securityThink you do enough to remain secure while online?  Password security has been a hot topic recently (a subject we will return to in a later blog) but you need to be ever vigilant as more sophisticated threats emerge on an almost daily basis.  We’ve put together the following checklist to ensure your data and systems are never compromised:

  1. Install hardware and software firewalls. One can catch problems the other may miss.
  2. Install antivirus software. Your computer needs to be infected with a virus only once to realise the value of this step. After installation, make sure to always install the updates as they become available.
  3. Never run .exe attachments or downloads unless you are sure of their authenticity. Doing so makes it way too easy for hackers to load a Trojan horse or execute malicious code.
  4. Consider encrypting sensitive data on your computer. If your machine is compromised, your critical documents will be unintelligible.
  5. Be wary of emails from people you don’t know or trust. Delete any emails you think are suspicious. Delete the email from your ‘Inbox’, and delete it again from your ‘Deleted’ folder, or ‘Sent’ folder if you have forwarded on the email
  6. Never click onto a link or an attachment in an email, obtained from a source you don’t know or trust
  7. Before entering any personal data, make sure that the address in the URL begins with https: to ensure a secure connection and that your data will be encrypted.


heartbleed logo

Heartbleed imageThe last few days have seen a particular internet issue, “The Heartbleed Bug”, hit the mainstream media. Terms you may not have heard before are being bandied about as if they are common parlance – OpenSSL, TLS, X.509, RFC, CVE…. So what do you need to know?

How serious is this really?

Let’s just say that “switching off the internet for a while sounds like a fantastic idea” has been said.

Has anyone suffered an attack?

As far as we know at the moment, there have been no real world exploits of this vulnerability, but they might not have been detected. So better safe than sorry.

What is the Heartbleed Bug?

This is a serious vulnerability that allows information, which normally would be protected,  to be stolen.

Communications on the internet use protocols called Secure Sockets Layer/Transport Layer Security (SSL/TLS) to protect information sent to and from your web browser and other applications. This is what is used when you use a web address that starts https:// and you see a padlock or something similar displayed in your browser. These protocols encrypt the information you are sending/receiving and when the encrypted message is received it is decrypted.

What the Heartbleed bug does is enable anyone on the internet to read the memory of systems protected by the vulnerable security software – which is particular versions of OpenSSL. This information compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

What is OpenSSL?

OpenSSL is commonly used software tool kit used to implement the SSL/TLS security. While it is used on a large number of sites it is not used everywhere – the estimate though is that maybe 60% of internet services use it. That is not to say all sites that do use OpenSSL are affected since not all versions have the vulnerability.

Are all versions compromised?

No, the vulnerability was introduced in version 1.0.1 which was released in March 2012 and has been present in all versions up until 1.0.1f. The latest version 1.0.1g had the vulnerability removed and versions before 1.0.1 (most commonly used 1.0.0 and 0.9.8 and 0.9.7) did not have the vulnerability at all.

Are sites and software from Systematic Marketing affected?

No.  None of the sites we manage use OpenSSL so have not been affected by this vulnerability. In our software we do use OpenSSL for communicating with other services but the versions we use are not compromised.

What do I need to do now?

If you have login details for affected sites you should change your passwords, but don’t do it until the site has said that the patched update has been installed. Have a look at the Mashable link below to see sites reporting on the issue.

Where can I find more information?

There are several sites with information:

The official Heartbleed site

The Mashable hit list – a list of major sites that have reported whether you should change your password or not.

The OpenSSL site

A more technical explanation at The Register.

Can I buy the T-Shirt?

Yes you can! Visit heart bleed t shirt at teespring.

Yesterday’s Budget brought some good news for the performing arts.

The Chancellor is extending the tax breaks offered to film to theatres and touring companies. Performing arts companies, including those putting on dance, opera and plays, will be get a tax break of 20%. Regional companies that tour will get a 25% tax break on any initial investment.

After the cuts seen recently this is a welcome move and reflects the ‘unique value that the theatre sector brings to the UK economy’. The Treasury estimates that it is worth up to £15m a year.

How are you getting on with the new requirement to submit Gift Aid claims electronically?

Our latest software, GiftAider  makes submitting your claims painless.  It fully integrates with your existing system and is very simple to use.  It manages the whole process whether you submit 1 or 500,000 donations at a time. As well as keeping the submission records for audit purposes you can validate the data before uploading to HMRC to save time. All data is encrypted for security – (just don’t forget the password as there is little we can do to help in that case!).

Click here to request a free trial, or let us know if you’ve got any questions.

One of the issues in data collection is how we use it. I have always prescribed that data is used as an aid to decision making, but all too often is used as a method of control and apportioning blame.

A recent report on the use of, and future direction for, data in the US cultural industry (don’t let that put you off, there’s a lot to learn from it even for commercial organisations) identified 6 factors that influence the gathering and collection if data and provide some preliminary suggestions for making better use of data. All make sense, but, as you might expect, the one that grabbed my attention was:

“Shift the conversation from data’s value as an accountability tool to data’s value as a decision-making tool.”

But As Barry Hessenius comments in his blog on the report:

“The question that always looms is “how”? How do you refocus all the data, research, information and input that is out there from being merely a tool to prove, after the fact, that a given program, project or approach has met its objective to information that informs decision making in the first place?”

An excellent question indeed.

I’d be interested in hearing how you approach this in your organisation, leave a comment.

Read Barry’s blog post.

The report can be downloaded here.

This is a calculator that you write on. Very clever and very easy to use and it’s free!

  • Works on your smartphone (Android- iOS)
  • Works on your tablet (Android- iOS)
  • Use your handwriting to write any arithmetic formula.
  • Write and calculate mathematical expressions in an intuitive and natural way with no keyboard
  • Supported mathematical symbols:
    • +, -, x, ÷, +/-, 1/x, ()
    • %, √, x!, |x|
    • x, xy , x2
    • cos, sin, tan
    • acos, asin, atan
    • ln , log
    • π, ℯ,
  • Scratch-out gestures to easily delete symbols and numbers

Take a closer look here

Collection boxLast month’s report on Gift Aid and reliefs on donations from the National Audit Office raised this interesting question (press release here).

Gift Aid is an important source of income for charities – in 2012/13 about £1bn was paid in Gift Aid (about 2% of all chastity income) and £940m was provided as tax relief to individuals and companies on their donations.

But the Treasury and HMRC do not know whether these incentives, designed to increase charitable giving, have worked. They don’t know if people and companies give more as a result of these reliefs. This is a lack of evidence on two fronts:

1. there is insufficient evidence that government has actively encouraged take-up of the reliefs so that those charities which are entitled to them get the intended benefits


2.  HMRC has not collected the data which would enable it to conclude how tax incentives since 2000 have affected donor behaviour or if they have increased the value of donations.

And the cost is not just the money handed to charities, it is also the cost of policing the system. Although teh number of charities set up to abuse the system is very small the cost is high (estimate £217m of tax is at risk 2012-13).

The conclusion is that “there is not enough evidence to conclude that reliefs on donations in their current form, and the way they are implemented, provide value for money.”

So does Gift Aid encourage people to give more? Maybe it encourages them to give less. What do you think? Do you have any evidence?


Are you claiming all the Gift Aid available to your charity? Are you using HMRC online Gift Aid submission? If your system doesn’t support this then have a look at GiftAider – free trial available.

As a charity you are always trying to maximise the donations you receive. If You haven’t looked at the Big Give you should look now and I mean right now.

The Big Give is a website that enables charities to pitch their projects and get people to donate, but the BIG thing are the Big Give Challenges. These are for short periods of time and, typically 3 days, and charities are paired with Charity  Champions – these are organisations that match the donations made by the public during the Challenge.

The 2013 Christmas Challenge runs from 5th – 7th December, so if you are not in there then it is too late for this one. But get in there now and start planning for next year.

The 2012 Christmas Challenge raised £10.5m for 350 participating challenges. The Big Give say of the challenges:

The Big Give runs annual Christmas Challenge Funds, which have a number of benefits:

  • The Christmas Challenge is an effective way of inspiring new donors – In 2012, 62% of participant charities gained new supporters.
  • ‘Double donations’ offer encourages new and lapsed donors to give and give more.
  • The Big Give encourages charities to try new fundraising techniques and can be an effective way to increase their social media presence.  In 2012 #TBGchallenge was a UK trend for 2 days, drawing widespread attention to the initiative and the participating charities.
  • The Christmas Challenge can be a good way to source corporate sponsorship.
  • A quarter of Christmas Challenge 2012 participants reported that one or more of their trustees gave for the first time.
  • The model can help charities move donors toward online giving, which also increases the number of Gift Aid claims – Last year, Gift Aid was claimed on 86% of donations, far higher than the national average of 40%


And it’s not all about the challenges. The Big Give showcases the work of over 9,500 charities. We run a wide variety of innovative programmes which help our charities raise further income whilst enabling donors to increase the impact of their donations. AND it is free to all users.


Visit to get started.

“If a friend or family member was having a heart attack or was choking, would you know how to help them? The free app features simple, easy advice on 18 everyday first aid scenarios, as well as tips on how to prepare for emergencies, from severe winter weather to road traffic accidents.”

This app is both an instructional manual for you to learn from and a quick reference guide (with videos) of what to do in an emergency.

All the data is stored locally so you don’t need an internet connection to access this life saving information.

Available for Apple iOS and Google Android. More info on the UK Red Cross website.

Why wouldn’t you have this on your phone?

There are certain things that I always have to look up when creating HTML / javascript , no matter how many times I use them I never remember. So this is my cheat sheet which you may also find useful. Also I’ll always know where to look – so it’s as much for me as you. I usually use the entity numbers as I’m never convinced all browsers support the entity names.

Javascript / CSS

. for classes

# for ids


£    £ or £

€    € or €

¥    ¥ or ¥

Copyright Symbols

©   © or ©

®   ® or ®

™   ™ or ™


°     ° or °

±    ± or ±

×    × or ×

÷    ÷ or ÷

≤    ≤ or ≤

≥    ≥ or ≥

¹    ¹ or ¹

²    ² or ²

³    ³ or ³


…    … or @hellip;

And some I don’t usually forget

<    &lt; or &#60;

>    &gt; or &#62;

&    &amp; or &#38;

non breaking space    &nbsp; or &#160;