Patrick Shaw’s Weblog

I’ll be away from my desk and my computer and my office until 2008 - best to you and yours - and I’ll be back with more information about nonprofit technology in the New Year!

-Patrick

Launching websites is one of the best parts of our work, because it is so tangible - many agencies have fresh designs, fresh content, fresh features - or all three - and seeing them available on the internet is exciting.

The actual launch has lot of moving pieces though - here’s a quick primer:

There are 3 moving pieces in most website launches:

1. Where the site is physically hosted
2. Who owns the name (for instance www.mynonprofit.org)
3. Who manages the Dynamic Name Server information (also referred to as DNS)

Your new site will be physically located in a new spot – on servers that we lease and manage for our nonprofit customers. To make your site launch, we’ll need to change some DNS settings on your behalf. You can think of it like changing your address at the post office –we need to “point” your name (www.mynonprofit.org) to the new physical location.

Sometimes, your current webhost manages all three of those moving pieces, sometimes just one or two.

So – here’s the 64 dollar question for us:

Do you know and have access to the agency or vendor that managers your DNS? Oftentimes it is someone such as www.networksolutions.com, or www.godaddy.com. Both of those vendors have easy to manage control panels that allow us (or you) to make those changes. We prefer to have access to making those changes ourselves. In the past, it’s been challenging to troubleshoot when we didn’t have access. For instance, one agency was able to change their www.mynonprofit.org to the new site – but didn’t change their http://mynonprofit.org to the new site – so they had TWO publically available sites! And – if you are getting your email from a third party –we want to make sure that we don’t change those settings, either. And some agencies have multiple names that all are supposed to be pointing to the same spot -so it can be a challenge if we don’t have the access we need for a successful launch.

And some notes about the actual launch:

When we’re ready (that means you’re designs and content are all in place and you’ve told us to launch), it can take up to 36 hours for those changes to propagate throughout the internet. We can make those changes at anytime – but usually try to do so near the end of the day, and often on a Thursday or Friday – 3:00 or 4:00 PM – so that most of that propagation can take place after business hours. But if you have a sense that your website visitors will be using your site during those hours – we could also make those changes earlier in the day.

Special thanks to our colleagues from NPower New York - some of this information duplicates what I posted already - but - I thought I’d post their excellent “how-to” as well:

We are sending this email to NPower NY clients to make sure you are aware of Salesforce.com’s new security changes coming on 12/4.

Special thanks to our colleagues from NPower New York - some of this information duplicates what I posted already - but - I thought I’d post their excellent “how-to” as well:

We are sending this email to NPower NY clients to make sure you are aware of Salesforce.com’s new security changes coming on 12/4.

This email contains:

a) Links to the security webinars

b) Directions on how to login to Salesforce after 12/4 from a new PC

c) Where to go for more help

d) NYC Nonprofit User Group Information

Links to the Security Webinars:

If you haven’t already, view the Salesforce Security webinars:

1) http://salesforce.acrobat.com/securitywebinar - general information about security and phishing

2) http://salesforce.acrobat.com/security3 - specific information about changes to the Salesforce login process - WATCH THIS ONE

Here is the website with all of the security information: http://trust.salesforce.com/security.html

All the information below is taken directly from that site.

Directions on how to login to Salesforce after 12/4 from a new PC

***If you are logging into Salesforce from a new computer or a new location (IP address):

To access Salesforce via a browser, you can “activate” the computer with the following procedure:

1. In response to the error message, click the Send Activation Link button to trigger an email message. Please note salesforce.com will never ask you for your login credentials in an email.
2. Open the email message that contains the activation link.
3. Copy the link and paste it into the browser within 24 hours. A message confirms that the computer has been activated.
4. Once activation is complete, you can log in to Salesforce as usual. You will not have to activate that location or browser again.

***To access Salesforce via a desktop application (like the Outlook connector) or other API-based application (like a website), you must replace your current password with a combination of your password and a security token:

1. Log in to Salesforce via the browser to request your security token.
2. Go to Setup -> My Personal Information -> Reset Security Token.
3. Click the Reset Security Token button to trigger an email which will contain your security token.
4. Select and copy the token from the email.
5. In the application, replace your password with combination of the password and the security token. For example, if your password is “MyPassword” and your security token is “XXXXXX”, you would enter “MyPasswordXXXXXX” into the password field.

For more details and screenshots, view the webinar http://salesforce.acrobat.com/security3 .

***If You are a Salesforce Administrator

Our goal is to minimize the impact of the Identity Confirmation features by allowing established patterns of usage to continue unchallenged, so that users who log in from a known, trusted IP address are not affected. To exempt your users from having to take additional steps to log in, you can define a list of trusted IP ranges in the application.

To facilitate this process, salesforce.com will pre-populate such a list for your company once, based on an analysis of the last four months of your organization’s login data. Users with an address within one of these ranges will not be required to activate their computers or use a security token.

It will be your responsibility to update your list of trusted IP ranges by adding new ranges as needed.

You should be prepared to answer questions from affected users when Identity Confirmation is implemented for your company. The steps below will prepare you to assist your users and to maintain your list of trusted IP ranges.

Important! View the Webinar to be prepared to answer your users’ questions. You can also refer your users to the Webinar.

Rollout will begin on November 26 (More detail forthcoming) to find out when Identity Confirmation will be implemented for your company.

Check the pre-populated list of trusted IP addresses for completeness and accuracy.

Maintain this list to ensure a smooth login experience for your users. To manage the list, go to Setup -> Administration Setup -> Security Controls -> Network Access

If you have additional questions, contact Salesforce.com Support - 415-901-7010.

c) Where to go for more help

Salesforce Customer Support: 415-901-7010 or the security web page: http://trust.salesforce.com/security.html

There’s a terrific article in The Seattle Times today about cybercrime - and it includes a great set of definitions. If you need to know what phishing, a trojans or a worm are (and you DO need to know!) then this is the article for you.

The growth of the various sorts of mal-ware hurts everyone - more spam, more time and money spent on remediation, more concern about the safety of your crucial information. And while this article doesn’t have the answers - education is a great offense for crimes like these.

A great 15 minutes test from the team at A Good Man Online - an interactive test that will both teach you and test you regarding your eye for how to best implement text and graphics for your next website or newsletter. Kudos to my boss for both finding and letting me know about it!