SmallBizIT

by

Stop Using Windows 8.1 and Windows 7 – Do It Now!

Few of us are big fans of change. It can be easier to keep on going down that same path or use that same computer software; it’s comfortable and familiar. As of January 10, 2023, however, Microsoft has stopped providing support for Windows 8.1, which means you need to make a change.

It’s time.

If you’re still on Windows 7, it’s really time. Microsoft stopped providing security updates and technical support for that in January 2020. Microsoft did launch an extended service update (ESU) period for Windows 7, but that’s over, and there’s no ESU program for Windows 8.1.

Microsoft recommends moving to a new device that can run Windows 11. They warn against “performance and reliability issues” with older, unsupported operating systems. Another option? Upgrade your current device and install a newer operating system on it.

Now, you might be suspicious, thinking, “they just want more of my money,” but the manufacturer has already been providing support for both of these tools for ten years. Plus, computing is changing enough that they need to keep up with new iterations of Windows. Then, they focus their attention on keeping the latest releases updated and secure.

Benefits of upgrading to Windows 11

According to Statcounter data in 2023, Windows 11 is only on 15.44 percent of Windows systems right now. Windows 10 has the majority (over 70 percent), but if you’re one of just under 10 percent of users still on Windows 7, make the change now.

Cybercriminals know that people will wait to make the change, and they find ways to exploit the weaknesses of unsupported software. You are particularly vulnerable when relying on Windows 7 or Windows 8.1.

Windows 11 is the latest Microsoft offering. They have worked to reduce risk from the latest cybersecurity threats. With Windows 11 you can better protect your files and cut the risk of today’s viruses and malware.

The new operating system is built to be more efficient. Microsoft has tweaked the Windows layout and navigation to help users find what they need and perform tasks more easily.

Not sure what version of Windows you’re using? In the bottom left of your screen, click on the Start Menu and press the Windows button on your keyboard. Then, type “system”. Click either the System or System Information icon. You’ll see your Windows version listed at the top of the window that opens up.

Upgrading to Windows 11 from 7 or 8 isn’t free. Only Windows 10 users can upgrade at no cost. Also, to upgrade to a Windows 11-compatible device, you’ll need to make sure you get a security chip called TPM 2.0. It’s unlikely you’ll find that chip on a computer more than four years old.

Need help with your Windows software? We can help. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

Watch the Little Things in Cybersecurity

Author Richard Carlson tells the world, “Don’t Sweat the Small Stuff” in his popular book. Yet he’s not in the cybersecurity realm. When it comes to protecting your business, you do want to watch the little things. Avoiding small matters could bring big risks.

You’re already keeping an eye on the big things such as ransomware or data breaches, and you’ll also be ensuring have a data backup and disaster recovery plan in place. But don’t overlook the small issues that come up – they can be just as vital to your cybersecurity.

For one thing, don’t undervalue physical security for your business technology. In America, there have been reports recently of attacks on power stations, but these aren’t sophisticated cyber hacks. Attackers with guns are breaching the physical premises and shooting transformers. It goes to show that you focus on preventing cyber threats at the expense of perimeter protection.

This also means reminding employees not to let unknown personnel into the building and telling them to take down those post-it notes on their PCs with their passwords on them.

Allowing your people to work on software that’s past its support date could also be a bigger deal than you think. The “if it ain’t broke, why fix it?” mentality could leave you open to attack. Hackers seek out vulnerabilities tied to outdated systems. They can leverage small openings to wreak havoc on your business.

Small steps can make a big difference

Similarly, don’t fall for the idea that cybersecurity effort needs to be complicated to do the job. There are small steps your business can take to protect itself.

Cyber hygiene is a good starting point. Ensure your people aren’t reusing weak passwords across accounts. Make keeping track of complex passwords easier by using online wallets such as LastPass.

Keep computers updated and software patched. Manufacturers keep up with threats and upgrade their code to address known vulnerabilities. All you need to do is allow the update when it’s offered. It can be an inconvenience, but agreeing to that update can save you a big problem down the road.

Educate employees about using public Wi-Fi networks. They may think they are being productive by logging in while in line at the coffee shop, but that public access point could be putting your systems at risk. One big problem is that an attacker could be set up on that hotspot to intercept sensitive data.

Encrypt data. This helps you protect data wherever it may be, not just on-site. A hacker intercepting that data would still need decryption capabilities to get access.

Multi-factor authentication also helps to protect your business. After all, a criminal could get access to an employee’s username and password from a phishing attack. If you don’t add a second layer (at least) of authentication, they can easily log into your network and do damage.

Need help with cybersecurity issues? We can help you with the big and the small. Contact us today at 555-5555.

by

Tackle These Four False Assumptions about Cyber Attackers

There’s one big assumption about cyber attackers that we regularly refute: “It can’t happen to me.” At this point, most businesses do recognize the serious nature of the cyberattack threat. Yet other assumptions about cyberattackers may also make your business vulnerable. Educate your employees about these four main misconceptions. Raising their awareness can help secure your systems against social engineering attacks.

Start with the assumption that any technology is 100 percent safe. This is as misguided as the idea that your business won’t be a victim of a cyberattack. Some employees may believe that Google and Microsoft activity is always secure. That’s not the case.

Google and Microsoft have massive market shares, and it makes sense that bad actors target their cloud storage and content distribution. Once they’re in, they have ample opportunity to scam people.

Another false assumption is that threat actors go in blind with a scatter-shot approach. In fact, many social engineers do their research first. They learn what they can about your employees, your org chart, and what your business does. This helps them to develop more credible attacks.

Cybercriminals take the time to build rapport before initiating an attack. They may send unassuming conversational emails first, which helps them lull your people into seeing them as a trusted source. After establishing false security, criminals make an urgent request or plea for help.

 

Counter these misconceptions too

Cyberattackers may also make their play over the phone. So, don’t assume that your online interactions are the only thing to protect. There are hundreds of thousands of “vishing” threats every day. The bad actor may send an email without any malicious links or attachments, but there’s a number to call. If your employee calls in, they’ll talk with a convincing criminal. The bad actor might act as a call center or customer service agent.

Also warn employees against the assumption that responding to an existing email is always safe. It is much easier than they might think for someone to hijack a colleague or client’s email inbox. Then, the criminals use a pre-existing email thread to send a malicious attachment or URL, or use the connection to ask the employee to perform some action for the threat actor.

Finally, emphasize the point that anything is fair game. Cybercriminals will attack anyone, in any way they can. This includes leveraging current events, pop culture, and even international health crises. One campaign exploited victims by offering early access to Season 2 of the streaming success “Squid Game”, and during COVID lockdowns, hackers offered free masks or free tests to get people to download infected files.

There is money in cybercrime – a lot of it. The bad guys are highly motivated and always looking for new ways to exploit human weaknesses. Discuss cybersecurity assumptions with your employees and put protective measures in place to secure your IT. Our experts can help. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here..

by

What You Need to Know About Browser Extension Risks

With “Googling it” now a common expression, it’s safe to say you do a lot online. To do it all you’re using a Web browser (such as Chrome, Edge, Firefox, etc.). To do it all more efficiently or effectively, you could be using browser extensions, but this article is going to warn you against doing so.

To clarify, browser extensions are code add-ons that you connect to your browser. You can use them to personalize your surfing experience, and they accomplish many different things, including:

  • saving time (e.g. Scribe, Evernote, StayFocusd);
  • checking your grammar (e.g. Grammarly);
  • managing your passwords (e.g. Keeper, LastPass);
  • securing your online activity (e.g. DuckDuckGo, Ghostery)

Even though we’ve just said they can help secure your online activity and manage your passwords, the problem is that they are also risky.

Consider the fact that we said this represents added code. Now, how much coding do you know? Most will say “not a lot.” That means you’re blindly trusting that browser extension.

If you download a malicious one, that code can wreak havoc. Suddenly, your default search engine gets changed, or you get redirected to a start page with malware on it. You might face an onslaught of pop-ups or ads. They can also track your browsing history without you knowing it.

That’s just the beginning

Many browsers today want to keep you safe from malevolent extensions. They’ll have permissions in place before allowing access. Yet you still end up giving that extension a lot of access. For example, an extension modifying google.com needs access to all your Google activity. That means your Gmail, too.

Browser extensions access everything you’re doing online. So, a malicious extension could also function as a keylogger capturing passwords or credit card details.

A browser extension can also be sold to or hijacked by a bad actor. Then, it’s easy enough for them to push out an update that turns your trusted extension into malware.

What to do about this issue

Does this mean you should do without browser extensions? There are even browser extensions out there to block other browser extensions, but abstinence from extensions is not your only solution.

Instead, we’d recommend reviewing the safety and credibility of that extension. This means you should:

  • Check to see who published the extension.
  • Look at the reviews. A high number of positive reviews is a good sign. Thousands of people are unlikely to give five stars to a malicious extension.
  • Pay attention to the permissions required. If an extension claims to modify only one website, check that it accesses that site only.
  • Protect yourself with a good antivirus solution.
  • Keep your antivirus solution and other software updated.

It’s also easier to stay safe by limiting the number of installed extensions you use. If you have browser extensions that you aren’t using, uninstall them. This can cut your exposure to potential threats.

Another way to secure your online activity? Work with our IT experts. We can check permissions and review your extensions. We’ll also ensure your antivirus and software are up to date. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

Making Smart IT Purchases with CPI Networks

There is no shortage of business technology out there to choose from. The sheer volume of options is overwhelming, and it can be challenging to identify the right solution for your business. This article provides ideas to help you make smart IT purchases.

You want to get the most out of your IT budget in 2023, but these common factors can derail smart IT purchases:

  • Many small and medium-sized business owners don’t have a lot of technical expertise.
  • Making buying decisions based only on a budget can lead to getting tech that won’t suit your needs.
  • People get drawn in by marketing appeals or salesperson charisma.
  • Buyers want to simplify their lives, so it seems to make sense to go with the same supplier or brand. But that’s not always the best answer.

All this means that even the best-intentioned buyers can choose the wrong technology. Maybe that new system isn’t compatible with existing software and hardware. You make things more difficult for your employees instead of improving productivity. Or you can end up wasting money on something you don’t need, or getting the perfect product but at an exorbitant price.

Strategies to Support Better Tech Purchases

When it’s time to buy technology, several strategies can improve your results.

Establish your requirements

This is more than thinking, “I want X to do this and that.” Map out your current technology to see what might already meet those requirements. Plus, learn what compatibilities will be essential to effectively use the new tech.

Talk to your employees

Ask about what they would change and what they like best about the tech you’re replacing. They’re the ones who are going to be using your tech purchases on a daily basis. Buying decisions made in isolation could saddle staff with IT that frustrates them.

Think long term

This can prevent you from getting caught up in glitzy marketing or salesperson enthusiasm. Yes, it’s human to want that cool, shiny gadget with all the bells and whistles, but it may not be what your business needs, either today or down the road.

In fact, if you’re oversold technology, you could face IT budget woes in the future. On the other hand, you don’t want to buy something that you’re going to have to replace soon. That’s setting yourself up to do this all over again. You want to make a choice that is the right fit for your current requirements but that can also scale with you.

The Solution to Tech Purchase Miscues

Of course, all this takes time – a long time if you lack IT expertise. That’s time away from running your business and revenue-generating activity. Partner with a managed service provider (MSP) like CPI Networks to simplify the process. We can look at your existing setup and learn what you need. Then, we’ll use our experience and vendor connections to get you the best deals on smart tech purchases. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Do you want to be notified when our next blog is posted, sign up here.

by

Avoid Holiday Hoodwinks

The holidays are busy. We’re trying to get work done to have some fun, and we’re hosting family and friends. Plus, parents that have the holiday Elf tradition must remember to move the doll every night. It’s a lot, and it can make us more likely to fall for scams that can lead to data theft.

Hackers like to take the path of least resistance. Why work harder than they have to for their ill-gotten gains? Instead, they’ll use social engineering to get you to give them your data or download their malware. Look out for these top holiday scams.

Parcel delivery scams

More people are expecting packages this time of year. Bad actors take advantage of this with what’s called a smishing scam. It’s a particular type of scam using text/SMS messaging. You get a message from a known service telling you a delivery needs rescheduling, or that there’s an outstanding fee that needs to be paid.

Recipients, who are already expecting a package, are quick to fall for the request. Clicking on the message link, they enter personal information or download malicious software.

Tip: Go to the source of the package you’re expecting and see what they’re saying about your package delivery.

E-card scams

Another common holiday season scam takes advantage of our enthusiasm for money. Scammers send e-cards to your email. When you click on the link, you’ll download a virus or other malware (e.g. ransomware).

Tip: Check the credibility of any e-card sender before downloading the “gift.”

Christmas hamper scams

Everyone wants to be a winner, but don’t fall for the scammer calling or emailing to say you’ve won a Christmas hamper. They’ll claim to be from a legit organization and have some of your personal information already. That helps them make it all seem genuine. Then, they’ll ask for you to provide more personal details to collect your prize or gift.

They may ask only for your full name, address, and phone number (if the request was emailed). They’ll be collecting this information for a more focused attack in the future.

Tip: Use strong passwords and be careful about what personal details you put on social media.

Fake websites

Many people shop sites that are unfamiliar to them at this time of year. Grandparents (even parents) know nothing about that latest trendy shop! Bad actors will set up fake sites offering gifts and services. They’re looking to get your personal details and money.

Tip: Prefer secure website addresses starting with “https” and displaying a locked padlock.

Shopping scams

Every season has its in-demand items. Scammers take advantage of this and set up ads for amazing deals on those items. Desperate to get this year’s toy for your toddler, you might be hooked. Or they’ll ensure people click on their ads by offering ridiculous deals. If you do get the item purchased via these ads, it’s likely to be a sub-par counterfeit.

Tip: Shop with retailers you know and trust.

Bank scams

This scam operates year-round, but bad actors have an edge in the holiday season when people spend more. Fraudsters typically call, text, or email as your bank having noticed suspicious activity. They get you feeling anxious and then urge you to take action (e.g. click a link or share personal details) to address the issue.

Tip: Remember that banks never use unsolicited calls to ask for personal details, pressure you to give information, or tell you to move your money to a safe account.

Protecting yourself this season

The tips shared throughout this article will help. At the same time, setting up password managers and antivirus software can also be useful. We can help you secure your online activity year-round. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

Backup Your Apple Computer

There are many moments in life when we would like to travel through time. One common instance is when an important document disappears from our computer screen. Making things worse, we forgot to save it! That’s hours of work lost. Fortunately, Apple users have Time Machine’s built-in backup feature for added protection.

This software automatically backs up apps, music, photos, email, documents, and system files. You can backup to:

  • external storage devices;
  • another Mac set up as a backup destination;
  • network-attached storage (NAS).

It’s simple. Connect your Mac to an external drive, then Open Time Machine to select your backup destination. You can select when backups happen and what gets backed up, and you’ll also have the option of encrypting your backup, which is a good idea.

Time Machine keeps hourly backups for 24 hours, daily backups for a month, and weekly backups for previous months until full. The oldest backups get deleted when space is needed.

All you need to do to restore your original files is turn on and connect the Time Machine backup disk. Then, you can use the timeline on the Time Machine screen to find the items to restore.

We recommend all Mac users set up Time Machine to backup to at least an external drive, and Apple makes it easy to setup this minimum level of backup. With the local device, you’ll have a first line of defense close at hand if you need to recover or restore your computer.

However, this basic backup does limit your options. To amplify your protection, consider these alternatives.

Gaining More Control of Your Backup

Third-party software offers additional layers of protection. You gain detailed control of what is backed up and when, and what happens afterwards (perhaps you’ll want the software to eject the external device or shut down). You can also find software that backups operating systems and settings too. This could prove useful if your Mac gets stolen or damaged. You’ll be able to move to another device and quickly get all your data and applications configured as they were.

Another alternative for enhanced backup is the cloud. Time Machine and third-party software solutions require a local device to hold the backup. But if your computer is stolen, the thief is likely to have taken your backup too. Or, if your laptop is damaged in a flood or fire, the backup is probably also destroyed.

You’re also at risk of ransomware with Time Machine and third-party software. If malicious software compromises a device (yes, Macs are vulnerable too), it’s going to spread to connected or networked devices. So, the USB backup drive or NAS is as susceptible to encryption as the main Mac device.

Cloud backup provides a solution that helps avoid all these issues. Your backup data is stored in a datacenter that the thief, fire, flood, or ransomware can’t touch. Most cloud backup providers boast rigorous security protocols.

Eventually, all hard drives will fail. Backing up important data to one device leaves you at risk of a single point of failure. Cloud backup removes the fear that the one backup drive isn’t going to be working when you need it.

Need help setting up Time Machine, a third-party backup, or configuring your cloud backup? Let our computer experts help! We don’t want anyone to go without the safety and security of a reliable backup.

Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

Automated Data Backups Still Need Management

Your business is backing up its data in case of a cyberattack or other disastrous disruption. Yes, you can pat yourself on the back for that, but don’t get too complacent with backing up. Automated backup still needs monitoring and management.

Having decided to back up data, you may feel confident you can withstand an attack or recover from unexpected downtime. But if you simply trust the backup to run at a certain time, you might be surprised. Automated backups can make the job easier. Still, you should be monitoring these backups and checking them, too. There’s nothing worse than finding out months later that something went wrong with your automated backup.

Why you need to monitor backup

A technician can set an automated backup to run on a set schedule. They select a time that causes the least interruption while ensuring up-to-date data. Yet this is too important a process to leave unattended.

Things change. The automated backup is set up for the technology configuration when originally installed. A lot can happen in the meantime as the IT environment evolves.

Blindly trusting automated backup could leave you unaware of problems such as:

  • an unplugged backup device;
  • an altered device letter, which means it isn’t found;
  • moved folders;
  • software updates that might have changed what needs to be done and how;
  • the original plan not accounting for new servers or migration from on-premises to the cloud;
  • insufficient capacity for the backup.

If no one is monitoring that backup, your business could assume it went smoothly. Then, when you need that backup, you could find out the hard way it didn’t go as planned.

 

Keeping an eye on automated backup

 

It’s not that you can’t automate backup, and there is convenience in doing so. Automating the backup of a computer, network, or IT environment can save time and money.

Yet you need someone to pay attention. Monitoring backups ensures that the process is running smoothly.

A managed service provider (MSP) will take a hands-on approach to your automated backups. If there is a failure, they have the skills to address the issue quickly and alert you of any bigger issues. Plus, with an MSP in your corner, you gain IT experts skilled at data recovery, too.

The MSP’s techs can even run data-restore drills, helping you to prepare for challenges such as ransomware attacks or accidental data deletion.

Process automation helps businesses, but don’t rely on it unattended. Optimize data backup by adding a human element. An MSP can ensure quality and fully protect your business. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.

by

Data Breaches Are Getting Worse: Know the Basics

The exposure of sensitive information can be disastrous for individuals, businesses, or governments. Yet data breaches aren’t going away. The first data breach compromised more than a million records in 2005. Since then, we’ve seen ongoing news of breaches. But there are some basic steps you can take to avoid falling victim to an attack.

Let’s look just at August 2022:

  • A breach at communications giant Twilio exposes 1900 users’ phone numbers and SMS verification codes.
  • Researchers discover at least 9000 virtual-network computing endpoints exposed online without a password.
  • CISCO confirms a ransomware gang has exfiltrated 2.8GB of data.
  • An American neurology practice notifies 363,833 individuals of a data breach.
  • 4 million Twitter users are thought to have been affected by a data breach at the social media firm.

And that’s all during a 10-day period!

In its annual Cost of a Data Breach study, IBM found the cost of a breach hit a record high this year, at nearly $4.4 million.

How does a data breach work?

A data breach involves any unauthorized access to confidential, sensitive, or protected information, and it can happen to anyone. Data breaches happen mainly when hackers can exploit user behavior or technology vulnerabilities.

The threat surface continues to grow exponentially. We are increasingly reliant on digital tools such as smartphones and laptops. With the Internet of Things (IoT), we’re adding even more endpoints that unauthorized users can access.

Popular methods for executing malicious data breaches include:

  • phishing – emails in which hackers persuade users to hand over access credentials or the data itself;
  • brute-force attacks – hackers use software and sometimes even hijacked devices to guess password combinations until they get in;
  • malware – infects the operating system, software, or hardware (often without the user knowing) and steals private data.

Disgruntled employees or political hacktivists can also be behind data breaches. However, more often than you would hope, the breach is due to human error.

Basic steps to avoid data breaches

Too many data breaches trace back to people using weak access credentials. Yes, there are still people out there using “password” or “123456” to log in at work! Thus, an important step to counter data breaches is enforcing strict password policies.

Multi-factor authentication can also help. This way, even if the employee uses a poor password, or their strong password is stolen, the hacker has to work to get access. They might need the user’s physical device to confirm a one-time-use code sent to verify identity.

It’s also important to patch and upgrade software as soon as asked to do so. Manufacturers support security by keeping abreast of hacker attacks throughout the world. They’ll also watch for bugs and any vulnerabilities. Disregarding that message to upgrade or patch could leave your computers at risk.

Encrypting all sensitive data can also cut the risks of a data breach. That way, if the bad guys do get inside your systems, they can’t do anything with the information they access.

With more people working remotely, the number of users doing business on their own devices is also up, which represents another data breach risk. Enforce strict Bring Your Own Device (BYOD) policies to minimize exposure. You might require secure remote desktop services and professional-grade antivirus protection.

Don’t risk data breach damage

Data breaches cause business downtime and can cost your reputation and bottom line. You may lose customers and also have to pay legal fees or compliance fines. Don’t let this happen to you. A managed services provider can install protection and take precautions against data breaches. Call us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here.-

by

Beyond the Ransom: Dealing with Ransomware’s Aftermath

Ransomware is on the rise. The estimated 304 million worldwide attacks in 2020 represented a 64% increase. These attacks are growing more costly, too. Ransomware payouts jumped 171% from 2019 to 2020. For businesses in any industry, ransomware is a real threat, and recovery is more taxing than you might think.

With ransomware, bad actors infiltrate your devices or systems and encrypt your files. They demand a ransom in exchange for the decryption key that lets you get back to work. This type of cyberattack is always evolving. If you haven’t been compromised yet, you may want to think of it as only a matter of time.

What to do About Ransomware

There are many ways to cut your risk of becoming a victim of a ransomware attack. These include:

  • educating your employees in security awareness;
  • securing email gateways;
  • limiting remote access;
  • using multi-factor authentication;
  • monitoring remote access points;
  • keeping up with cybersecurity to identify threats.

You’ll also want to install antivirus protection and keep your software patched and up to date.

Maintaining encrypted backups offline can also offer reassurance that you can recover from a ransomware attack.

Recovering from a Ransomware Attack

Protection is essential, but that’s not going to stop the attackers from trying to infect your systems. If your business is compromised, you’ll have to decide whether or not to pay the ransom to unlock your data.

Yet “to pay or not to pay” is not the only consideration when it comes to recovering from a ransomware attack.

First, you need to get to the bottom of the attack and learn how the malware was deployed. Attackers may have used a phishing strategy or exploited weak remote access controls. Find out where they got in and how they moved within your system.

You’ll want to report what you know about ransomware to law-enforcement agencies. If you are in an industry with compliance regulations, you may need to report there, as well. Acknowledging the ransomware may hurt your business reputation, you can at least help others learn about new threats.

You may also need to contact your clients, depending on the laws in your country. You will need to tell them about the hack and what data was released (if any). You might also warn them against opening emails from your business, as they could be compromised.

After the initial steps of recovery, you’ll also need to hunt for any malware remnants on your systems. The ransomware is the final payload, but the attackers would have used a delivery mechanism such as Trickbot, Emotet, or Qakbot. If you don’t discover this malware and get rid of it, you could be a victim of ransomware again.

MSPs Help Combat Ransomware

Managed service providers can support your cybersecurity efforts. They can monitor your systems and keep patches and antivirus software current. They can also manage the backups which are key to a successful recovery. Contact us today at (416) 645-2469 or (905) 667-0441 or email us.

Want to be notified when our next blog is posted, sign up here..