The 5 Most Commonly Asked Questions About Cloud Solutions

We believe there are many reasons to migrate your organisation’s applications to the cloud, not least of which are cost savings, streamlined operations, redeployment of resources, reskilling of your internal teams and talent retention.  

In this blog, I answer the five most common questions I get asked about moving applications to the cloud, so you can make an informed decision about whether it’s the right thing for your organisation.  

1. Is it secure and where is my data? 

“Is it secure?”  is one of the most commonly asked questions about the cloud. But as the cloud has become universal in organisations, the nature of the question has changed. 

Every year, major cloud providers like Amazon and Microsoft spend billions to make their cloud services stable, robust and secure. Security measures and compliance certifications are available for all to see, and Microsoft’s cloud offering is as secure as it gets in terms of compliance, governance and physical security.  

The result? Today, almost everyone accepts that the cloud is secure. The conversation now is less around how secure it is and more around data control. It’s essential that organisations understand where their data lives, where it may go and who can access it in order to feel comfortable with moving to the cloud. 

A lack of understanding around how the cloud works is a barrier to adoption for many organisations. In the UK, law firms are amongst some of the most cautious adopters of cloud solutions, largely because of questions about where confidential client data will reside and who can access it.  

There needs to be an understanding that, by its very nature, the cloud exists in multiple locations – and your data can too. Azure, for example, for resilience can have multiple copies of data in multiple locations. And this conversation isn’t always an IT-led discussion; it needs the business to decide in which country their data should be reside, and whether they are comfortable with it potentially leaving UK soil. The cloud gives customers choice here, different services having different options about where data is stored, but it’s important that well informed decisions are made in this regard. 

Organisations need to know what they are letting themselves in for and understand how data will be stored and accessed which needs a complex, but not impossible, discussion about trust and understanding. In our experience, anyone who truly understands the options and how the cloud works has been confident in making an informed decision based on facts not fear.  

2.  Will all my IT staff be out of work/redundant? 

Generally, there isn’t a direct correlation between adopting cloud services and IT staff being let go.  We prefer to see this as freeing up IT staff to focus on more strategic tasks. 

Whether they’re in retail, manufacturing, healthcare or any other sector, businesses are trying to be ‘the best’ and provide the best service to their customers. IT should enable them to do that. It should be a supporter and enabler for a business to do its job and operate at its highest level. And for organisations that are held back by inefficient, outdated IT systems, embracing the cloud is one way to make improvements. 

Few organisations today choose to use physical servers; they are costly, require office space and need people to maintain and manage them. Solutions like O365 and Exchange Online are making delivery of common IT services easier, better and lower cost, and like it or not, the requirement for on-premise skills will reduce as cloud adoption becomes the new norm. As IT evolves, the skillset of IT teams needs to evolve with it, or face being left behind.  – Read more

6 Types of Content Your Website Doesn’t Need

Content is king, marketers say – but not all of it. Indeed, some content can harm your website, slowing its performance, irritating visitors and badly affecting its search engine ranking. The way to deal with this is to check your site regularly and get rid of the damaging material. Here, we’ll explain what to look for.

1. Heavy images

Images are important elements of any website and can have a positive impact on user engagement. However, they are data-heavy and can slow down the loading time, damaging SEO and user-friendliness. While we are not suggesting you delete your images, what we do suggest is following best practice by optimising them for your site.

This means using PNG files of 72 dpi which are much lighter and can be loaded more quickly than larger files. At the same time, use an image optimising plugin that will take existing images and create light versions of the right dimensions for your theme. To speed up your site even more, consider using lazy loading or a content delivery network.

2. Popups

While popups have been proven to help increase conversion rates, they are one of the most annoying features of a website and can lead to user abandonment, especially if you use multiple popups. If you don’t need them, take them down. If you do, ensure you use them minimally and have them appear when the user is leaving the page, not halfway through reading your content. You also need to make sure that closing them is easy and that they don’t appear on every page. Pay particular attention to how your popup works on mobile screens where they can be even more problematic and harder to close than on a desktop. 

Remember, also, that a popup adds an additional script to your website which will affect its performance and impact SEO.

3. Overeager cookie consent popup

Cookie consent is something all websites are required to ask for; however, users end up getting incredibly annoyed at having to click ‘accept’ every time they visit a site. So, while you can’t dispense with the law, you can make acceptance far less of a trauma.

For a start, consider replacing page dominating cookie popups with less obtrusive methods that don’t interrupt the user from reading the content. Secondly, set the cookie consent form to appear at the same frequency as your shortest cookie life. Once you have permission to store cookies on a user’s device, you don’t need to ask for it again unless you start collecting new cookie information or change the length of the cookie, the purpose you use it or the way the information is used, stored or shared. This means, if your shortest cookie life is 30 days, you’ll only need to ask for consent every 30 days.      

4. Broken links

Links are important for both the user experience and SEO. Internal links help users find the content they are looking for more quickly and enable search engine crawlers to discover and index content on your site. Outbound links are considered by search engines to add value to your content and can, therefore, improve your SEO.

While working links are good, broken ones are not. Users get frustrated if they click on a link to a page that doesn’t exist anymore and this can lead to them having a poor impression of your site or even leaving it. That poor experience is noted by search engines when they follow your links and this too can lead to the pages that they appear on being downranked.

You need to check for and amend broken links regularly, especially if you have been deleting pages or changing URLs. The easiest way to do it is to use a link checking plugin that will take care of the legwork for you.

5. Out of date content

Hidden in the metadata of your web pages is the date on which the content was published. While this isn’t visible to your visitors, it is to search engines which use it to understand how up-to-date your content is. As the world changes so quickly around us, search engines look for fresh information, considering it more relevant to a user’s query.

At the same time, the users themselves want the latest information – someone searching for ‘Best clothes shops in Bradford’, for example, would be disappointed if they found a page containing a list of shops of which many had shut down.

For websites, this means regularly going through your content, deleting pages and posts which are completely out of date and updating outdated information on those that still had some relevance. For companies which have product and service pages where there has been no change to what’s on offer, it may seem that there is no need to make changes. However, even making minor tweaks now and then will refresh the content for both users and search engines and update the publication date at the same time.

6. Third-party ads   

A helpful source of income, many sites display adverts, including video ads, from third-parties like Google and Bing or show imaged-led links to content on other websites. While the odd, discretely placed ad does little harm, some sites can go overboard and this can significantly slow down the loading time of the page and become a major obstacle to reader retention. It can have a serious impact on SEO, user engagement and conversion rates. You are most likely to see this overloading of ads on newspaper websites.

Ideally, you should test how the loading time of your website is affected by the ads you show and use analytics to see if they are impacting your ranking, traffic and engagement. If they are, you should remove the worst offenders until you reach a satisfactory balance.    – Read more

Learn More About

Phishing, Spoofing, and Whaling: Tips for Staying Safe

Phishing is a term that refers to attempts to obtain identifiable information of an individual by cybercriminals in an attempt to impersonate someone else via social engineering.

The word is a neologism created from the word fishing, because of the similarity between the two techniques – both use bait to catch a victim. This is a very serious cyber threat. According to estimations from 2017, phishing was costing American companies a whopping half a billion dollars each year.

It is usually carried out by forgery of electronic communication of mail or messages, directing the user to a state similar to the original and prompting them to fill in fields with data such as user names, access keys, or bank details. 

This process is also known by the term spoofing. These attempts pretend to originate from social portals, banking institutions, or system administrators and may contain links to websites infected by threats. In addition, it can be used to install malicious software on the victim’s system and can be used as a platform for other types of attacks, such as advanced persistent threats.

Another strategy often used is called whaling, which references whale phishing, as in the act of catching big fish. It involves searching for data and information regarding individuals with high ranks or positions, or even personalities of relevance. In this case, the attacks are usually disguised as court notices, customer complaints, or other business-related issues.

Overall, phishing is embedded in social engineering techniques used to deceive a user and exploit vulnerabilities in the current security of the Internet. Attempts to tackle the problem include the creation of legislation, education and public awareness, and the implementation of improvements in safety techniques to mitigate cybersecurity risks. However, there are other things you can do to protect yourself. 

Do not click the links

The rule of thumb is to simply not click on links in emails or messages – or, at least, verify those links before clicking them. And this is valid for all emails you receive from unknown sources, even when you receive an urgent reminder that “your password has been compromised” or that “the account is about to be disabled”.

In the vast majority of cases, these messages are false and, when you click on the link, you are prompted to log in or enter some account data, such as banking information. But keep in mind that bank sites are not always used, as there are phishing attacks for Gmail, Facebook, Amazon, Apple, or other high-profile services that have credit card details.

Read the message and find the signs

It is true that an occasional grammatical or spelling mistakes can appear in any email, but fraudulent messages are usually poorly written and with grammatical errors that denounce amateurism. It is easy to find strangely constructed sentences, such as improper use of language, a temporal error, and more.

In addition, always check the From email address, as it will almost always give the attack away. For example, quite often the email subject and content claim to be from Google, but the email address clearly is not.

Adopt security measures for all your accounts

When it comes to cybersecurity, the goal is to prevent all breaches, but sometimes accidents happen. In a situation like this, a very good workaround is to have additional security features whenever possible to further protect an account.

A very good example of this is Multi-Factor Authentication (MFA), which can be a life-saver. For example, imagine you have MFA active and running on your Facebook account, and for one reason or another, you fall victim to a phishing attack and reveal your Facebook account’s credentials (email and password) to the cybercriminals.

Because you have MFA on, and despite having clear access to your account’s credentials, they will not be able to successfully log in to the account, leaving you with enough time and space to login and change your credentials.

Do not believe in awards…

Emails that say you have won a prize and ask to click on a link and enter your personal data are almost surely a variant of the phishing attack. Not that winning prizes is unlikely but, when it happens out of the blue, suspicions should be raised.

…nor try to help needy friends

There are many phishing strategies that appeal to everyone’s soft side. The ‘stranded traveler’ is a popular and pernicious example in which victims are sent a message from a (supposed) friend or loved one, stating that he or she is stuck abroad without money (or was stolen, or some other disaster struck) and desperately needs you to send money to an emergency fund.

As you might expect, this money would disappear forever the moment you pressed the submit button. Again, the way to authenticate the situation is to directly contact the person who allegedly sent the message.


Most phishing strategies have common themes, so it is useful to review them. Put simply, do not click on links, do not provide account details, or send money unless you know for sure the messages are real and are from whom they claim. Also, banks will hardly ever request personal or account-related details over email. If you keep an eye out for these red flags, you stand a much better chance at preventing a phishing attack.  If you host your data on the cloud, it is always the best idea to make sure all best practices are in place and your VPS is secure.

Learn More About