7.5 million users could using routers that have security risks.

Vulnerabilities and Risks

Which? reports that the security vulnerabilities and risks to the old (and not updated) routers include:

– Weak default passwords that can be easily guessed by hackers, meaning that the router could be accessed remotely, from anywhere in the world.

– Local network vulnerabilities which could allow a cybercriminal to take control of a user’s device, see what a person is browsing, or even direct a user to malicious websites.

– Lack of updates to the Firmware which could negatively affect a device’s performance and leave outstanding security issues.

What To Do

There are a number of measures that can be taken to ensure that a router is as secure as possible.  These measures include:

– Changing the username and password(s).  Changing the username and password of the router from the default one (printed on a label on the device) to something much more secure makes it much less vulnerable to common attacks. Using WPA2 security requires each new device to submit a password to connect anyway, but if it is not active it can be switched on through your router settings. Changing the network password (via the router settings) can also improve security.

– Keeping the router’s firmware up to date. The router control panel should enable the updating of the firmware, thereby ensuring that the router has the latest fixes and patches installed. In some cases, users may have to download new firmware from the manufacturer’s site to make the router as secure as possible.

– Changing the network name/SSID. Changing this from the default name will give would-be attackers less of an idea of the type/name of the router manufacturer, thereby making it more difficult for them.

– Stopping the Wi-Fi network name/SSID from being broadcast.  This can be achieved via the router settings, but it will mean that the user will need to manually type in the network name when connecting new devices (because it will not be visible).

– Disabling Remote Access, UPnP, and WPS. Using the router settings to turn off features like remote access, Universal Plug and Play (usually for easy games console and smart TV access) and Wi-Fi Protected Setup (WPS – for easy connection of new devices) may sacrifice some convenience but will also make the router more secure.

– Using a guest network. This enables you to give access to a Wi-Fi connection without giving access to the rest of the network.

– Enabling the router’s firewall. This will filter data and block unauthorised access.

– Plugging other ways in through your devices and programs. This involves keeping security on devices and their programs/apps up to date and patched : use strong passwords, use security software, and disable any devices that do not need access to Wi-Fi.

– Asking your service provider for a router upgrade. Which? recommends that users with certain routers ask their provider for an upgrade as soon possible. Some providers offer free upgrades (Virgin Media), others may require a one-off payment to cover a new router or, as with Sky, an extra £5 monthly payment (Broadband Boost) ensures the latest router upgrades.

– Considering the cost/benefit of moving to a new provider. Switching, in some cases, could be a way to get a new, up-to-date, and more secure router, and improve the broadband speed and service.

What Does This Mean For Your Business?

If you have an old router with old firmware, you could have a weak link in your cyber-security.  If that old router links to IoT devices, these could also be at risk because of the router.  Taking a close look at your router, its settings and getting to grips with firmware updates, the firewall, and what information about your router may be visible to would-be attackers could be important steps in improving router security.

Also, router manufacturers could take more responsibility for reducing the risks to business and home router users by taking steps such as disabling the internet until a user goes through a set up on the device which could include changing the password to a unique one. 

Vendors and ISPs could also contribute to improved router security for all by having an active upgrade policy for out-of-date, vulnerable firmware, and by making sure that patches and upgrades are sent out quickly.

ISPs could do more to educate and to provide guidance on firmware updates (e.g. with email bulletins).  Some tech commentators have also suggested using a tiered system where advanced users who want more control of their set-up can have the option, but everyone else gets updates rolled out automatically.

News

Featured Article – 10 Programming Languages And Some Of Their Uses

In this article, we take a brief look at ten popular programming languages and what they’re used for.

Recent History

What we would recognise as the first computer programming languages date back to the 1940s, were very specialised and were based on mathematical notation. The 1950s saw the development of the first compiled programming language ‘Autocode’, at the University of Manchester. Most of the major language paradigms that we now use, however, have their roots in the 1960s and 1970s.  The 1980s also brought advances in programming language implementation, and from then on through the 90s and 2000s there have been huge advances in IT, hardware, processors, the growth of the Internet, the IoT and more.  This brought further development of programming languages and the introduction of new languages.

Popular Examples

Here are some examples of popular programming languages and what they are used for:

C

C, which dates back to the 1970s, is an imperative language that was used to develop early operating systems (IBM) and is still used in systems development (e.g. operating systems, embedded devices, and firmware). Writing in C is now more of a specialised skill and it is used mostly for low-level systems programming.

C++

C++ essentially extends C with object-oriented features and was developed to help with faster and more powerful platforms. Like C, however, this language is specialised and used for systems programming and low-level hardware development. 

C#

C# (pronounced C sharp) is a language similar to Java and is used, for example, to develop Microsoft applications.

Java

Java, which is similar to C and C++, was introduced by Sun Microsystems in the early 90s. Java has cross-platform compatibility and is used for business, Web, and mobile apps and is the language at the core of Google’s Android OS.

JavaScript

JavaScript, not to be confused with (and not related to) Java, although using Java-like syntax, is a high-level language that is used widely across the Web to create interactive elements. This language is used to create code that runs in web browsers (client-side), support for it has been added to all major web browsers, and it can be combined with html.

PHP

PHP is a popular language that was developed to extend a CGI program to support HTML forms and database access and is a general-purpose scripting language that works well as a web application server-side scripting system. PHP can interact with different database languages including MySQL.

SQL

Although regarded as not essentially a language, Structured Query Language/SQL is a domain-specific database query language that is used for managing data held in a relational database management system.  As such, it is very helpful for facilitating the retrieval of specific information from databases.

Python

Introduced in the late 1980s, Python (named after the eponymous Monty Python Show) could be regarded as relatively new.  This a good general-purpose language that is regarded as being relatively easy to learn due to its simple and straightforward syntax. Python is now used, for example, in creating web applications and artificial intelligence applications, and is the language behind platforms like Pinterest and Instagram.

Ruby

Ruby (Ruby on Rails) is a dynamically typed, high-level, general-purpose programming language. It is also a relatively new language (mid 1990s), and, Like Python, it is regarded to be relatively easy to learn, and is used in the development of web apps.

Visual Basic

Visual Basic is a third-generation, event-driven programming language from Microsoft that was introduced in the early 1990s but declared ‘legacy’ in 2008.  Visual Basic.NET (VB.NET) is Microsoft’s implementation Visual Basic language that allows developers to write .NET applications using Visual Basic.

Looking Ahead

Looking ahead, some tech commentators have noted that although general-purpose, imperative languages are good for building apps and scripts, the need to match a language with a purpose means that special-purpose declarative languages are a likely way forward. There is a large number of different languages now, but the likelihood is that some will go, leaving a set of preferred, standard declarative languages.

There has also been research into and development of AI to help ‘advise’ on how to improve programming languages.  For example, researchers from Intel, Georgia Institute of Technology, University of Pennsylvania, and MIT developed a machine learning algorithm, called machine inferred code similarity (MISIM) that can look at what a program is supposed to do and (based on its learning from the Web) make suggestions about how to improve it. This idea points to the likelihood that, in the not-too-distant future, human programmers will have AI-powered helpers, and may eventually rely on machine programming to do the majority of their programming work.

News

Tech Insight – What Is ‘Business Intelligence’

In this article we look at ‘business intelligence’, how it can be obtained, and why it’s important.

Business Intelligence

Business Intelligence refers to how a company/organisation can use its historical data to improving strategic decision-making and thereby provide a (hopefully sustainable) competitive advantage.

What Data?

In day-to-day operations, businesses and organisations generate, receive, gather, and store large amounts of (sometimes complex) structured and unstructured data from internal systems and external sources.  The more complex data is often referred to as ‘big data’. The kind of historical data that businesses/organisations collect and refine for their business intelligence could, for example, include e-mails, memos and notes, news, user groups, chats, reports, web pages, software reports and stats + analytics, image and video files, marketing material, presentations and more.

Analysis & Processes

The idea of business intelligence is to be able to analyse and gain meaningful value from much of this data. Types of analysis of data can be descriptive, diagnostic, predictive or prescriptive. The analysis can uncover trends in large datasets and reveal important insights that a business can use to its advantage.

Analysing company data can involve processes such as data preparation, data mining (of databases), stats and machine learning, statistical analysis, performance metrics and benchmarking, data visualisation (turning data into charts/graphs), and reporting the findings of the analysis and the conclusions with decision makers and other stakeholders.

How?

Processing and interpreting large amounts of different types of data to get a bigger picture and reveal opportunities is challenging, and usually requires the use of business intelligence software/tools. Popular examples include:

– Microsoft Power BI, a desktop app for Windows that draws upon automated, cloud-based technology.

– Board International, which combines predictive analytics and performance management. 

– Domo, a cloud-based platform that offers business intelligence tools tailored to different industries.

– Dundas BI, can be tailored for 19 industries, creates dashboards and scorecards, and performs reporting (standard and ad-hoc).

– MicroStrategy, can also be tailored for a broad range of industries and offer cloud, on-premises, or hybrid deployment.

Why?

Business intelligence software/tools can benefit a business by:

– Revealing valuable market trends and business insights as well as flagging up areas for improvement.

– The ability to aggregate different data sources to gain a much fuller picture of what is happening within the business.

– Increasing customer satisfaction by enabling a better understanding of customer behaviour and patterns. This, in turn, can lead to more successful marketing, increased ROI, better customer loyalty and increased profits.

– Improving operational efficiency.

– Enabling better, more informed decisions to be made, thereby improving the business strategy, improving competitiveness, and helping to avoid costly errors.

What Does This Mean For Your Business?

Businesses generate, gather, and store large amounts of data. Rather than being a cost, challenge, and/or risk to the business, finding a way to draw together, analyse, interrogate, and present the data as useful information can add value by identifying strengths, weaknesses, opportunities, and threats. It can also give managers a much clearer, all-round view of the business which can lead to better and smarter decision making. This can reduce risk and make business more efficient and competitive.

News

Tech Tip – Add Or Remove Comments In Word

Using comments in Microsoft Word is a good way to leave feedback and reply to feedback in documents that you and your team are working on. Here’s how:

– To add a comment, click the ‘Review’ tab (top of the screen).

– Highlight a word in the document or place your cursor on the screen and click ‘New Comment’. This opens a comment box (on the right) which has a line leading to the specific comment.

– Other ways to add comments are to highlight text or right-click on the text and select ‘New Comment’ from the context menu that appears, or to select a word or place your cursor, go to ‘Insert’ at the top of the screen, and choose ‘Comment’.

– To reply to an existing comment, click the speech bubble at the top-right corner, and write the reply in the text field that opens. Alternatively, right-click on an existing comment, and select ‘Reply to Comment’ from the menu.

News

Tech News : Robot Police Dog Sent Back With Tail Between Its Legs

It has been reported that NYPD has cancelled its contract with the company that supplied its ‘robot dog’ after the robot’s militarised appearance increased tensions with civilians at a difficult time for police relations.

What Robot Dog?

The robot ‘dog’ nicknamed ‘Digidog’ was ordered last year by the NYPD from specialist robot company Boston Dynamics and was intended mainly for use in barricade and hostage situations, and as part of the Technical Assistance Response Unit, which is used for land-based (remote) surveillance.  It has been reported that although 500 Boston Dynamics robot dogs have been deployed worldwide, the NYPD ‘dog’/robot is one of only four used by police departments.  The others are used (e.g. by utility companies) on construction sites or in other (potentially dangerous) commercial settings.  The four-legged, metal robot dogs can run, jump, climb stairs, balance, and are difficult to push over.  They can also carry cameras, lights, and transmitters, and therefore, can be used for mobile surveillance. The robot dogs are guided by AI.

Old-Style Police Robots

Robots being used by police in situations that are too dangerous for humans are not unusual. For example, since the 1970s the NYPD has used robots in hostage situations, for bomb disposal, and for other hazardous tasks and challenges.  The Boston Dynamics robot, however, is more sophisticated, capable, and dextrous than those early robots.

What Went Wrong With ‘Digidog’?

Digidog’s deployment to an incident in the Bronx, the footage of which was published online in February, appears to have caused alarm and criticism among members of the public. This alarm has been heightened by the recent high-profile incidents of police killings of black citizens, and the resulting protests.  The footage of the robot following officers back, after the incident, has led to comparisons with fictional characters like the Terminator and Robocop, and has led to comments that the robot was ‘creepy’ and like something from a Dystopian future.  Other criticisms have focused on worries that the deployment of such technology is too far ahead of regulation, whether it was wise or right to spend the money on a robot when the pandemic had squeezed finances. Some have also asked questions about whether spending on a robot should have been prioritised over the need for investment in the area of the city where it was filmed.  A (Fox) news report of the Digidog deployment in the Bronx, which also highlights its potential benefits, can be seen here: https://www.youtube.com/watch?v=24jufNhuUSI.

2016 in Dallas

The last time there was a serious outcry over a crime-fighting robot was back in 2016 when a gunman suspected of murdering five police officers was blown-up using a robot.

Cancelled

The public concern over Digidog is now reported to have led to NYPD cancelling its ($94,000) contract with Boston Dynamics which was not due to expire until August 2021.

‘Spot’ in Singapore

Boston Dynamics made the news back in May 2020 when a similar robot, dubbed ‘Spot’, was given a trial in Singapore’s Bishan-Ang Mo Kio Park warning visitors to observe safe social distancing measures.  Spot was allowed to roam the park, using its AI guidance system to avoid bumping into people and objects, and broadcasted a pre-recorded message about social distancing. A video of ‘Spot’ in action can be seen here: https://www.youtube.com/watch?v=pz7A8Umw5zY .

What Does This Mean For Your Business?

Robots are nothing new in business (e.g. the car industry, warehouses, and factories, even parcel delivery) and some robots even made the news for been used as mobile food distribution services on U.S. university campuses for students isolating during the first lockdown.  Robots have also proven extremely useful in law enforcement and situations where the risk to humans is too great, e.g. bomb disposal, hostage incidents and more.  This ‘Digidog’ robot, however, proved to be an example of deploying the wrong piece of machinery at the wrong time in the wrong place. The combination of a general deterioration in trust of the police (due to high profile killings of black citizens), deploying the ‘dog’ in a city area such as the Bronx, and the potentially threatening/creepy appearance of a four-legged metal (surveillance) robot proved to be too much. This, in turn, prompted uncomfortable questions and raised tensions to the point where the damage exceeded the benefits of the deployment of the robot.  Public surveillance is a contentious issue on its own, and overt law enforcement tools and methods are also a matter of public interest, and the deployment of this robot brought the two together with the added fear of dystopian imagery.  It begs the question of whether, if the robot has a ‘friendlier’ looking form (and didn’t walk on legs) it would have created so much interest and tension?

It is likely that more robots and drones will become commonplace and will fulfil productive, resource-saving, and day-to-day roles in ways that meet with public approval, but the sight of four-legged police robots, like a feared character from a sci-fi film, is something that the public may not yet be ready for and will not quietly accept.  It is back to the drawing board for both the design of such robots and for those involved in ensuring that regulation, particularly of the use of AI (as is happening at the EC at the moment) keeps pace with its deployment.

News

Tech News : Huge Lockdown Profits For Amazon

Changing consumer habits due to lockdown are believed to have been a big factor in Amazon’s Q1 profits being a massive three times larger than last year.

Huge Profit Growth in Just One Year

In the first 3 months of 2020, before the first lockdowns for the pandemic, Amazon recorded a $2.5bn profit. Fast forward to the first 3 months of 2021, many long lockdowns later, and in the 3 months to 31 March 2021, Amazon has now recorded a $8.1bn profit.  That is a staggering three times higher than only 12 months ago!  This means that Q1 of 2021 is second only for sales ($108.5 billion) in the company’s history to Q4 of 2020 ($125.6 billion). 

Why?

The main reasons are clear:

– Amazon’s leading e-commerce business with its massive distribution and delivery network proved to be the ideal way of shopping when consumers were confined to their homes under lockdown restrictions, high street shops were forced to close, and even supermarkets were restricted to essential items.

– With the leisure industry effectively shut down (pubs, clubs, cinemas, entertainment venues), Amazon was well-positioned to expand its streaming entertainment platforms (Prime) as consumers switched their leisure spending to home-entertainment.

– The closing of offices and other workplaces and the shift to remote working and the accelerated digital transformation of businesses-favoured cloud-based work and communications. This meant with Amazon owning the leading on-demand (public) cloud computing platforms and API provider (AWS), it was well placed to take advantage of a big increase in enterprise cloud migrations.  In fact, the revenue growth rate of AWS was a massive 32 per cent which generated an eye-watering $13.5bn in revenue.

Other Reasons

Analysts have noted that other reasons why Amazon has improved its performance this year compared to competitors like Walmart, Target, and eBay are that it focused on essentials at the start of the pandemic and has since increased staffing and fulfilment-centre square footage to ensure that it can cover more orders.

Growth

Amazon’s financial officer Brian Olsavsky has highlighted how Amazon’s business essentially grew by 50 percent in Q1 of 2021, and that the company’s annual revenue growth rate internationally prior to Covid, and post-Covid, had been tripling anyway.

What Does This Mean For Your Business?

As Amazon’s founder and CEO Jeff Bezos pointed out in the company’s earnings release, AWS offers a broad set of (cloud) tools and services to businesses, and many businesses have undergone a digital transformation and a migration to the cloud (many to AWS services) during the pandemic. Amazon’s e-commerce platform has also been beneficial to businesses using it to sell online during the pandemic, and Amazon’s ad business has also recorded huge growth. In the entertainment’s market, Prime video (which Amazon sees more as an adoption and retention driver for its Prime membership) has also seen huge growth during the pandemic, making it a serious challenger to the other streaming service competitors (e.g. Netflix, HBO Max, Disney Plus, Hulu, and more). In short, Amazon’s broad set of services, dominance in key sectors, capacity, and distribution have suited the market conditions created by the pandemic and this has been reflected in the huge Q1 profits. Just as it is competiton to many businesses (e-commerce), it is also a key supplier (e.g. public cloud), and this latest profit announcement confirms that Amazon’s power in many markets, globally, is still increasing.

News

Featured Article : Image Optimisation

In this article we look at image optimisation, the different types of compression and image files, and how files different file formats can be compared and best used.

Vectors or Bitmaps?

Raw, digital image files start as either vectors or bitmaps/rasters/pixel maps. Bitmaps are made from pixels whereas vectors are made using mathematical formulas, co-ordinates and geometry.

Vector image files are often used for creating logos, illustrations, and print layouts in programs such as CAD packages, Microsoft AutoShapes, Blender, Adobe, and more.  Vectors can be re-opened and re-edited in graphics programs as they can be scaled without losing resolution. Examples of vector file formats include EPS (encapsulated postscript), PDF and SVG (scalable vector graphics).

BMP

Bitmap images are made from a grid pattern of coloured squares known as picture elements/pixels. Examples of bitmap file formats include BMP (Bitmap), JPG (jpeg), PNG, GIF, TFF (pronounced tiff) and EXIF (exchangeable image file format).

Using image files on the web, however, requires optimisation.

Image File Optimisation

Image files for use on the Web need to be ‘optimised’.  This generally means creating a balance between retaining visual quality while shrinking the size of the file. Smaller image files (i.e. smaller in size and in compressed formats) take up less storage space and are quicker to download when part of a website.  Compressing image files, therefore, means changing attributes such as the dimensions, the resolution (dpi), the bit depth (the number of bits used to represent each pixel in an image), and setting the file type e.g. .jpg, .png, or .gif.

Types of Compression

There are two types of compression for image files. These are:

1. Lossy compression. This reduces the file size by permanently reducing data. This means that, once a file has undergone lossy compression, increasing the dimensions of the file shows a pixelated/blurred version because data/pixels were stretched and made into larger blocks to make the whole image smaller and compressed. Examples of lossy compression file formats (bitmaps) include JPG, and GIF (depending on settings).

2. Lossless compression.  This type of compression squeezes the file without removing data so that the picture quality remains the same, and the file can be decompressed to its original quality. Examples of lossless compression file formats include RAW, BMP, PNG and GIF (depending on settings) .

Comparison

Different optimsed/compressed file types have different qualities and uses.  For example:

– JPG and GIF files are both used on the Web. JPG files (often used in digital camera images) have lossy compression but a relatively high quality for the size of the image and as such, are used for photos and more detailed images on websites. GIF files have lossless compression (depending on settings) but a maximum 8-bit colour depth (limited to a palette of 256 colours).  This means that they are not best suited to photos, but rather for saving images like charts, diagrams, simple images, and simple animations.  GIF files can also be used where transparency of part of the graphic is needed.

– A PNG file is an example of lossless compression that provides a high-quality image. PNGs provide a much better-quality alternative to GIFs but, like JPG files, PNGs can be used for all photos and images that require cleaner, clearer detail.  PNGs, however, have a lower compression rate than JPGs, so can be bigger (in terms of KB size). PNGs can, therefore, provide a noticeably better-quality image than a JPG and the layers of graphics in the image can be kept separate from each other, but this comes with a trade-off being the larger size of the file.

– Bitmap image files (.bmp) are uncompressed or compressed with a lossless compression. This image file type has raster graphics data (pixels rather than vector) that is independent of display devices, meaning that a BMP file can be viewed without a graphics adapter. Each pixel is made of one single or a group of ‘bits’ (hence the file name), and this allows encoding of the file to different colour depths (i.e. bits-per-pixel/bpp up to 32 bit).  Like other raster file formats, BMP also supports transparency. BMP files are not suitable for use on the Web (although they can nevertheless be used) but are good for storing highly detailed, complex images (e.g. for archiving or image processing/photo editing). BMP was developed for Windows OS and BMP files are compatible with major image editing applications, e.g. Photoshop or CorelDRAW. BMP is a Windows proprietary filetype so TFF (.tff) can be used instead.  TFF files, for example, are often used for commercial and professional printing.

What Does This Mean For Your Business?

A basic understanding of file formats can help businesses to make decisions about how best to present images (e.g. on websites to provide the best visual impact), and minimise download time as this can impact on SEO and ranking factors. Also, a good general understanding of file types can help when dealing with printers and web developers, and can help with decisions about the storage and archiving of company images, and how to save images so that that they can be editable. Images play an incredibly important role, e.g. in social media posts, websites, company brochures/literature, branding and more, so understanding how to save, edit, present, send and deal with them is worthwhile for all businesses.