Self Service Password Resets Save Time and Aggravation


You know the drill.  IT has implemented another security policy that requires you to change your password every 90 days.  The password must be complex, 12 or more characters and contain upper and lower case letters, at least one number and a symbol, a character like !@#$%&*.  Your password needs to be something like this, fU&s43jm#@l0, to be valid.  You are also not allowed to resuse a password you have used in the past year.  Will you remember it?  Hopefully.  Will you mistype it, almost certainly.  What will you do if you can’t remember it?  Call the Help Desk and have them reset your password.  It stresses you out, doesn’t it?

What if you could easily reset your password, right from your mobile phone without having to call the Help Desk?  You can!  An innovative company named Passportal from Alberta, Canada has what may be the easiest and best solution to the password reset problem.  Their solution is available through partner like Internet & Telephone, LLC and can make the password management problem go away for you and all the computers users in your company.

Here’s how it works:

  1. You get the dreaded message that your password has expired and you need to set a new one.
  2. You create your new password; ih0p3!r3m3mber@.
  3. You return to the login screen and type it in, but it says it’s invalid.  DejaVu sets in and your blood pressure begins to rise.
  4. In the old days, you would call the Help Desk and ask them to reset your password for you.  You wait for the friendly and empathetic technician to login to your network, open your users account and reset your password.  Back to work you go.
  5. Instead of #4, what if this happened:
    1. You pick up your mobile phone and text a keyword to a Blink_Chat_Animationpre-defined number you have saved as a contact.
    2. You immediately get a reply letting you know your password is about to be reset.
    3. Within 60 seconds, you receive another text with a new password.  Something like: 8Fx%$Gsjh3*7.
    4. You return to your login prompt and enter 8Fx%$Gsjh3*7 as your password.
    5. You are asked to set a new password that you will remember this time, right?

That’s how easy it could be to reset your password if you forget it, lock out your account or let it expire and mistype your new password.

This is also how easy it is to make password changes and resets less hassle for your users and less timely to complete.  The user has complete control and the ability to instantly help themselves through this efficient self service password reset system.

If you’re not using self service password reset now, you should be.  Your users will thank you.  So will your Help Desk team.

Honoring Memorial Day



When I was kid Memorial Day was always a long weekend to look forward to.  A trip to the lake to open the camp for the summer, parades and cookouts.  While the meaning of the day was known, it didn’t really resonate in the mind of a child.

As an adult, Memorial Day takes on its true significance.  While I have never had the honor to serve my country, I have the utmost respect for those who have and understand that today is about remembering those who have served and paid the ultimate sacrifice, whether in combat or years later as a result of their service.

A friend of mine, who is a veteran, posted a very heartfelt comment on his Facebook timeline this morning that sums up the day well.  He said that today is not a “Thank you for your service day.”  Rather, he contends, “It’s a day of remembrance and mourning.”  As I think back on all the years of parades and taps being played at the local cemetery, I understand and appreciate his words.

I know veterans of almost all the conflicts from World War II to the present.  I know veterans who have survived and veterans who have not.  I know veterans who have died decades later from disease caused by combat exposure.  I know veteran’s who survived the Allied invasion of Europe and I know their children, in some cases named after their friend and brother in arms, who died beside them in what could only have seemed like hell on earth.

My Dad was a humble member of the greatest generation and a veteran of WW II.  He served in the Pacific theatre with the US Army Air Corp, though he did not see direct combat.  I have aunts and uncles who served in that same war, as well as the Korean War.  I have cousins and nephews who are veterans and actively serving.  My father-in-law and his father before him, are career US Army officers, serving in WW II and the Vietnam War.  the legacy of service is strong on all sides of my family and I am grateful to each and every one of them, as well as to all veterans, who served to defend this great nation and all that it stands for.

I also can’t help but think how disheartened many of them must be with the current state of affairs in these United States of America.  I am not piling on to the popular political narrative, rather I am talking about the deep divides that dig at the very soul of our country.  After all that these brave veterans have fought for, I will never understand how it is acceptable to attack one another, physically or verbally, the way it is today.  The only comment I will make about politics, is my disgust with both parties, at how they put party and personal gain ahead of what is best for the people that elected them.  On this Memorial Day, I hope all of our elected officials will take pause and consider what these veterans, whom we have lost, would think of their actions and their rhetoric, when contrasted with these veterans service and sacrifice to the ideals of this great nation.

Today, I think about all of them with my most humble gratitude and respect.  The pride I feel for those I know who have served, is not easily communicated in words.  My sense of loss for those who are no longer with us is felt most for my family members, though not without equal compassion for those who are mourning their own losses today.

So as my friend closed his post today, “Either way stop and take a moment to remember the men and women that gave their lives so you could enjoy yours.”

Take Latest Ransomware Outbreak as a Warning


The following article was published in today’s Seacoast Online and Foster’s.

If you have read or listened to the news the last couple of weeks, or read my blog at, you know there was a massive ransomware outbreak May 12. This has been widely reported as the WannaCry outbreak, this being the name of the ransomware that spread around the world, hitting companies in 150 countries, impacting hundreds of thousands of computers.

This was described as possibly being a cyber weapon of mass destruction, due to the speed and scope of the attack.

First and foremost, understand what ransomware is. It is a form of malware, malicious software hackers install on your computer to carry out a larger task. In the case of ransomware, this larger task is to encrypt all the data your computer has access to. Encrypted data is unreadable unless you have the decryption code. Encrypted files appear as an ongoing string of random characters, scrambled to protect the data it has encrypted. Without the corresponding decryption key, the data is useless. Ransomware holds your data hostage by encrypting it and withholding the decryption key until you pay a ransom to the hacker, commonly paid using the virtual and untraceable currency Bitcoin. This makes it extremely difficult, if not impossible, to track the attack to its source.

The WannaCry outbreak was unique for several reasons. Perhaps of most concern, it appears to have been based on a top secret hacking tool developed by the National Security Agency to spy on adversaries of the United States. The code for this tool was supposedly stolen by a hacking group and posted online, allowing hackers all over the world to see how the tool was designed and how it works. A phishing email was then crafted, targeting users of computers with a specific known vulnerability that had been discovered in March of this year. By scanning the Internet for computers with the vulnerability left unrepaired, the hackers had a rich set of targets.

Users were tricked into opening an attachment or clicking a link, which downloaded the malware onto their computer and began encrypting their data. Another unique element of this attack was that it also acted as a worm, spreading itself from one computer to the next within the same network without any other user needing to do a thing. This contributed to the rapid rate of infection seen that day.

In other words, one person inside a company needed to fall for the phishing email and click the bad attachment or link. Once they did, the hacker’s malware was installed on their computer and installed itself on any other computer with the same vulnerability on the company network.

This is why organizations like England’s National Health Service, FedEx and Spain’s Telefonica saw massive infection that required them to shut down computers in some cases for multiple days until the infection could be purged.

What’s worse is that it was preventable. The flaw this hack took advantage of was fixed March 14, yet nearly two months later, the impact was massive. Interestingly, the impact was worst outside the United States. What this says, which is a good thing, is that in the U.S., most companies regularly update their computers with important updates. This contrasts with the rest of the world, where updating computers is not nearly a high enough priority. This attack proves this.

Ransomware succeeds by tricking a user to open an unsolicited email containing an attachment or link. It amazes me we are still combating this today, as this is a well-known attack vector and perhaps, the easiest to defeat. Education and a little patience is all that is required.

The European Cybercrime Centre has a list of do’s and don’ts related to keeping yourself self:


  • Update your software regularly. At the very least, install all critical and security updates. If in doubt, install all available updates to keep your computer’s operating system up to date and safe
  • Use Anti-Virus and Anti-Malware software. You should also be sure to keep your computers software firewall enabled at all times.
  • Browse and download software only from trusted websites. Avoid sites that offer paid-for software for free, including driver update sites not run by the actual hardware manufacturer.
  • If you keep any data on your local computer hard drive, be sure it is regularly backed up, ideally to the Cloud.
  • If you become a victim of ransomware, report it to the FBI. This helps it track outbreaks and when the opportunity presents itself, get the bad guys.
  • Check if you get hit. This free site, supported by various law enforcement agencies and private industry, may help you recover from an infection.


  • Don’t click on attachments, banners and links without knowing their true origin. What may look like legitimate files, banners or links, may not be what they appear to be. Hovering over the link is one way to check the URL to see if it is legitimate, but it’s far better to manually type in a link to your browser, instead of clicking a link in an email.
  • Don’t install mobile apps from unknown sources. If someone sends you a link to a mobile app for your phone or tablet, don’t click it. Go to the app store and search for the app there to check its legitimacy and install it. And don’t install or run unknown software.
  • Don’t take anything for granted. Verify everything. Confirm with senders they meant to send you any attachment or link. Verify SSL connections by checking the padlock icon to be sure it’s issued to the site you are on. When in doubt, make a phone call before you act.
  • Have you installed software to get free TV or movies? Think twice. It may be stealing data from your computer. Kids fall victim to this far too easily.
  • Don’t pay out any money. This just encourages more hacks and does not guarantee you will get your data back. One of the positives from this latest outbreak was that not much was actually paid out, considering how large the impact was.

I hope this information helps clarify what happened, why and how. More importantly, I hope these do’s and don’ts will help keep you safe from any future outbreaks.

The following image shows a screen shot of the Norse attack map.  This map shows real time intelligence on active cyberattacks taking place around the world.

Norse Map

Here Comes the Next Vulnerability


Just when you thought it might be safe online, news is breaking of a new vulnerability discovered earlier this week.  Of particular concern is that this new vulnerability seems to be more prevalent on home computers that corporate systems.  An outbreak targeting home users could be significantly more damaging that recent outbreaks, which hit over 300,000 computers in more than 150 countries!

In other words, take note of the risk!

Just today, I became aware of a business where multiple users in the accounting department opened an email attachment that appeared to come from their Xerox scanner.  The email arrived from an address that did not exist within the company and the subject said “Scanned Image from a Xerox WorkCentre,” which the recipients took to be legitimate.  The problem is, they did not take the time to inspect the sending address.  Worse, more than one person opened the attached zip file, then the PDF file that was within the zip file and then clicked a link to enable content within the PDF file.  How could they have gone through all these steps and not realized they were infecting themselves?  This actually happens!

The current vulnerability was announced by the US Department of Homeland Securitysamba_logo_4c earlier this week.  It involves a flaw in Samba, which is a freely distributed networking protocol that facilitates file sharing between computers running Linux, MacOS, Unix and Windows.  Any home user that shares files on their home network may be at risk.

As I have repeatedly advised in this blog, DO NOT open email attachments unless you can assure yourself that you are 100% sure the attachment is safe, the sender legitimate and that you are expecting to receive such an email.  Anything less and you are putting yourself at unnecessary risk and will likely find yourself infected.

Target Reaches Data Breach Settlement


I’m sure you are aware that Target’s 2013 data breach is among one of the most publicized data breaches in history.  The breach exposed the account information of millions of Target customers.

This breach received a lot of press coverage as it was considered to be the largest breach of its kind, at the time.  It was also unique, in that the hackers compromised a third-party vendor network to execute the breach.  That third-party is widely reported to have been an HVAC contractor for Target.

A small business, the HVAC company lacked sophisticated defenses to not just preventTarget+Settlement a hack, but to be aware that a hack was taking place.  The hackers gained control of the HVAC company’s computers that connected in to the Target network.  The hackers were able to then infiltrate the Target network and install malware that captures customer credit card account information, names, addresses and more.

Target has been the subject of investigations by 47 states and the District of Columbia, resulting from this hack.  In settling these investigations, Target has agreed to pay the states $18.5 million in fines and implement more layers of data security and implement an information security plan, under the guidance of a new executive to be hired to oversee it.

Part of this new information security plan involves implementing encryption for sensitive data, ensuring that credit card and other sensitive customer account information is housed on a separate network dedicated to this purpose and keep its software up to date to protect against known vulnerabilities.

Some of these steps seem very basic, yet one of the nations largest retailers, with ample resources to protect itself, was compromised.  It’s a reminder, if not a wake up call, to businesses of all sizes that they need an information security plan.  Does your business have one?  If not, you should take steps to formulate and implement one as soon as possible.

Cost associated with data breaches continue to rise and this settlement is just the latest example.  Most businesses do not have the financial resources to survive a damaging data breach.  Take the steps to protect your business by creating an information security plan and reviewing it no less than annually.  Be sure that you are carrying an appropriate cyber insurance policy to protect your business and invest in educating your employees on keeping your business safe.

DocuSign Hacked, Exercise Caution


DocuSignLast week DocuSign, one of the market leaders in online eSignatures and contract execution and management, announced that it had discovered a data breach.  The result?  A targeted phishing campaign using social engineering gathered from the breached data to trick people into executing a document that is not a real DocuSign document.

If you are not familiar with DocuSign, here is an excerpt from their About Us page on their website.  “DocuSign® is changing how business gets done by empowering more than 300,000 companies and 200 million users in 188 countries to sign, send and manage documents anytime, anywhere, on any device, with confidence.”

The phishing attack, which DocuSign acknowledges, targets those who have used DocuSign to sign and execute contracts in the past.  It is doing this using data obtained from the breach.  Through social engineering techniques, users are tricked into activating macro code in an attached Word document that loads malware onto the victims computers.

An important thing to note is that DocuSign never sends attachments and asks the recipient to open the attached file.  That should be an immediate red flag.  If you have used the system, you know that the document you are being asked to sign in the DocuSign system is presented within your web browser over a secure SSL session.  You “sign” the document online and are then presented the option to download a PDF copy of your signed document.  This should be an easy phish to spot, yet people are falling victim to it.

Here is a recommendation that has been put out in collaboration with KnowBe4, our partner in helping to educate our clients about risks like this:

“Hackers have stolen the customer email database of DocuSign, the company that allows companies to electronically sign documents. These criminals are now sending phishing emails that look exactly like the real DocuSign ones, but they try to trick you into opening an attached Word file and click to enable editing.

But if you do that, malware may be installed on your workstation. So if you get emails that look like they come from DocuSign and have an attachment, be very careful. If there is any doubt, pick up the phone and verify before you electronically sign any DocuSign email. Remember: Think Before You Click.”

Simple, but important advice to always verify the source, especially when you are not expecting something that you have received.

DocuSign maintains a good site regarding their security posture at  I recommend you keep watch on this site if you are a regular DocuSign user.




Cloud Computing Won the Preakness!



That’s right, a horse named Cloud Computing won the prestigious Preakness Stakes, the second of the coveted Triple Crown.  Why is this of interest to a technology blogger?  Because it certainly says that Cloud Computing has arrived in the popular vernacular.

My daughters rode horses for over a dozen years, competing in both the English and Western styles, not racing fortunately.  Too dangerous for a father.  It was hard enough watching them compete and occasionally fall.  My girls enjoyed great success in their riding careers, reaching national finals at the collegiate and public school levels.  Each finished in 7th place on the same day at respective national finals.  Over their careers they rode horses named Bond, Dancer, Itchy, Johnny and more, but never one named for a technology.

So, if a horse winning a race as prestigious and well known as the Preakness Stakes is named Cloud Computing, what’s your winning strategy for harnessing the Cloud in your business?  Yes, the pun was intentional.

The Cloud has received a lot of hype over the years, as I have often written about.  Hype aside, every business I work with uses the Cloud, even if they don’t know it.  What’s important is how you use the Cloud and is it optimized to help you reach your business goals.  There are three primary types of Cloud Computing, in addition to the horse type, Private Cloud, Public Cloud and Hybrid Cloud.  Here is a quick, basic summary of what each means:

  • Private Cloud is when you host your own servers in a data center and make them available to users across the Internet or a private connection like a VPN tunnel or a dark connection (one that exists only between your office sites and the data center).
  • Public Cloud is when you leverage a company like Amazon Web Services, Microsoft, Google or one of several other companies that specialize in hosting virtual servers in their data center for you.
  • Hybrid Cloud is a mixture of both private and public and may also integrate servers on-premise in your office.  Often this involves a robust business continuity plan that leverages the geographic diversity of these options to provide high availability, regardless of issues that may be impacting any one of these options.

Cloud Computing is one of the hottest buzzwords in the IT industry and most businesses, across all industries.  Companies are still trying to determine how to best use the Cloud to help them be more competitive and profitable.  Whether this involved moving entire systems to the Cloud or just certain types of services, the goal is to provide a better internal user and customer experience, to help the business achieve its goals.

One of the ongoing risks with Cloud Computing is cost.  There remains a large misperception that Cloud often means lower TCO (Total Cost of Ownership).  This is not always the case.  In my experience, only the smallest of customers are able to move their entire IT infrastructure to the Cloud and also realize cost savings.  Most businesses may see increased costs when introducing robust Cloud solutions.  This is because Cloud moves expenses from the Balance Sheet to the Profit & Loss, so most businesses see an increase in monthly expense.  This is where the finance team needs to be involved, as this may not necessarily be a bad thing, even though it may first appear to be.

Like any technology, don’t jump to the latest and greatest without a well thought out evaluation of the benefits you expect to realize.  You also want to be sure to employ proper management solutions for your Cloud systems, just as you would if it were on-premise.  Of specific concern with Cloud solutions, especially those in the public Cloud, is managing cost.  Public Cloud price models are one of the most complex in the market today.  You will hear terms like compute cycle, IOPS and more.  These all add to your costs and need to be proactively managed so you don’t get an unpleasant surprise with your next monthly billing statement.

I know of one company that learned they were spending $400,000.00 more annually, than they needed to be.  Don’t let that be you!  There are tools that will help you understand, manage and optimize your configurations and utilization so you are not spending more than you need to be.

Cloud Computing is a winner and businesses are leveraging the Cloud for impressive wins.  Are you?

And just for the record, even Fortune Magazine picked up on this story idea 😉

The New IT Purchaser



A new research report titled “Considering the New IT Buyer” from CompTIA, highlights a shift in corporate views of IT from a support function to a strategic asset of the business.

The Computing Technology Industry Association (CompTIA) is a non-profit trade association serving as the voice of the information technology industry.

With approximately 2,000 member companies, 3,000 academic and training partners, 100,000 registered users and more than two million IT certifications issued, CompTIA is dedicated to advancing industry growth through educational programs, market research, networking events, professional certifications and public policy advocacy.

Following are ten highlights from the report:

  1. More business executives are now involved in the IT decision-making process.  These decisions are no longer being solely drive by the IT department or partner.
  2. The incidence of purely “rogue” IT purchases by LOB managers may be diminishing, indicating increasing collaboration between business units and IT.
  3. Many business units now have hybrid positions where job roles are partly technical-, partly business-focused.
  4. Business unit budgets are now including IT projects.  This trend has increased 5.9% over 2016.
  5. CEOs from smaller companies do not have an internal IT presence so they are tasked with managing IT themselves.
  6. CFOs and finance directors are the next most involved in IT decisions and management.
  7. Infrastructure costs remain the domain of IT, while application costs are moving out to the business units using the applications.
  8. Cloud solutions have made it easier for non-IT business units to evaluate solutions.
  9. A generally more tech savvy workforce has brought an increased IT focus to most business units.
  10. This movement of IT decision making out into business units is not without risk.  Compliance, integration and security needs are often overlooked.

Here are a few additional sets of statistics you may find interesting.

With regard to how decisions are made within the IT department as opposed to within individual business units:

  • 49% of respondents state that the ultimate objective for technology is now more business focused.
  • 45% state that most IT ideas come from different areas of the organization.
  • 36% state that more business executives are not involved in the decision-making process.
  • 38% say there are different criteria now being used when evaluating new technology.
  • 27% say that the final decision for IT purchases are now being made outside the IT department.

Of the organizations surveyed, the top strategic goals for IT are as follows:

  1. Implementing systems to enhance efficiencies [39%].
  2. Identifying new customer segments [37%].
  3. Renewing/maintaining key customer accounts [36%].
  4. Launching new products/services [35%].
  5. Innovation [33%].
  6. Hiring skilled workers [29%].

A final point of interest are rationales for centralizing decisions within IT or the business units.

Of the survey participants, respondents said that centralization within IT is optimal because…

  • IT professionals are the experts, not the business units [64%].
  • Business units need to focus on their core mission, not on IT [49%].
  • Security and compliance concerns are IT’s responsibility [40%].

Others contend that decentralization, away from IT, is optimal because…

  • Each business unit understands its individual needs better than IT [61%].
  • Less bureaucratic / faster results [46%].
  • There is more focus on innovation within the business units than within IT [43%].

If you would like to read the entire research report, you may find it here.  Please note that if you are not a CompTIA member, this link may not work for you.  If you are a CompTIA member, please login to before clicking the link.

It Was All Preventable


The WannaCry ransomware outbreak that has dominated new cycles since Friday was preventable.  I’m hoping this will be my last post on the subject, pending any potential developments.

The attack took advantage of a vulnerability in the Microsoft Windows operating system, which was patched on March 14, 2017.  What that means is that Microsoft was aware of the vulnerability and issued an update to fix it.

The problem is that hundreds of thousands, if not millions, of computers were noLockt updated with the patch.  This is really inexcusable.  While it’s true that in the past, and probably in the future, some patches have caused unexpected problems, the percentage of this occurring is relatively low.  The risk in not applying a patch due to this fear, is considerably high as evidenced by Friday’s outbreak.

Another factor that contributed to the success of this attack is the number of unsupported operating systems still in use at businesses throughout the world.  Windows XP and Windows Server 2003 were specifically targeted.  Yet another factor is that only one person within a company needed to initiate the attack.  Once activated, the attack spread across computers in a worm like manner, not requiring additional user intervention to continue spreading.

In my business, we will not support a customer who refuses to replace obsolete and out of support hardware and software, for this very reason.  The risks are simply not justifiable.  I also believe in a layered approach to security, not simply relying on a single line of defense to protect you.  Firewalls need to do more than just port forwarding and packet inspection.  The need to employ advanced services that help safeguard the network against ever changing threat vectors.  Innovative technologies like Cisco Umbrella are becoming a critical layer of defense.  Umbrella is a DNS service that inspects all calls to the Internet and blocks malicious traffic and sites.  An adaptive anti-virus and anti-malware solution that updates in real time, as opposed to downloading daily updates is another important layer of defense.

While Friday’s outbreak appears to be contained, the code has been widely distributed.  This means copycat attacks are a strong possibility.  The sky isn’t falling, but neither are you living inside of Fort Knox.  Don’t let down your guard.

There are some reports emerging last night and this morning suggesting that hackers linked to the North Korean government may be behind this attack.  At the moment, the evidence is not definitive and based on comparisons of past attacks that have been tied to these groups.  It may take months before we definitively know who was behind this attack.

Mid-Day Monday Update: Global Ransomware Attack


As of mid-day Monday, May 15, 2017, the second wave of the global ransomware attack that began on Friday, May 12, 2017, does not seem to have materialized.

Unless you have been completely disconnected from the world over the last 3 days, you have heard about the WannaCry ransomware outbreak.  While a kill switch was activated on Saturday, experts remained concerned that a second wave would still hit this morning, when millions of workers came back to work and turned on computers that have been offline.

It does appear that this has happened in Asia, though Europe, where the attack began, seems to have stabilized.  The United States seems to have endured the least impact from this latest attack.  Most sources report that over 200,000 computers in over 150 countries have been impacted.  Given that there are just under 200 countries in the world, this has hit just about everyone, everywhere.

The UK’s National Health Service was the most seriously impacted on Friday.  While they have stabilized most of their systems, they are still reporting, on their home page, that some services remain suspended, though any critical care remains fully operational and people should not hesitate to go to their local emergency center.

Companies from FedEx to Nissan are reporting severe impact, though most have been able to maintain business operations despite the attack.  China and Russia have both reported some serious impact from this attack, which spared no one.  While Europe is still recovering from the attack, with some companies remaining shut down while the infection is cleaned up, the attack was mostly active in Asia, as workers returned to work and powered up their computers that had been off since before the first reports from Europe began emerging on Friday.

What is most troubling is that this attack was preventable, if people had installed a patch that was released in mid-March.  What this attack has clearly shows is that the US is ahead of the rest of the work in being proactive about installing updates to computer systems.  It also showed that while some household name large organizations were hit, in some countries, it was primarily small businesses who got hit.  This confirms a significant fear that I have long had, that most small businesses do not proactively manage their IT, thereby making themselves more at risk than those that do.

It’s best to remain on high alert and exercise extreme caution with email messages containing links and/or attachments.  I suggest verifying with any sender you receive links or especially attachments from.  This attack appears to have spread through an attachment that recipients opened.  Instead of clicking on links in email, retype the link in your web browser, or go to the home page of the site and navigate to the page the link wants to send you to.  If a link has been compromised or is masking a malicious link, this is one way to try to avoid the malicious intent.  The bottom line remains to click or open as little as possible.

The European Cybercrime Centre, Europol EC3 has released an excellent tip sheet on avoiding ransomware. Download and share this helpful tip sheet with everyone you know.

Europol Infographic

%d bloggers like this: