Programmers, Pay Attention To Small Businesses. Build An App And Win $10,000

Infusionsoft (sales and marketing software for small businesses) has launched a contest, “Battle of the Apps“. Build an app using Infusionsoft's platform and win up to $10,000. Pretty simple.

Independent programmers and developers who are small businesses themselves have tremendous opportunities to leverage the ecosystems and platforms of larger companies and write software (apps) for these platforms.

It's great when you can not only earn money from people possibly paying to use your app, but also by winning some prize money.

As you write for the small business market, think of those apps that have succeeded the most. They've solved a problem and were often simple to use.

Small business owners are  hungry for applications and add-ons to further enhance the platforms and services they already use â€" it's your job to leverage this market.



Black Hat 2012: Google Bouncer compromises tax Android app security

Google's announcement in February of its Bouncer tool for the Android Market was like a dare to the security research community. Who would break or bypass it first?

Everything we're doing is legitimate and allowed by Google from a developer standpoint. This is an oversight in their security they're applying to applications being approved.

Nicholas Percoco,
head of Trustwave SpiderLabs

Bouncer is a malware scanner that checks Android app security for existing applications, new apps submitted for inclusion into the app store, and apps on developer accounts. It didn't take long for researchers' curiosity to be piqued about the tool, and in short order, Bouncer fell. At the recent SummerCon, researchers Charlie Miller and Jon Oberheide demonstrated a technique where they were able to bypass Bouncer's scanning capabilities and successfully place malicious apps into the market which has since been renamed Google Play.

The assault on Bouncer will continue next week at Black Hat 2012 where two researchers from Trustwave will describe how they were able to bypass Bouncer with a malicious app without hacking into the tool.

Android, written on Linux, is open source and a favorite target of attackers and researchers; this week, Trend Micro reported there were 25,000 malware samples in the wild targeting Android. Couple its open nature with the fact that Android smartphones have the largest market share, according to Gartner numbers released this week (56.1% and 81.1 million devices), and there's plenty of cause for consternation.

Mobile security watchers, in fact, will have all eyes focused on Black Hat where research not only on Android will be showcased, but also Near Field Communication (NFC), baseband hacking, weaknesses in carrier networks and iOS security issues.

The Bouncer talk, however, could prove the most pressing issue for enterprises worried about mobile device security and employees bringing their own devices onto corporate networks. The technique to be described by Trustwave's Nicholas Percoco, head of the company's SpiderLabs research team, and Sean Schulte, developer for Trustwave SSL, will not only affect Google Play, but also private app stores in development by enterprises and government agencies, Percoco said.

"The technique we're going to talk about, even if you were to do a manual or code review, it's likely you would not identify the application as malicious," Percoco said. "We discovered a method we used to bypass the tool and have Bouncer look at an application and think it's benign, but it's really malicious."

Percoco and Schulte began their research shortly after Bouncer was announced. Curious about Bouncer's effectiveness, Percoco said the two built a benign SMS-blocking application that would allow the user to specify a phone number from which to block text messages. The researchers signed up for a developer account with Google, submitted the application for review and had it accepted for inclusion into Google Play. Percoco said they monitored what happened throughout the process and then incrementally added malicious functionality to the application and waited for Google to give the app the boot. Never happened.

"We tried to make the app more malicious over time. The version that was allowed and published had the full capability to steal all photos, contacts, SMS records, phone records and details about the phone," Percoco said. "We had the ability to tell the phone to open webpages we controlled and launch a denial-of-service attack against a site we specified."

Percoco's app had the capability of building a full-fledged mobile botnet; the two also built a command-and-control system to manage any compromised devices, he said.

Percoco said he was the only person to buy and download his application while it was on Google Play. They priced the app at $49.95, an exorbitant price compared to other similar applications available for $2. He said they also monitored activity on the application around the clock, and had it been downloaded, they would have disabled the app.

Percoco said Bouncer is effective at spotting blatantly obvious malicious applications just trying to slip past the automated scanner, but "for the malware writer who sees Bouncer as an obstacle and wants to beat it at its own game, it's beatable," he said.

Percoco said their technique is about beating the gatekeeper at its own game, unlike Miller and Oberheide who tried to get shell access to Bouncer. Miller and Oberheide were able to access Bouncer's innards and learn Bouncer tested applications in a virtual phone, so they designed their mobile app to detect the virtual environment and lie dormant until the testing was done. There were other characteristics common to Bouncer, such as the tool being registered to a particular Gmail account and having stored the same two JPG files.

"We wanted to use all the tools Google supplied to us and did not want to exploit Bouncer to get past it," Percoco said. "Everything we're doing is legitimate and allowed by Google from a developer standpoint. This is an oversight in the security they're applying to applications being approved."

Google has been informed of both Percoco's and Schulte's, and Miller's and Oberheide's research, and acknowledged the issues and promised to improve the tool going forward, Percoco said.

Research on NFC, Baseband processors and iOS security

Miller is on the docket at Black Hat for next week as well, presenting new research on Near Field Communication. Miller's talk will explain a technique where an attacker can compromise an entire device without interaction from a user.

The technique we're going to talk about, even if you were to do a manual or code review, it's likely you would not identify the application as malicious.

Nicholas Percoco,
head of Trustwave SpiderLabs

Black Hat mobile track chairman Vincenzo Iozzo, director of vulnerability intelligence at New York City-based Trail of Bits Inc., said this year's mobile sessions move beyond the security issues common to both the desktop and mobile device. "The idea behind the track is not to focus on application-level stuff; that's been done and we know there are bugs that can be exploited," Iozzo said. "We want to see what's different.”

Ralf-Philipp Weinmann, research associate at the Interdisciplinary Centre for Security, Reliability and Trust at the University of Luxembourg, will do a talk on baseband attacks, a dangerous new attack vector for mobile devices. Baseband processors, separate from the mobile OS processor, implement the GSM or 3G stack on a device. All phone calls and data first pass through the baseband, which gives the OS processor necessary information to proceed. Iozzo said an attacker compromising the baseband would have a huge advantage because no forensic tools exist for that layer. More interesting still, past exploits required an expensive base station and proximity to a device to succeed; not always a feasible situation. Weinmann's attack can be carried out remotely, Iozzo said.

Collin Mulliner, a researcher at Technische Universitaet Berlin and Deutsche Telekom Laboratories, will present his research on carrier networks and what types of devices and data live on those networks unsecured, such as security cameras and smart grid management interfaces.

"My take for [the track] was that we should really try to change the way we think about mobile," Iozzo said. "I do not like to compare it to a smaller desktop and be worried about exploits, but be more focused on what's unique about mobile that we don't see on the desktop."




All Teens Are Not On Social Media. They Check Email Too (Survey Shows)

For some reason, we think that EVERY teenager is on social media and forsaking email. Sure, MANY are using email, quite a bit, but many are also still actively using email, says a survey by email services company AWweber.

In a survey they took of almost 1,000 high school and college students they found that 93% prefer email and mobile phones, followed by Facebook and other social media sites.

Key take aways from the survey indicate:

  • Email remains a valuable channel for teens, used by 93% of the survey participants. Of the 93% of teens with mobile phones, 53% use their phones regularly to access email.
  • Younger generations live their lives online, with 91% of teens spending up to 30 hours per week on the Internet.
  • Teens quickly adapt to the changing technological landscape. When asked how they would react if their favorite communication channel disappeared, 43% of participants mentioned the ability to easily replace one social network with another.

Read the full study here.

 

 



Summer Financial Checklist For Small Business Owners

Now that summer is well under way, our focus is often on beaches and barbecues, not necessarily business finances. Yet the mid-way point is the perfect time to review the financial and tax health of your business.

dollar on beach

Financial planning is an ongoing process for small business owners and taking actions now can help you lower your 2012 taxes and put you in a stronger financial position for the year ahead.

Here are seven steps to take once we've hit the midpoint:

1. Meet With a Tax Advisor

Too often small business owners wait until it's time to file their returns to start thinking about taxes. Have you ever met with a CPA or tax preparer and been told you could have lowered your tax payments if only you had acted earlier?

Make a mid-year appointment when you'll both have more time to discuss your financials. Most importantly, you'll still have plenty of time to act on his or her suggestions within 2012. Or you can register for a free Small Business Tax Training webinar to get a handle on commonly missed deductions, available tax credits, and more.

2. Assess Your Estimated Tax Payments for 2012

Now that we've hit the midway point, review what your business has made year to date and your forecast for the rest of the year. Then assess your estimated tax payments to avoid underpayment penalties, as well as overpayments (you could be doing more with that money). Adjust your final two estimated tax payments for 2012 as needed.

3. Re-evaluate Your Business entity 

Many small businesses start out as sole proprietorships or partnerships, but then eventually transition to another entity. For example, if your business is not incorporated, you may want to consider incorporating (either as a C Corp, S Corp, or LLC) to shelter you from some financial risk and possibly save money on taxes. Sometimes an entity is formed with one income target in mind, and you might need to reconsider the entity for a different income level. Failing to adjust your business entity for your revenue can be a costly mistake. Discuss the different legal entities with your CPA, so you can determine the right entity for your situation and the right time to make the change.

4. If You Have an S Corporation, Review Your Salary and Distribution Requirements 

If your business is structured and taxed as an S Corporation, make sure your salary and distribution payments are at the optimal levels. Too often, S Corp owners don't properly balance the amount the S Corporation pays them as salary vs. distribution. The result can be either higher taxes or an increased audit risk.

5. Take Charge of Your Recordkeeping

To make the most of your business tax deductions, you'll need accurate, comprehensive records. If you haven't been keeping track of your business expenses, get caught up now. If you find yourself struggling with this administrative task, look for a new solution ? whether it's offloading the task to someone else, investing in a technology solution (like a receipt scanner or iPad app), or dedicating 30 minutes each week to expense tracking. You'll be grateful come tax time.

6. Plan Equipment Purchases

Take advantage of a first-year expense write-off for equipment placed in service by the end of the year. Business owners and self-employed individuals are allowed a first-year depreciation deduction of 50% of the cost of qualifying property acquired and put in service in 2012. For 2012, the maximum amount that can be deducted under Section 179 is $139,000 (inflation adjusted). Based on current law, the limit is set to fall to $25,000 next year. While we can't predict what will happen in the future, if you're considering taking advantage of this tax deduction, you should do it in 2012.

7. Plan for Retirement

If you haven't done so already, take time to set up a retirement plan or reassess your contributions. Contributing to an IRA, Keogh, simplified employee pension (SEP), or other retirement plan is an essential way to plan for your future and reduce your taxable income. The specific rules, contribution limits, and deadlines vary by plan. Make an appointment with your CPA to discuss the best retirement option for your business.

I know it seems like the ink has barely dried on your 2011 taxes, but remember that the best time to plan for your taxes and financial health is 365 days a year.

Dollar on Beach Photo via Shutterstock




Black Hat 2012: Hackers to explore malware analysis, next-gen attacks

Cybercriminals are building malware with stodgy defensive capabilities and evasion techniques, making detection and analysis increasingly difficult for security researchers. At the same time, new attack vectors are threatening the security of embedded systems and the underlying hardware that powers laptops, smartphones and other devices.

While we usually say malware can do this or that to avoid detection, it's interesting to see up to what point large scale malware developers are going to avoid being analyzed.

Stefano Zanero,
security researcher, assistant professor, Politecnico di Milano University

Researchers will share insights into next-generation malware and hacker techniques at the 2012 Black Hat Briefings in Las Vegas next week. Three talks in particular will highlight the increasing challenges being faced by security engineers to dissect malware and the broadening attack routes that cybercriminals could take to evade detection.

Malware writers are beginning to get down into the underlying hardware of most systems to avoid detection by security software, said Stefano Zanero, an Italian researcher and assistant professor at Politecnico di Milano University. During a webcast previewing Black Hat, Zanero, who is overseeing the malware track, explained why some of the research into emerging threats could be troubling to the information security community.

"While we usually say malware can do this or that to avoid detection, it's interesting to see up to what point large-scale malware developers are going to avoid being analyzed," Zanero said.

Rodrigo Branco, director of vulnerability and malware research at Redwood City, Calif.-based Qualys Inc., will talk about the techniques malware authors are currently employing to avoid detection. Blanco is cataloging the evasion techniques, running various tools through a database of millions of malware samples to track the effectiveness of emerging techniques.  Meanwhile, Chengyu Song, a PhD student at Georgia Institute of Technology, will discuss current malware analysis environments and the cybercriminal techniques that could permanently disadvantage automated malware analysis. Song plans to use the Flashback botnet as an example of a technique its author used to prevent automated analysis.

A sophisticated attacker could also choose to bypass the operating system altogether and still conduct attacks. Jonathan Brossard, founder and CEO of Germany-based Toucan System, will demonstrate a BIOS-level attack, backdooring various Intel-based motherboards. The attack, which could be done sometime during the manufacturing and shipment of a PC or device, can permanently subvert the security of the computer, even after re imaging the system's hard drive.

"Very few of us are wondering about the safety of the process of which our PC is being delivered to us and in which our PC has been manufactured," Zanero said. "The fact that you can construct a BIOS component … completely transparent to how we usually check our system for malware … and do this without touching the PC, is quite scary."

Breaking embedded systems

Chris Rohlf, founder and president of New York-based Leaf Security Research, is overseeing the Breaking Things conference track and said this year's speakers will be presenting on a chaotic mixture of topics. "I think the talks that we have this year are really going to not only resonate with a lot of people, but they're also going to be very entertaining."

The talks cover ways to break hardware, software and current defenses, said Rohlf, who is giving a session this year on bypassing (not breaking) Google's Native Client sandbox.  With cybercriminal sophistication moving down into the underlying hardware layer of devices, no doubt embedded systems are under increased scrutiny, Rohlf said.

In a session titled "PINPADPWN," researchers “Nils” and Rafael Vega of U.K.-based MWR InfoSecurity, will expose payment terminal weaknesses. Nils and Vega plan to expose memory corruption vulnerabilities, demonstrating a way to target flaws in the payment applications that run on device firmware. Successfully exploiting the flaws enables an attacker to gain control of the terminal.

Other track sessions will focus on breaking software. Google researcher Fermin Serna will talk about weaknesses in Address Space Layout Randomization (ASLR) that could result in information leakage. James Forshaw, a principal consultant at U.K.-based Context Information Security, will demonstrate a way to break partial trust sandboxes in .NET applications.




Mayer\'s 73 million reasons to shout \'Yahoo\'

Marissa Mayer Yahoo chief executive Marissa Mayer stands to receive as much as US$59 million ($73.58 million) in compensation in coming years after agreeing to leave Google to run the troubled web portal.

The total includes US$3 million in salary and potential bonus and US$12 million in restricted stock units and stock options, according to a filing yesterday with the US Securities and Exchange Commission.

She is also set to receive US$30 million in one-time retention awards and US$14 million to make up for stock-based compensation she would have received at Google.

Mayer, 37, took the helm on July 17, the day Yahoo reported second-quarter sales that were little changed from a year earlier.

The results underscored the challenge she faces as the fifth chief executive in three years attempting to revive growth at Yahoo.

The company lags behind Facebook and Google luring the online advertising that makes up most sales.

"You have to build in sort of a risk premium," said David Larcker, a professor at Stanford University's Graduate School of Business.

"She has to change the strategy and redeploy assets, make it work.

"And she's a very well-known person, aggressive, successful. You're going to have to pay a sizeable wage."

Mayer will juggle her role as chief executive with being a new mother.

She said on Twitter that she and husband Zachary Bogue were expecting a baby boy.

Yahoo set Scott Thompson's pot-ential compensation as high as US$27 million before he stepped down in May over inaccuracies in his resume.

Carol Bartz, his predecessor at the California-based company, stood to earn about US$10 million during her last year in the job.

She was fired in September amid frustration among investors such as hedge fund manager Daniel Loeb over her handling of strategy.

Mayer followed Ross Levinsohn, who ran Yahoo on an interim basis after Thompson resigned.

Yahoo has edited the language in its offer letter since the one it gave Thompson in January.

Mayer's letter requires her to affirm "all information provided to Yahoo or its agents with regard to your background is true and correct", while Thompson's stated only that the offer was contingent on a background check.

- Bloomberg



Google Ads May Be More Valuable Than You Thought

Who ever said that nobody clicks online ads? Many companies might dismiss Google advertising because they think such ads are ignored by online consumers. But a new study released by internet marketing company WordStream illustrates that that's not always the case.

In fact, paid search listings are beginning to take up more and more real estate on Google search pages, as you may have noticed. And even though organic search results still yield more clicks overall, those who are ready to buy are actually almost twice as likely to click sponsored search results than an organic search results. WordStream distinguishes these consumers by their keyword phrasing.

For example, those who are ready to buy something use keywords with high commercial intent like “toaster oven reviews” or “best internet marketing software.” Those who use enter searches like “coffee shop” or “when is the election” are less likely to be looking to buy something and were found to be less likely to click sponsored search results.

WordStream's graphic at the end of this article illustrates many other statistics that businesses might find useful or interesting.

For example, on an average Google search page, the three sponsored ads at the top of the page yield about 41% of the page's clicks, and they take up a large portion of the above-the-fold space. Almost half of Google users in a recent survey couldn't distinguish the paid ads from the regular search results if there wasn't a right column.

So for small businesses that have dismissed using Google's pay-per-click ads, it might be time for a second look. Many companies choose to rely heavily on search engine optimization to gain pageviews organically, but for those who want to reach customers who are ready to buy, sponsored search results could help you land a whole new set of customers.

“If your goal is to try to actually sell products or services online, I think the research shows pretty clearly that paid search advertising isn't optional,” said Larry Kim, Founder/CTO of WordStream, Inc. “Sadly, I think that people who think otherwise are just stuck in denial.”

Of course, Google offers many different advertising options, which are covered in less detail on the graphic below. See WordStream's post for more information about their study.




Are You Prepared For The Worst? Four Steps To Disaster Prevention and Recovery

Your computer stores almost everything your business depends on to continue running. What if, one day, that computer started making a strange clicking noise and, a month later, the hard drive just stopped working? In most cases, this would mean that you completely lost all of your data without any chance of recovery.

This kind of phenomenon can set your business back for several days and could possibly require you to shell out a ton of cash. So, how do you prevent something like this from happening, and how do you rescue at least some of your data when the big moment does happen? If it's too late, are there things you can do to solve this?

These are all legitimate questions that all business owners who depend heavily on their computers have asked themselves at one point. If you haven't asked these questions, perhaps it's time you start finding the answers before you need to ask, “What do I do now that my whole business just went kaput?”

Here are four steps in the disaster prevention / recovery process provided in part by DriveSavers, a company that deals on a day-to-day basis with data recovery for businesses and professionals:

  • Prevent any issues - If you don't want a disaster, preparing for one goes a long way from making it nearly impossible for one to appear. Have you seen how cheap Cloud-based backup services are? Some of them are actually free! There's no reason why your business website shouldn't have a non-local backup. Make local backups with “hot-swappable” media or an external drive if you can. It doesn't cost much, and can certainly save you from a heartache.
  • Don't panic when things go south - If you can't find a file or folder, you probably didn't lose it. Look in your recycle bin or search for it via the “Start” menu, if you're using a Windows machine. Similar options exist on other operating systems.
  • Get a backup as soon as you smell something's wrong - If your computer is starting to act weird or makes certain noises, it's imperative that you get a backup going as soon as you can. You can't put this off.
  • Send the computer over for data recovery - Once your computer goes “poof,” you're not out of options. You can still send it to a disaster recovery firm that will extract the contents of your precious data wherever it can. DriveSavers (link above) is one, and you can also use alternative services like SalvageData.

When disaster strikes, you don't necessarily have to shrug your shoulders, call it a day, and admit defeat. There are tons of ways of securing your data and just as many ways of getting it out of a hard drive that went “plop” at one point.



GoDaddy Is Changing From Sexy Selling To Serious Business and Providing Biz Management Solutions

I've been a long time GoDaddy customer. Like many of you, I started using them as they had very cheap domains and I have over 100 or so. Like many of their competitors, including Network Solutions, they provide much more than domains but pretty much every web related online service you could want including web site building, web hosting, search engine optimization, email marketing and more.

What I have not understood is why GoDaddy chose to use sexy women to sell it's brand. This is slowly changing.

If you look at GoDaddy's web site, there is a male race car driver and the site is much more business focused. You can still find videos with scantly clad ladies, but there surely is a shift from sexy selling to business solutions selling.

Another big shift is GoDaddy's focus on providing business solutions beyond online marketing solutions â€" they bought Outright.com (a financial management service) recently.

Instead of just providing online services, my guess is that GoDaddy will begin to provide a holistic number of solutions to small businesses and of course compete more aggressively with other small business focused companies â€" including Intuit.

GoDaddy was founded by Bob Parsons (a former Marine), who I've had the pleasure of interviewing. Now that GoDaddy is in the hands of new owners, look for new and fresh changes.



Angela Benton of NewMe Accelerator: Bringing Your Dream to Launch

If you've developed an idea that simply needs a little refining but is close to launching, then I'd like to introduce you to Angela Benton, Founder of NewMe Accelerator. NewMe Accelerator can help you develop a high powered connection in Silicon Valley and provide that much needed push prior to launch. Tune in as Angela joins Brent Leary to discuss how NewMe Accelerator can help you bring your dream to life.

* * * * *

Angela Benton of NewMe AcceleratorSmall Business Trends: Can you tell us what NewMe Accelerator is?

Angela Benton: NewMe Accelerator is a startup technology accelerator for entrepreneurs who are under represented in the technology industry. If you look around and see who is successful in running businesses in the technology space, more than likely, they are white males. Our mission and goal is to diversify the industry.

Small Business Trends: How does NewMe Accelerator help?

Angela Benton: We actually bring people to Silicon Valley and incubate them in a sense. While they are working on their startup ideas.  They pitch to investors at the end of the program.  What we're really helping them do is get a connection, a really high powered connection in Silicon Valley.  That is really what it's all about.

Small Business Trends: How important was it for you to make the physical jump to Silicon Valley?

Angela Benton: It's very important for us to be based in the heart of Silicon Valley. We're all tech savvy.  We're on social media and know a lot of people, however, most of them we never actually met in person. You know it operates totally different in Silicon Valley.

I don't do a lot of phone calls. I do a lot of in person meetings.  People want to actually meet with you and talk with you.  They know you and they met you in person. When you look at a lot of the barriers to entry and, of course, access to capital is another one, but it is access to a good network of people that can help you.  Whether it is an investor, an advisor or whether you are building a team.

Small Business Trends: How do you go about selecting who gets into the program?

Angela Benton: We have a lot of different criteria we look at. It ranges from the actual product, the idea, to the entrepreneur's background, to other kinds of criteria that is in our “secret sauce.”

There are great programs like YCombinator and 500 Startups.  But one of the things that is most important to me is not that we are trying to replicate exactly what those folks are doing. We want people in our program that are good for NewMe.

Small Business Trends: Do most folks come in with a fully baked idea?  Or do they come to hone the idea and prepare for potential investors?

Angela Benton: We are early stage.  But early-stage is such a huge category. Ideally, we like to have those that already have something developed, that they need to refine, or that they are very, very close to launching.  We can help them refine it and bring it to launch.

The program isn't the best for someone who woke up yesterday and said, “I have an idea for a website or a web application.  But I just need someone to help me get it started.”

Small Business Trends: What kind of things should entrepreneurs expect if they were accepted into the program?

Angela Benton: The first week is really fun.  It's a whirlwind. We have a welcome event that has historically been at Google, where they are required to give a two minute high level overview of what they are working on.  They do so in front of an audience and in front of judges. The judges give them feedback throughout the program; for some that can be stressful, for some it is exhilarating.  For us as a program, it's a way for us to measure where you are when you come into the program.

Small Business Trends: What role are Google and other sponsors playing in the success of NewMe?

Angela Benton: All of our sponsors are really our partners so we don't take sponsorship that is from any and everybody. We really want people who believe in what we are doing, but can put some skin in the game.

Google has been a tremendous help whether it is helping us launch this financially or basically giving us access to resources. They are sending out developers.  Developers' advocates to actually work one on one with the Founders.  They have helped tremendously.  The same as with our other sponsors Andreessen Horowitz and everyone else.

Small Business Trends: What are some of the challenges when it comes to getting this kind of program up and running?

Angela Benton: One challenge that I did expect, but I thought I had mitigated, was the fact that people see us as a charity.

Even though I did not form a non-profit and we stayed a for-profit, some folks see us as that way because we are helping people. I don't know if it's because we're helping minorities or if it is just because we don't make financial investments.

The investments we make are to house people, get basic transportation, access to food, and mentorship in the network. What we like to say is, “We put sweat equity into the Founders.”

Small Business Trends: What are some of the differences that you have consciously put in place that makes NewMe a little different?

Angela Benton: In addition to our program being solely focused on folks who come from different backgrounds, it is residential. You don't go and rent an apartment and then come to our office on X,Y and Z day. You are totally immersed the whole time.  As a result, you are developing your own kind of network while you're there.

Small Business Trends: What is next for a company that graduates?

Angela Benton: That is why our application process is very important. We really look for people who have personal ambition. We can give people access to investors and information, we can give them a place to live and live out their dreams. So what is next for that company is what they make it.

This interview is part of our One on One series of conversations with some of the most thought-provoking entrepreneurs, authors and experts in business today. This interview has been edited for publication. To hear audio of the full interview, click the right arrow on the gray player below. You can also see more interviews in our interview series.

Whether you're growing your business or starting a new venture, BlackBerry solutions provide you with the freedom you want and the control you need. [Series sponsor]

 


Why a Mobile Presence Just Might Save Your Business (Infographic)

If you have a website that processes online orders or offers advice to customers about using your products, your web presence is definitely one place you must keep clean and presentable at all times. This is the center of online operations for your business. Sometimes, without it, your office is just collecting dust.

While your web presence is an important part of your business, you're also missing out on a gigantic opportunity to expand your customer base if you don't make it compatible with mobile devices. The least you can do is make your website “mobile-friendly.”

Recently, the folks at Web.Com have come up with an infographic that describes the new mobile phenomenon:

As you can see, only a small amount of businesses have a ‘mobile friendly' or ‘standalone mobile site.' Implementing such an enhancement would require a lot of time on your behalf and investment, but the investment doesn't come with its returns. Since mobile sites are kind of a rarity, especially with small businesses, this gives you a significant edge over others that operate within your domain.

Getting your head out of the water is the first step to leveling the playing field against your competition.

Yes, we've been preaching for eons on how you have to get a website going and now we're preaching to you to make that website mobile. It's like someone telling you to make a birthday cake, and then telling you five minutes later to make it with five layers. But think of how fast technology is evolving right before your eyes. Ten years ago, there were a couple of people with smartphones and the majority of the world still believed that their old Motorola RAZRs will hold out for another half a decade. Now look at what happened! We're governed by these little things.

Don't get too caught up in other things to think of the enormous benefits you'll reap from creating a mobile presence on the Web. You and your customers will both win when you provide them with another way to reach your establishment!



APWG reports on the highest number of phishing sites ever detected

The highest ever number of unique phishing sites was detected in February.

According to the Anti-Phishing Working Group (APWG) report for the first quarter of 2012, 56,859 unique phishing sites were detected in February, while between 25,000 and 30,000 unique phishing email campaigns are detected each month.

The APWG said that the previous record high of 56,362 was recorded in August 2009. Over half (55.37 per cent) of these were registered in the USA.

Ihab Shraim, CISO and vice president of anti-fraud operations and engineering at MarkMonitor, said: “Phishing measurements are up across the board, with one of the biggest increases we have ever seen in a single quarter.

“While this increase is chiefly due to new phishing detection technology that we began rolling out early in 2012, we also observed the payment services category returning to its position as the second most popular phishing sector and large increases in activity in the social networking, ISP and government sectors, too.”

The report found that the financial services sector was the most targeted industry sector in the first quarter of 2012, with 38.1 per cent of campaigns against it. The next most targeted was payment services with 21.5 per cent.

It also found that the average number of infected PCs across the globe stood at 35.51 per cent, which was more than three points lower than in 2011. China was the highest infected country with 54.10 per cent; the UK was ranked 29th with 24.17 per cent.

Data from Kaspersky Lab's June spam report found that phishing emails accounted for 0.01 per cent of all email traffic. Symantec's June 2012 intelligence report found that the global phishing rate increased by 0.04 per cent in that month, taking the global average rate to one in 467.6 emails (0.21 per cent) that comprised some form of phishing attack.

Luis Corrons, technical director of PandaLabs and an APWG trends report contributing analyst, told SC Magazine that most of the phishing sites are still down to websites being compromised, while this exceptionally high figure can be for different reasons, including that the more websites there are, the more that are compromised, the percentage is the same everywhere.

“However, one could expect that some less technologically advanced countries had a poorer security and therefore they would be hosting more malware,” he said.

He also said that he had not seen any increase at PandaLabs recently, confirming the recent information from Kaspersky Lab and Symantec.



Project 2020 set to investigate global trends in cyber crime

The International Cyber Security Protection Alliance (ICSPA) has announced the launch of a global consultation into cyber crime.

Project 2020 will be led by the European law enforcement agency Europol and combine expertise from global law enforcement agencies, (ISC)2, ENISA and cyber security companies McAfee, Atos, Cassidian, Digiware, Core Security and Trend Micro.

Its aim will be to analyse current trends in cyber crime and how they may evolve over the next eight years and beyond. It will also spot emerging trends for cyber attacks.

Project 2020 will deliver information and recommendations that raise awareness amongst governments, businesses and citizens to help them prepare their defences against future threats. It will also deliver policy briefs and whitepapers on evolving threat scenarios, and establish a monitoring mechanism to assist organisations that combat cyber crime.

John Lyons, chief executive of the International Cyber Security Protection Alliance, said: “During the past 24 months, critical infrastructure in countries around the world has been under daily cyber attack from both organised criminal networks and state-sponsored entities.

“Cyber crime is notoriously difficult to tackle, given the international structure and capabilities of some of the criminal networks we see in operation. It used to be inherently difficult to combine international efforts to fight cyber crime; this project will for the first time, bring together experts globally, with a remit to identify and fix weaknesses in our systems before they come to market.”

Hord Tipton, executive director of (ISC)2, said: “We applaud this opportunity to not only facilitate consultation, but also improve policy development around the world. We will be encouraging contributions from the breadth of our membership who come from government and private business, and will be able to provide insight from the coalface of current practice in the field.”

Dr Victoria Baines, strategic advisor on cyber crime at Europol, will be the director for Project 2020. She said: “Cyber crime evolves as quickly as technology, and technology develops so quickly that the unthinkable becomes the mainstream before we can imagine. Furthermore, criminals today can still surprise us as they move from region to region around the world.

“We have the groups around the table who can make sure this will no longer be the case.”

Anthony O'Mara, head of global business operations at Trend Micro, said that Project 2020 shows that the ICSPA is not just a talking shop, but will challenge business to recognise the need to share beyond their company borders.

“Cyber criminals are by nature difficult to police given the trans-national efforts they undertake to evade detection. We're very pleased to be an active member of the ICSPA working with Europol, governments, industry and business sharing a common goal of sharing knowledge, skills and resources and meeting our company's vision of a world safe for exchanging digital information,” he said.



Corero adds service to detect and block DDoS attacks

Corero Network Security has announced the launch of ReputationWatch that identifies and blocks distributed denial-of-service (DDoS) attacks.

Corero said that ReputationWatch will identify known malicious entities and block access to ‘bad' IP addresses based on their reputation or geographical origin in response to the latest intelligence.

It will monitor for constantly changing IP addresses and bots that fall within the recognised botnet command structures and those that have historically participated in malicious content attacks. The company said it will prevent network access, reduce the number of false positive alerts and eliminate costly downtime by ensuring the network is always up.

This analysis capability means that the IP address is subsequently unblocked when it is no longer a source of attack. Also, IT administrators are able to set access policies for each nation, allowing the business itself to deny or control the rate of traffic from certain countries, said Corero.

Ashley Stephenson, executive vice president of Corero, said: “The launch of ReputationWatch is another key step towards enhancing Corero's extensible platform to provide a first line of defence to combat threats, protecting IT infrastructure and eliminating costly downtime.

“By adding this extra functionality to the DDoS arsenal, businesses can continue to attack the threat head on with the knowledge that their network will be automatically updated and configured against the latest malicious threats, saving both time and money for the organisation.”



What Microsoft\'s Purchase of Yammer Means for Small Businesses

By now, most small businesses have heard of Sharepoint, but many still aren't sure how to make it work on a smaller scale. Yammer, on the other hand, offers an enterprise social networking model that, when combined with Sharepoint's file-sharing capabilities, may provide just the solution small businesses need.

Launched in 2008, Yammer provides private social networking in the enterprise environment. In the years since its inception, Yammer has added an unprecedented number of new usersâ€"four million in its first three years. More than 200,000 companies worldwide use Yammer, according to its website, and 80% of all Fortune 500 companies use the service.

However, a business doesn't have to have hundreds of thousands of employees to use Yammer. In fact, Heyworks Unity Studio switched to Yammer when the company of 15 workers grew tired of Skype's many notifications. The company posted seven reasons small businesses should use Yammer, some of which included the ability to easily collaborate on documents within the software, set up groups, and create polls.

Small businesses like Heyworks Unity Studio find that Yammer is useful for getting to know co-workers on a personal basis, as well. You may find you have a personal interest in common with someone you've worked alongside for years. This kind of in-house social networking also helps new employees get to know everyone more quickly.

Will Microsoft's acquisition of Yammer create a collaboration between Sharepoint? After all, both services allow multiple users to collaborate on documents. Yammer simply extends that collaboration to social networking. Enterprise portal eXo doesn't think it will be quite that easy.

“Yammer may enable Microsoft to offer a freemium social service, but it's going to have a hard time cost-effectively attaching SharePoint to that service because Yammer is multi-tenant and SharePoint is not,” Benjamin Mestrallet, founder and CEO of eXo, says. “They'll sort out the integration eventually, but probably not quickly.”

eXo creates social networking and collaboration spaces for businesses. Because its solution is tailored to the end user, eXo often appeals to smaller businesses, who might not have a need for Sharepoint's many features. Sharepoint can be pricy for smaller businesses, with the per-user license fee making it a less cost effective solution. By choosing a solution that can be customized to your individual needs, you might be able to create the same workspace for less.

Still, the Yammer-Sharepoint merge may provide more for your small business's buck, making it a more ideal solution. Yammer is quick to stress on its website that the collaboration means Yammer customers will have the same service, with gradual integration of other Microsoft collaboration tools.

“Over time, you'll see more and more connections to SharePoint, Office365, Dynamics and Skype,” Yammer promises. “With Microsoft's backing, our aim is to massively accelerate our vision to change the way work gets done through software that is built for the enterprise and loved by users.”



Been Working My Way Up

management business cartoon

Normally, when I talk about a cartoon I explain where it came from, what inspired it, or what was happening when I thought of it. But for today's cartoon, I'm going to point out a tiny but significant detail in the background that you probably didn't even really see.

Look out the window behind the dog, see that city back there? It's crucial.

First, it sets the scene in that the office you're looking at is probably high up in another important building to secure that view. Secondly, the buildings are detailed just enough to be read as buildings instead of a stack of boxes or something else, but vague enough to be located pretty much anywhere. And lastly, the idea that you're seeing the city outside the window suggests a successful executive's office instead of a more mid-level employee's office without a view.

And that all reads (hopefully) and influences the rest of the image in less than a second before you decode the dog, the other cast member, and the caption.

A few simple lines in the background can make all the difference between a good cartoon, and a great cartoon. And talking dogs never hurt either.




eBay Beats Forecasts with 23 Percent Growth in Q2

E-commerce remains an important component of online business, and eBay is one of the most successful companies in the industry, so much so that experts have often considered its success an indicator of the overall market. Here's more about its growth and what it may mean overall.

E-commerce Explosion

Taking giant steps. E-commerce giant eBay showed a 23 percent increase in revenue, reaching $3.4 billion in the Q2 ahead of projections. The biggest part of that growth occurred in eBay's Marketplaces, which grew by 15 percent to $16 billion internationally. TechCrunch

Shop 'til you drop…the phone. Another substantial part of eBay's growth also came from what the company's CEO John Donahoe calls a “staggering surge” in mobile shopping. In January, eBay was anticipating $8 billion in gross mobile sales over 2012 on either smartphones or tablets. Mobile shopping may be important to your e-commerce sales this year, too. All Things Digital

Options Abound

There's success in simplicity . Famed VC Fred Wilson maintains the real success of e-commerce, and especially mobile e-commerce, lies in its simplicity. Wilson said he has seen the same thing in the companies where his firm invests its funds that eBay's numbers are showingâ€"that mobile commerce is exploding. A VC

PayPal takes a swipe at mobile. Mobile shopping is expanding beyond Ebay's core e-commerce business. PayPal, the online payment solution eBay acquired in 2002, anticipates $10 billion in mobile payments this year, some including the company's PayPal Here option, which allows small businesses and other users to process credit and debit transactions via smartphone or tablet. Fierce Mobile Content

Tools & Tactics

Bill Me Later, Please! Another new feature PayPal's introducing will likely have great impact on e-commerce for small businesses as well. Bill Me Later offers credit to online shoppers, allowing them to pay later, usually by a  few months, while paying the merchant immediately. Bill Me Later is not only likely to increase Pay Pal's revenue, but also revenue for online merchants who use PayPal to receive payments. Reuters

Lending sellers a hand. The e-commerce explosion is attracting financing options for online merchants, too. Online lender Kabbage is offering that financing primarily to online businesses selling through eBay, Amazon, Yahoo!, Shopify and Etsy. Time

Savvy strategies spur growth. Just like brick and mortar retail, e-commerce requires a strategy. Here are some tips for growing your e-commerce business, whether you use eBay or other sites and tools to reach your customers. Share your own strategies for e-commerce below. Practical E-commerce



Online ads help Google post $3.4b profit

Google has reported a surge in quarterly profit to US$2.79 billion ($NZ3.47b) on the back of rising online advertising revenue, beating Wall Street expectations.

The California-based online search titan's profit rose 11 per cent in the quarter ended June 30 as consolidated revenue climbed 35 per cent to US$12.21 billion compared with the same fiscal quarter last year.

"Google standalone had a strong quarter with 21 per cent year-on-year revenue growth, and we launched a bunch of exciting new products ... in particular the Nexus 7 tablet, which has received rave reviews," said chief executive Larry Page said on Thursday.

"This quarter is also special because Motorola is now part of the Google family, and we're excited about the potential to build great devices for users."

Google's stock price rose to US$610.45 in after-hours trade that followed the release of the earnings figures.

The company has stated publicly that it intends to allow newly-acquired Motorola Mobility to keep its autonomy as it battles in the hotly contested smartphone market.

Google in May completed the US$12.9 billion deal for Motorola Mobility, a key manufacturer of smartphones and other devices that put the internet giant in head-to-head competition with Apple.

Google acquires 17,000 patents with the purchase of Motorola Mobility and has been strengthening its patent portfolio in the fight for dominance in the smartphone and tablet market.

Motorola Mobility was created in 2011 when US-based Motorola Inc split the company into two separate entities: a mobile devices unit, and a government and public safety division known as Motorola Solutions.

"We are totally excited about this opportunity we have at Motorola," Google chief financial officer Patrick Pichette said during an earnings conference call on Thursday.

"There is palpable excitement," he continued.

"Clearly, people should expect some changes at Motorola."

Page did not take part in the conference call as is the usual routine, with executives saying the Google boss and co-founder was still recovering from a throat problem that had left him temporarily unable to speak.

"Larry has lost his voice," said Google chief business officer Nikesh Arora.

"That means he cannot do any speaking engagements, including this earnings call, but he continues to run the company."

Google's dominant share of the US online search advertising market will grow to 77.9 per cent this year from slightly less than three-quarters last year, according to industry tracker eMarketer.

In comparison, the piece of the market held by Microsoft search engine Bing was expected to remain unchanged at seven per cent.

Google will rake in one of every 10 US dollars spent on advertising this year in the United States as the overall market reaches US$169.5 billion, according to eMarketer.

Google is also dominating the US mobile advertising market, seen as a key source of revenue for internet firms as modern lifestyles revolve increasingly around smartphones and tablet computers.

Spending on US mobile ads is projected to leap 80 per cent this year to US$2.61 billion with Google's share at nearly 52 per cent, according to eMarketer.

"Mobile is very important," Arora said.

"It is evident in our commitment to Android as well as our purchase of Motorola."

On a separate note, executives announced that the Google+ social network had grown to 250 million users and that it continued to be integrated through the company's online venues as a "backbone" for features based on friends.

AFP



Are You Leveraging Your Credit Card For Productivity and Savings?

I use all three major credit cards: American Express, Visa and Mastercard. If you're not fully educated in what your credit card can do for you and how to make the card WORK FOR YOU (not you working for the card) then you're losing out.

Most all of you already know about OPEN Forum (by American Express). Did you know that Master Card recently launched a new resource as well?

In a recent announcement, MasterCard worked with Rearden Commerce to launch the MasterCard Business Network network, which currently has three modules designed to meet the critical needs of these businesses:

  • Purchase â€" Offers small and mid-size businesses exclusive discounts on more than 650,000 products delivered from national distributors
  • Travel and Dining â€" Helps businesses manage their air, hotel and car rental bookings; create, manage and enforce employee travel policies; review restaurant ratings and make reservations
  • Expense â€" Provides the capability to create, save and print basic expense reports for free

Check this out and explore other resources from your credit card company â€" you might be pleasantly surprised.