Is Your Share Widget Broken? Are You Making It Easy To Share Content On Your Web Site?

On Smallbiztechnology.com I use ShareThis to enable my readers (that's you) to share content with others â€" be it through social networks or email. However, I know many people don't have the ability to share content on their web sites, those who have share widgets on their web sites often don't configure the sharing ability properly.

I've been to many web sites and clicked “share” on Twitter or something and find that the sharing link does not work or does not work properly.

I encourage you, work with your web designer to properly implement sharing on your web site and ensure your readers can share when they want to and how they want to.

ShareThis recently launched ShareNow, an upgrade from ShareThis. According to their web site, ShareNow is a new social tool which allows users to continually share content to their social network timeline. You must first enable ShareNow by authorizing ShareThis on a social network. Once this has been enabled, ShareNow posts content that you browse on a website to your social network timeline. ShareNow gives users more control over their content. You can continually share, remove shares, re-share or stop continually sharing. If you choose to stop continually sharing, you will still have the option to one-click to share.

 



Traditional Jobs Are Slowing But Online Work Is Booming

Overall the economy is not doing so well, on a macro level. Of course there are some pockets of growth such as Infusionsoft (hiring more and increasing revenues) and the same holds true for many of pockets of our economy â€" hiring up, revenue up. However, we know that in many other industries revenues are flat or decreased.

One sector that is growing is “online hiring”. This sector is the sector of skilled talent that business owners can hire online using such services as Elance, oDesk or Freelance.com.

I've been using Elance for many years and have hired and managed much of my staff through the Elance platform, they recently released a global employment report.

Elance's recent press release reads:

While global economies remain uncertain, Elance's leading indicators reveal business optimism, hiring growth and several hot job markets. The new ‘Creative Economy' is particularly vibrant; demand for creative skills such as web design (+574%), voice acting (+295%) and content writing (+256%) were each up significantly over a year ago. Companies are investing heavily in creative talent, signaling a shift in how businesses engage customers and commitment to growth.

Growth is not only in the USA but also in Europe and Latin America. In the USA hot spots include  Hawaii, North Carolina and Tennessee and also rural parts of the USA also experienced a boom.

Finally jobs that were traditionally “off line” are now moving online as well.

 Skilled professionals like manufacturing designers (+241%), architects (+198%) and family attorneys (+179%) are joining the online work community faster than ever with triple-digit increases compared to Q2 last year. Engineering is another job category defying the conventional market with skills like Chemical Engineering (+182%), Electrical Engineering (+126%) and Civil Engineering (+100%) increasing exponentially year over year.

 



Apple\'s AuthenTec purchase may pave way for iOS biometrics

Apple Inc. has agreed to pay $365 million to acquire fingerprint sensor technology developer AuthenTec Inc., according to a regulatory filing with the Securities and Exchange Commission, submitted July 26.

AuthenTec, based in Melbourne, Fla., provides fingerprint sensor technology to computer companies and mobile security software licenses to mobile phone providers. Apple's AuthenTec purchase, observers believe, may be motivated by a desire develop iOS biometrics capabilities, which may pave the way for use of fingerprint technology as a form of security for mobile payments in the next version of the iPhone or iPad.

Among AuthenTec's customers is Samsung Electronics Co. Ltd., one of Apple's main competitors. Samsung has been purchasing mobile security software from AuthenTec, an aspect of business AuthenTec recently further emphasized.

A deal between AuthenTec and Samsung to secure Samsung's Android devices would have likely been perceived as a threat to Apple. Apple's purchase of AuthenTec would block, or at least control, further collaboration between AuthenTec and Samsung.

AuthenTec reports annual revenue of about $70 million.




Black Hat 2012: Security visibility and the hidden message

LAS VEGAS -- When I attend a conference, I always look for trends in messaging among the various presentations. When I say "messaging," I don't mean popular topics or buzzwords; I'm looking for a deeper message hidden between the lines at different talks, across different subject matters.

Shawn Henry, president, CrowdStrike Services; former FBI executive assistant director
© 2012 Black Hat Events

This year what I read between the lines was security visibility. Starting with Shawn Henry's opening keynote Wednesday, that theme carried on throughout sessions on smart meters, application vulnerabilities and network defense. "Visibility" is what's flowing off the tongues of presenters, cloaked in its various synonymous terms.

"You can't secure what you don't know," and, "You can't secure assets from threats and actors you don't understand," was repeated numerous times by Shawn Henry. Henry, a former FBI executive assistant director, even referenced quotes from military strategist Sun Tzu and the U.S.'s 18th president and military leader Ulysses S. Grant, to underscore his point.

IOActive Inc. Services Director Iftach (Ian) Amit echoed these same thoughts in his briefing "SexyDefense - Maximizing the Home-Field Advantage." In his session, Amit noted that "intelligence is key," and that intelligence and data can come from any source; technical and operational intelligence, as well as data collected and analyzed via marketing and sales teams in an organization.

David Mortman of enStratus caught my attention in his more technical discussion of "Automation and APIs for Improving Security" when he told the audience to focus on discovery first. Borrowing a line from Jeremiah Grossman of White Hat Security, he said "hack yourself first." Mortman continued that these security techniques and countermeasures "should be evidence-driven," precise and deliberate, based on knowledge and visibility into the environment.

InGuardians researcher Don Weber was on the security visibility bandwagon as well. In his well-delivered briefing on recent smart meter vulnerability research, he made it clear his work's efforts are to offer better intelligence to the smart meter vendors. He wasn't at Black Hat to instruct people on how to break in or abuse these devices; he was there to share knowledge and offer data that gives the vendors visibility into the shortcomings and vulnerabilities, and offer a dialogue to help address them.

These are just a few examples of how this message of security visibility weaved itself throughout briefings and keynotes at Black Hat. From visibility into your adversary's motives, to visibility into your own network infrastructure and applications, and even visibility into the market, knowing the landscape and having an accurate picture is key to succeeding with security at all levels.

This was first published in July 2012



New Lost and Found Service Helps Companies Track Valuables

People and businesses can be hurt greatly by the loss of valuables. Whether it be equipment, expensive items, or irreplaceable data, a new online service is now aiming to help both individuals and businesses recover lost possessions and feel more confident about owning and using valuable items.

Belon.gs: Lost and Found Service

Belongs, Inc has just launched the next generation of global lost and found services for both web and smartphone users, Belon.gs. Allowing users to remain anonymous, post and collect rewards for lost items, and easily tag their items with QR codes, Belon.gs hopes to encourage good deeds throughout its community of business and personal users, so that people have a better chance of actually retrieving lost items.

Those who want to take part in the lost and found program can order sticker tags with QR codes that can be attached to valuable items. Business customers can order special corporate tags, which look like normal Belon.gs tags but can be tracked in your company's name with special corporate features. Belon.gs asset management features, which run on a cloud-based platform, can also help companies with tasks like taking inventory and tracking item locations.

When users find an item with a Belon.gs tag, they can go to the website and enter the code located on the tag. Then Belon.gs will anonymously put the finder in touch with the owner of the lost item, and they can arrange for the delivery of the lost item. Then the owner can reward the finder for returning the lost item.

Currently in its beta version, Belon.gs is free for individuals, and offers several different plans for business customers, ranging in price depending on how many tagged items each company requires. However, Belon.gs does offer a one-month free trial for business customers.

To learn more about Belon.gs or to order sticker tags for your company, visit Belon.gs.




New Lost and Found Service Helps Companies Track Valuables

People and businesses can be hurt greatly by the loss of valuables. Whether it be equipment, expensive items, or irreplaceable data, a new online service is now aiming to help both individuals and businesses recover lost possessions and feel more confident about owning and using valuable items.

Belon.gs: Lost and Found Service

Belongs, Inc has just launched the next generation of global lost and found services for both web and smartphone users, Belon.gs. Allowing users to remain anonymous, post and collect rewards for lost items, and easily tag their items with QR codes, Belon.gs hopes to encourage good deeds throughout its community of business and personal users, so that people have a better chance of actually retrieving lost items.

Those who want to take part in the lost and found program can order sticker tags with QR codes that can be attached to valuable items. Business customers can order special corporate tags, which look like normal Belon.gs tags but can be tracked in your company's name with special corporate features. Belon.gs asset management features, which run on a cloud-based platform, can also help companies with tasks like taking inventory and tracking item locations.

When users find an item with a Belon.gs tag, they can go to the website and enter the code located on the tag. Then Belon.gs will anonymously put the finder in touch with the owner of the lost item, and they can arrange for the delivery of the lost item. Then the owner can reward the finder for returning the lost item.

Currently in its beta version, Belon.gs is free for individuals, and offers several different plans for business customers, ranging in price depending on how many tagged items each company requires. However, Belon.gs does offer a one-month free trial for business customers.

To learn more about Belon.gs or to order sticker tags for your company, visit Belon.gs.




Hate Typing? Can\'t Type? Use Dictation with the update Dragon Naturally Speaking.

I know many people can't type (at least not touch type at any reasonable speed) and of course some people are disabled and can't type. One solution for many is dictation software that types your characters (or opens software and runs macros) from your spoken word.

Nuance's Dragon Naturally Speaking has been updated to version 12 and is more accurate than ever, according to their recent announcement.

According to their press release, Dragon 12 now boasts a 20 percent improvement to out-of-the-box accuracy, faster performance and new technology that learns your preferences as you use the software.  Further, Dragon 12 works better than ever with Gmail and Hotmail, and extends the free Dragon Remote Microphone App experience to Android, turning compatible Android phones into a wireless microphone for Dragon for PC.

Another thing about dictation software is that the more you use it the better it gets to know your voice and accuracy improves.

Dragon Naturally speaking also has an app that lets you use your smartphone to dictate over a WiFi network to your computer.



Jimdo Sees 15% Increase In Mobile Traffic. Is Your Web Site Ready?

Jimdo makers of do it yourself (DIY)  web site software, is seeing an increase of 15% in their mobile web site traffic.

Go to your web site on your smart phone  - how does your web site look? Happy with it?

There are many companies that can help you ensure your web site looks good when viewed on a mobile device. Do an online search for mobile web sites and you'll see many services you can pay for or get for free that can “mobilize” your web site.

I use Mobstac and it works quite well.

If you are using a DIY web site service to build your web site ensure your web site is rendered for smartphone and tablet browsers. If the service is not doing it, switch services.

 



Don\'t Let Your Website Get Marked For Malware on Google!

Have you ever been to a Google search result page, looked through the results, and seen “This site may harm your computer” written underneath the title of one of them? This is Google's way of warning you that you might get unexpected results when entering a website, usually in the form of browser hijacking scripts or malware.

Not all sites with malware in them actually asked for it to be put there. Some websites get compromised and experience several problems getting out of Google's bad graces even after they've dealt with the problem. You don't want to have to deal with the big blue, green, yellow, and red “G” when you have a problem like this, so start thinking about prevention.

So, where do we start? Besides hiring a team of developers to spruce up your code and tighten it against malicious code injections (yes, those are real), you can also employ the services of companies that notify you when something's wrong. There are tons of firms out there that have years of experience in dealing with these problems, and they're all at your disposition. More recently, they've been targeting the small business market, which tends to get hit harder by these kinds of issues.

Let's list a couple of services you can rely upon to get rid of any nastiness found in your site:

  • StopTheHacker - This service constantly monitors your site for malware and automatically removes it wherever it's found. This ensures that you don't get blacklisted and makes sure you don't suffer damage to your reputation. STH also monitors your Facebook page to ensure no malicious links are posted. Their cheapest plan, however, isn't effective in doing these things. You must choose their “Professional” plan for the automatic malware removal and artificial intelligence engine. This plan costs $20 per month.
  • Sucuri - This company touts the ability to have your website clean and running again within 3 hours. If your website gets blacklisted, the service will remove you from the blacklist for you. The promising features make it a rather tasty option especially for the SMB owner who'd like to pack a punch without paying out a whole lot. Their most affordable plan costs $89.99 per year and includes all the gadgets and gizmos you need for one website. More advanced plans cover more websites and they're willing to monitor as many of them as you want, for the right price.

If you've got a website that receives even a moderately small amount of traffic, your revenue can be completely obliterated by a single attack. You should set up your fort accordingly. After all, your website's security platform is equally important as the server you host it on.



Funding For a Small Project or Product with Kickstarter

Despite its enormous popularity, Kickstarter is still not as well known in the small business community as you would expect. If you haven't heard about this crowdfunding platform, read on and I'll share how this still-new service is shaking up the startup and new product world.

Kickstarter is a funding platform as the screenshot above states, but let's unpack that just a bit. This is not a venture capital or angel investor network. The simple explanation I share is this: You are pre-selling a product before its finished and getting real customers to take a risk on you by purchasing ahead of production.

Your “product” might be a movie, or a music CD, or a piece of art, or a new 3D printer that you've invented. There are some boundaries (guidelines) and you can read about them here, but more fun to consider the statistics.

  • 26,431 projects have successfully funded (at publication time; they update daily).
  • Of those, 18,271 raised between $1,000 and $9,999.

That's not a lot of money. But if you're a small, micro business and you want to test the waters and launch a new product (again, product can be defined in many ways that might fit what you do), Kickstarter is one of the top places to consider.  Some projects have hyper-funded - seven have raised over $1,000,000.

The Kickstarter website helps define what a “project” is:

  1. A project has a clear goal, like making an album, a book, or a work of art. A project will eventually be completed, and something will be produced by it. A project is not open-ended. Starting a business, for example, does not qualify as a project.
  2. We currently support projects in the categories of Art, Comics, Dance, Design, Fashion, Film, Food, Games, Music, Photography, Publishing, Technology, and Theater.

As you can see, there's a lot of room for small business owners to create a project and get funds to make it a reality.

Here are a few of my current favorites:

  • OpenROV:  A do-it-yourself underwater robot that has potential for helping medical and scientific research, not to mention it looks like a lot of fun.
  • Small Projects:  This is the list or category of projects under $1,000 and it is often filled with some of the most entrepreneurial-minded ideas. Right now, the new closet guitar hanger looks pretty interesting.

Gadgets and consumer items tend to be super popular when designed well. Books, music and films are hyper-popular, too.  The Kickstarter team offers up its staff picks and there are also curated collections. I mention all of these to help you brainstorm if a crowdfunded project or product is in your future. I've tried it a few times and even though my projects have not funded I have learned a ton and adapted my business. I view it as a real-time customer research lab.

Let us know if you launch a Kickstarter project and your experiences.




Contests & Awards: Urban Entrepreneurs, Battle of the Apps, American Airlines and More

Welcome to a fresh list of awards, contests and competitions for growing companies and entrepreneurs.

There are some great contests and awards in this week's roundup.

If you've entered and won a contest or award listed here, let me know so we can share your news.

This list is brought to you every other week by Small Business Trends and Smallbiztechnology.com.

*****

Win Expert Advice for your Small Business

DYMO Endicia has partnered with ecommerce and business experts Marsha Collier and John Lawson to bring small business owners the chance of a lifetime:

Two lucky business owners will win a 1-hour phone consultation with either Marsha or John. Ask your burning business questions, get expert advice, and discuss your management strategies with online sales and marketing gurus.

Dell $100M Innovators Credit Fund

Dell has launched a $100 million Innovators Credit Fund, with the purpose of helping entrepreneurs “maximize potential for innovation, speed to market and job creation.” The credit fund will offer both funding and technology resources with IT support, depending on what each start-up needs.

To be eligible, you must have already received some angel funding or venture capital before you can apply. Start-ups can get up to 10% of its current funding or up to $150,000 with limited credit terms. See website for details and application.

Staples Design Your Dream office Sweepstakes
Enter by July 28, 2012

Enter Staples' Design Your Dream Office Sweepstakes on Facebook and you could win $5,000 worth of your dream Staples products, plus a $500 shopping spree at Staples.

Rock Your Biz Blogging Contest
Enter by July 30, 2012

Join BizSugar.com for the Rock Your Biz Blogging Competition June 28 through July 30, 2012, to learn some great tips on how to take your business to the next level with online networking, blogging, or social media. Gain exposure for your company and a chance to win some cool prizes including an iPad3 and more.

To enter, simply write and publish a blog post on your blog, sharing tips or advice on how to use online networking, blogging, or social media in a small business.

DailyCandy Start Small, Go Big Contest
Enter by August 3, 2012

The 2012 “Start Small, Go Big” contest, sponsored for the third year in a row by Ink(SM) from Chase, includes mentors from some of the biggest names in fashion, home, beauty and food including Rebecca Minkoff, Jonathan Adler, Lauren Moffatt, Christiane Lemieux of DwellStudio, Lev Glazman & Alina Roytberg of Fresh, Alison Pincus and Susan Feldman of One Kings Lane, and more. Categories for entry include Fashion, Home, Food & Drink, Health & Beauty, and Digital & Tech. See website for entry details.

Win an Office Assistant
Enter by August 7, 2012

To celebrate the launch of high-tech recruitment company TeleworkingExpatsForHire.com, business owners can win the services of a teleworking office assistant for two months worth $4,800.
See company LinkedIn page for details

Accelerate Michigan Innovation Competition
Enter by August 8, 2012

The Accelerate Michigan Innovation Competition is an annual international business plan competition in Michigan. The event is the world's largest business plan competition with more than $1 million in prizes. The goals of the competition are to promote Michigan as a venue for innovation and opportunity and stimulate job creation.


American Airlines Flights. Camera. Action.
Enter by August 10, 2012

Upload a short video telling how the connections you make through travel help your business soar â€" and you might win up to 80 round-trip tickets for your company and exposure to thousands of potential customers.

The New York Times Make Your Pitch Contest
Enter by August 29, 2012

Submit your pitch on video, telling about your product or service, your marketing plans, your customer base. Tell what makes your business different - why it is one to watch? Do you need capital? If so, how much and what for? Most important, how are you going to make money?

All video pitches that meet the submission guidelines will be featured on The New York Times small-business Facebook page and selected pitches will be featured on the New York Times You're the Boss Blog.

PITCH NYC 2012
Enter by August 31, 2012

After hosting the successful 5th Annual PITCH 2012 in the Silicon Valley, Women 2.0 is excited to launch the inaugural PITCH NYC Conference & Competition 2012 (PITCH NYC 2012).

Open to early-stage high-growth ventures around the world, PITCH NYC 2012 invites companies with at least one female in the founding team to apply. Applying companies must be in beta stage and have received less than a million in funding. They are looking for the most disruptive web/mobile ventures, connected device companies, double and triple bottom line ventures, etc. Prizes include $25k cash, services and more.

See website for entry rules (you have to send in your business plan on a napkin!)

MillerCoors Urban Entrepreneurs Series
Enter by October 26, 2012

The 2012-2013 MillerCoors Urban Entrepreneurs Series (MUES) business plan competition is now open and accepting entries.

Since 1999, MillerCoors has invested more than $1.7 million in the dreams of entrepreneurs. This year brings new opportunities for entrepreneurs like you. Enter your business plan for a chance to vie for a $50,000 business grant and potentially become a MillerCoors supplier.


Infusionsoft Battle of the Apps
Enter by December 31, 2012

Do you have a great idea for an Infusionsoft App, integration or plug-in that will enhance the Infusionsoft user experience? Then you have a shot at being crowned the Kick Apps Champion in the Battle of the Apps 2013. First prize is $10,000. See website for details.

If you are putting on a small business contest, award or competition, and want to get the word out to the community, please submit it through our Events & Contests Submission Form. (We do not charge a fee to be included in this listing.) Only events of interest to small business people, freelancers and entrepreneurs will be considered and included.

Please note: The descriptions provided here are for convenience only and are NOT the official rules. ALWAYS read official rules carefully at the site holding the competition, contest or award.

[photo credit: Shorts and Longs Flickr]



Chris Cabrera of Xactly: Making Sales Compensation Easy for Small Businesses

Most of us want more sales, right?  But as a company grows, the complexities of managing sales quotas and calculating sale commissions also grow.  That's why it's so important to have good systems so that you can design best-in-class sales compensation plans and automate the calculations so as not to get bogged down in doing it manually with spreadsheets.

In this interview, I'd like to introduce you to Chris Cabrera of Exactly.  Xactly is a Web-based application to automate and keep track of sales compensation - and even integrate with your QuickBooks data, thereby avoiding duplicate data entry.

* * * * *

Chris Cabrera of XactlySmall Business Trends: Can you tell us a little bit about your personal background?

Chris Cabrera: About 14 years ago, I started with a company selling on-premise solutions, big heavy expensive on-premise solutions that solved the sales compensation problem.

Seven years ago I embarked on starting this company, Xactly, to really focus on smaller companies and to do it all on the Cloud. Today, we have 500 customers that include companies with two reps, 10 and 50, all the way up to thousands.

Small Business Trends: What kind of challenge is it, from a small business perspective, to handle sales compensation?

Chris Cabrera: For years small businesses have been precluded from being able to take advantage of these automated solutions to handle it.

A lot of these smaller companies don't have a dedicated comp analyst or compensation manager.  But the challenges are no less difficult and the benefit is no less great.

What is now happening is we are seeing small businesses waking up to the fact that they can now afford to use the best in class, the best practices, and the best software solutions that are in the cloud.  The same ones that these giant public companies use.

When you think about sales comp, we are not talking about insignificant dollars, right? I mean if you are paying sales reps, chances are you are paying those reps $50,000 to $100,000 a year to sell your wares.

That is a lot of dollars that the company is spending.  Yet, the way these sales comp plans are designed, often they are done in the back room and at the last minute.  Again, by the CEO or the VP of sales.  These are smart folks, but that is not their area of expertise.

So what we said to these SMBs is, “Hey, this is what we do for a living and this is all we do.  So why don't you let us help you design better plans that will drive better performance?”

Small Business Trends: Paying people on time, right away and what they are expecting, that goes along way to keep them happy I assume?

Chris Cabrera: It does.  I'm always amazed that the paradigm today is that companies literally pay four or five weeks in arrears.  They are at the end of their month or their quarter, then they start doing the calculations, and about four weeks later, they are giving their reps a statement with their check.

In the Xactly world, those reps can see, day by day, through the month or the quarter how they're doing.  Even if they are using a CRM tool, they can begin to look at a deal prior to them even closing it.  They can do these “what if” scenarios that we have.  The “show me the money” button where they can say, “How much can I earn if I close this deal?”

Small Business Trends: What kind of things should companies be on the lookout for when they develop a sales compensation plan?

Chris Cabrera: Some of the common pitfalls are people that tried to use the compensation plan do to too many things. As a quick example, I have gone into companies where they are using valuable compensation dollars and they are paying on deals only if it was put into CRM, as an example, right? So what they are trying to do is say, “I want to improve adoption of CRM so I am going to use compensation dollars to enforce that.”  That is not a good practice, that is a management practice that should be handled by management.

You should not use your valuable compensation dollars for that purposes. What you should use your valuable compensation dollars for is driving whatever is in your business that makes you better. It is selling more widgets; is it selling more profitable widgets; it is discounting less; is it getting better payment terms; is it getting more cash up front.

I mean, everybody's challenges are different.  But comp can be used if used correctly and, by the way, it can change.  It should change over time depending on the needs of the business change.

Small Business Trends: You say that CRM adoption is improved, but it should not be on the sales compensation plan, right?

Chris Cabrera: Correct. I mean you shouldn't use the valuable dollars that you pay to drive the behavior, to get them to adopt CRM.

What our customers tell us is once they have installed Xactly on top of the CRM tool, the reps now have a reason to go into their CRM more often because they are going to see all of their commission's right through the CRM tool. They have a reason to go into this CRM tool and make the data more accurate because they want to do these “show me the money” exercises to see how much money they can earn

Small Business Trends: You recently announced integrations with QuickBooks. How does that impact how small businesses do sales compensation?

Chris Cabrera: QuickBooks is omnipresent.  Clearly one of the things that you need to pay compensation is order entry data. We already have partnerships with CRM vendors in particular, Salesforce.com, Oracle, and Microsoft. But we realized if we can get a partnership with Intuit, such that the data can be brought directly into Xactly, we are going to make it that much more seamless for SMBs to sign up and, in a very short matter of hours, become live.  It pulls data right out of Intuit and displays all of the compensation right through their CRM system and then pumps the data right back to the payroll tool.

That whole process today is typically manual, usually in Excel, and is a nightmare. So this partnership with Intuit is really exciting and starting to pay dividends as SMB are coming and adopting this in droves.

 


How Social Media Tools Can Help with Your Marketing Campaigns

For marketing campaigns, this has been a hindrance. If your small business is e-mailing newsletters, coupons, or just great messages to your distribution lists, there may be times when  your recipients would love to share the information with their friends on Facebook, Twitter, or Google+. Maybe your recipients haven't considered it, but seeing that “like” button will give them the idea.

Recognizing the need for this, Campaigner has added this functionality to its popular e-mail marketing platform. Through social sharing, users can “enable sharing” when launching a new e-mail campaign. This automatically archives your content online, complete with a “share” bar at the top of the screen. You'll also be able to track all page views that occur as a result of your content, including any views on social media sites.

“The synergies between email marketing and social media are evident, particularly as email marketers explore the value of enabling their messages to be easily shared on social networks like Facebook and Twitter,” said Paul Turnbull, Product Manager, Campaigner. “Instead of having to deal with both an email marketing service and social media management tool, customers now have the ability to share emails on multiple social platforms through one easy-to-use interface. We are excited to deliver on many of the top requests from our customers and look forward to meeting their evolving email marketing needs.”

Campaigner is only the latest of many e-mail marketing businesses to integrate social media into its platform. With social media becoming so important in today's marketing campaigns, many services have searched to find ways to implement new technologies. Some of these services include:

  • Constant Contactâ€"Constant Contact allows you to add Facebook, Twitter, and LinkedIn links to your e-mails. Once your customer clicks, they are taken to your social media page, where they can like and share information about your business.
  • Vertical Responseâ€"Through its canvas editor, Vertical Response allows you to add a “Like” button to an e-mail. The canvas editor allows you to create HTML e-mails, which are necessary for the Like button to be visible to your recipients.
  • Mail Chimpâ€"Mail Chimp has recently added new tags that will allow you to incorporate Facebook like buttons, Tweet buttons, and Google Buzz tags. The site also offers YouTube merge tags that can help with incorporating video into your marketing campaigns.
  • iContactâ€"iContact allows users to easily add Facebook, Twitter, Google+, and LinkedIn buttons to e-mails, choosing whether these buttons should apply to the entire message or just a section.
  • My Emmaâ€"This site allows you to add a Facebook, Twitter, or LinkedIn button to e-mails by simply clicking a button that says “Add Social Sharing” as you're creating your e-mails.

The above solutions also offer analytics on the buttons you add. In fact, chances are with any marketing campaign service business you choose for your small business's marketing campaign, you'll have the option to include social media buttons. So the key is to find the e-mail marketing solution that works for your small business and learn how this new integration of technology can help improve your marketing campaigns.



Stamp Of . . Err, Let\'s Wait And See

management business cartoon
I had a manager who could never make a decision:

  • “So, what do you think?” I'd say. “I'll get back to you,” he'd respond.
  • “Is that OK?” I'd ask. “I'll let you know,” he'd say.
  • “How about it?” I'd inquire. “Let me think about it,” he'd reply.

After each exchange, he'd scuttle off to his managers office, chat them up, get their opinion, and then â€" and only then â€" could he deliver a decision.

Listen, I understand the value in getting another point of view, but often these were simple, even mundane decisions like, “Greg and I would like to trade lunch hours today. Okay with you?” Scuttle, chat, question, “I guess it's Okay.”

Maddening to be sure.  But at least I got a good cartoon out of it.




Let Your Customers Find You: Become Visible With Local Merchant Finder Apps

You've probably used a local merchant finder app on your phone before. If you haven't, you don't know what you're missing out on. Basically, your phone turns into a tool for finding great eye-catching and tasty businesses nearby that help you find what you need. Using them is awesome, and having your local business listed in them gives you more kudos!

If you're having problems gathering customers, your business can get some real foot traffic by listing itself on popular “finder” apps that let people seek local establishments and land on your doorstep. People who happen to be around your business can easily find it with one of these tools. Ignoring this possibility, especially since it's free most of the time, closes doors for you that could have led you to more revenue possibilities.

This kind of solution gives you a break from the daily grind of having to market yourself to make your business more visible. Visibility is achieved once someone is close by and looking for you. You've probably heard of Foursquare, but perhaps you had no idea that you can add your business to it for free. But besides this service, you can also have a look at a couple of others that allow you to do the exact same thing:

  • Elephanti - This service offers people a place to look at establishments nearby. Elephanti particularly provides you with some interesting tools to promote your business and built a “storefront” in the website itself, so that people who are interested can see products and services you offer as well as discounts you might have. It's much like Foursquare in the sense that it allows you to have a liberal amount of control for your business. The exception is that Elephanti lets customers see things that they're particularly interested in. For example, a customer can say that he or she is looking for sunglasses at a reasonable price. Your business could offer those, and have a promotion that beats whatever everyone else's touting.
  • Yelp - While sifting through other local merchant websites, we come across Yelp, a very popular service for people who use their mobile phones to find places of interest. Again, like other services mentioned here, it allows you to build up your own listing and make your special deals visible.  Perhaps one of its most unique features is the analytics it provides for your business page on their platform. Yelp shows you how many people viewed your page and shared it. From this data, you can see if you're getting a nice supply of customers from the service.

Perhaps you are a bit too busy to use all of these services at the same time. That's understandable. Just pick the one that you think will help your business stand out the most and achieve the best results. This can be done with a bit of trial and error on each of these platforms. After you've learned the ropes, you won't know how you lived before merchant finder apps appeared.



Black Hat: Researchers bypass Bouncer to put malware into Google app store

Two researchers demonstrated how they were able to push a malicious information-stealing app onto Google Play, even while Google's Bouncer custom malware scanner was watching.

Trustwave SpiderLabs head Nicholas Percoco and Sean Schulte, a backend SSL services developer at Trustwave, said that they circumvented Bouncer with a JavaScript trick that transformed a benign Android app into a malicious one on Google Play.

Speaking at the Black Hat security conference in Las Vegas, the pair said that they had developed a benevolent app called ‘SMS Bloxer' that looked like other SMS blocker apps on the market. In order to ensure regular users didn't accidentally download the app, Trustwave also priced it at $49.95, in stark contrast to similar apps, which were usually £2 or less or free.

SMS Bloxer lived on Google Play for two weeks and didn't get flagged by Bouncer for that entire period of time. At its worst, the app was capable of stealing contacts, SMS messages and photos and it was able to harvest information about the device or force a web page to load. The researchers said that it could also launch a denial-of-service attack.

Percoco said: “We wanted to test the bounds of what it's capable of.”

He said the benign app reported back to Trustwave whenever it was executed, and made it past Bouncer and onto Google Play. The team had determined Bouncer's IP address by this time and modified the test app to act maliciously only if it was executed outside Bouncer.

To avoid detection the team used the JavaScript bridge, a ‘legitimate' workaround supported by Android, which allowed the developers to remotely add new features to a program using JavaScript, or change the look and feel of an app by modifying the HTML without having to go back through the entire app approval or update process.

Trustwave used the JavaScript bridge to add increasingly malicious capabilities to the app. Bouncer scanned the app repeatedly, but never noticed the new malicious features. Percoco said that only when the team tweaked the app to execute every second did Bouncer notice it and suspend the developer account.

Trustwave shared its findings with Google, and Percoco said the company was a "great organisation to work with".



Black Hat: Biometric experts demonstrate reverse-engineering capability in iris scanning systems

Researchers at the Black Hat conference in Las Vegas have demonstrated a method of breaking retina authentication.

Javier Galbally, assistant researcher and professor at the Universidad Autonoma de Madrid, presented new research conducted by scholars in Spain and West Virginia University that reveals ways that iris scans can be thwarted, by duplicating an image of the eye membrane.

Iris recognition systems are currently deployed by both corporations and law enforcement entities around the world to permit access to sensitive tools and information. After a person's eye is scanned, the recognition tool produces an iris code, which is then filed in a database and used for future matching.

To exploit this mode of authentication, a hacker would first have to access the database that holds the iris scans, typically stored as templates or digital records of an individual's biometric features. 

According to Galbally, once they have access to the original templates, the hackers can use a genetic algorithm to alter the synthetic code over several iterations until a nearly identical template is produced. That permits an image of the iris to be duplicated.

He said that creating a match is as simple as printing it out and showing it to the recognition system and this could be done by patching the image onto a contact lens, which the attacker can then wear.

“The commercial [iris] system only looks for the iris [code] and not an actual eye," Galbally, who also conducted the research with help from colleagues at the Biometric Recognition Group-ATVS, said.

“The main problem with the iris is the acquisition. Sensors are more expensive and it's more difficult to acquire because you need more cooperation from the users. You never know if it's going to be dangerous or not, but the vulnerability is there. It's good that people are aware that these vulnerabilities exist.”

There have not been any breaches reported as a result of bypassing these systems through synthetic iris images, Galbally said.



Mobile version of Pwn2Own contest to be held in Europe

HP is to launch a hacking contest where participants will be awarded for compromising mobile devices.

Based on the Pwn2Own contest, which is held at the CanSecWest conference in Vancouver, this will be held at EUSecWest in Amsterdam in September. HP said that this will be specifically geared at the mobile device industry, with prizes of up to $200,000 (£128,000) offered to the first researcher (in each category) to successfully compromise a device via a mobile web browser, Near Field Communication (NFC), SMS  cellular baseband.

HP said that the primary goal is to demonstrate the current security posture of the most prevalent mobile technologies in use today, and competitors will be able to use a radio frequency (RF) enclosure to conduct the ‘attacks' without violating local laws.

To enter, contestants can pre-register by email at zdi@hp.com. On-site registration will still be available if the targets have not been compromised and if the required hardware and software prerequisites are available. Each contestant will have a 30-minute time slot in which to complete their attempt (not including time to set up the network or device prerequisites).

If more than one researcher registers for a given category, the order of the contestants will be drawn at random. The schedule will be announced a week before the contest and each contestant will be allowed to select the device they wish to compromise during the pre-registration process. The only requirement is that it be a current device and running the latest operating system.

A successful attack against these devices must require little or no user interaction and must compromise or exfiltrate useful data from the phone. Any attack that can incur cost upon the owner of the device (such as silently calling long-distance numbers, eavesdropping on conversations and so forth) is within scope.

To avoid interfering with licensed carrier networks, all RF attacks must be completed within the provided RF isolation enclosure and the vulnerabilities utilised in the attack must be a zero-day.

ZDI (Zero Day Initiative) reserves the right to determine what constitutes a successful attack and all vulnerabilities revealed by contest winners will be disclosed to affected vendors through HP's Zero Day Initiative.

Winners will receive the device itself, a BlackBerry PlayBook courtesy of RIM and the prize money is $100,000 (£63,000) for the cellular baseband compromise; $40,000 (£25,000) each for the SMS and NFC compromises and $20,000 (£13,000) for the mobile web browser attack.

Also awarded is 20,000 ZDI reward points, automatically qualifying the winner for silver standing, to include a one-time $5,000 (£3,000) cash payment, 15 per cent monetary bonus on all ZDI submissions over the next calendar year, a 25 per cent reward point bonus on all ZDI submissions over the next calendar year and paid travel and registration to attend the 2013 DefCon in Las Vegas.



Survey deems that mobility drives productivity, but leads to security concerns

A global survey has found that empowering employees through technology and mobility drives productivity, despite leading to security concerns.

According to the Evolving Workforce Research report by Dell and Intel, which surveyed 8,360 workers worldwide, consumerisation increases productivity in the workplace.

In particular, greater employee input in IT provision, bring-your-own-device (BYOD) initiatives and workplace flexibility were seen as ways to generate additional employee productivity and loyalty. However, while there is growing awareness among organisations that greater flexibility in employee technology choices can enhance productivity, the research also shows that organisations are still grappling with the security challenges and threats this can present.

The report said that while business leaders are accepting that the arrival of tablets, smartphones and cloud computing creates the need for companies to challenge themselves to be more mobile-led, many experts believe that the convergence of applications across devices will foster an even more mobile dependent workforce in the future.

In terms of employee transparency, the issue with employees regarding IT decisions that affect them presents a challenge for management, with business leaders noting that if any aspects of a company's IT consumerisation policy are hidden from employee view, they may backfire.

From a purely UK perspective, 43 per cent of SMB employees complete their work in a 9am to 5pm schedule, while 56 per cent of enterprise employees work to this schedule. Over half (57 per cent) said that IT problems are ‘a regular frustration'.

Steve Felice, president and chief commercial officer of Dell, said that it was engaging with its customers to understand what the end-user's needs are and it had expanded its vision beyond what device the end-user has to having consultative conversations with its customers about how data is being accessed.

Dell global CIO Adriana Karaboutis said: “With today's increasingly tech-savvy workforce and outcome-driven employees, companies have everything to gain from fully embracing the IT consumerisation and mobility trend that is redefining the workplace.

“Companies are realising that by enabling employees to work from a location of their choice using their preferred technology, they are taking one of the single most important steps in motivating business productivity.”

Ed Goldman, IT CTO at Intel, said: “While reinventing the operational landscape through IT can have a positive impact on productivity and employee morale, we shouldn't lose sight of the challenges that these changes create for the business.

“Every company will need to find the right balance between implementing changes to bring benefits to employees while matching the strategic objectives of the business.”



Facebook Barely Meets Income Goals

Since a disappointing IPO, Facebook has struggled to impress investors. This quarter, the social network struggled to meet revenue goals, and growth is slower than before the company went public. Meanwhile, the social media giant remains critical for business marketing and networking. Here's the latest on Facebook's business and tools.

Measuring Up

Show us the money. The majority of Facebook's earnings this quarter, as in all previous quarters reported, is advertising revenue. This quarter, ad revenues accounted for $992 million, representing 84 percent of the social media networking giant's earnings, a 45 percent increase year over year from 2011. The Verge

Earn some respect. Here's a look at Facebook's second quarter earnings in detail. What businesses using the social network regularly will like most is not revenue totals, but the 29 percent increase in monthly users and the 32 percent increase in daily active users. Facebook Investor Relations

Take the plunge. Businesses using Facebook to advertise and connect with customer are happy with growing user numbers, but investors in the company aren't as Facebook's stock value dropped to an all-time low following its report on quarterly earnings. This won't affect business users of the site unless it means Facebook's days are numbered. CNBC

New Directions

Hold the phone. Don't expect a mobile device from Facebook, despite all the rumors circulating. In a recent conference call, Facebook CEO Mark Zuckerberg said it wouldn't make any sense for the company to make a phone, but given reports that the social media giant is investing in smartphone development, observers are speculating on what this could really mean. Business Insider

Stop buggin' out. If you're worried about Facebook security, you're not alone. The company's management team has taken an unprecedented step among tech firms, rewarding white hat hackers for finding and reporting security holes that expose user data. The new bug bounty program should inspire more confidence in the company's efforts to protect user information. Bloomberg

Facebook's Future

Make your recommendations. A new recommendation bar introduced yesterday helps people find articles on your site based on what their friends have liked or shared on Facebook. The plugin is a boon for Website owners using Facebook to promote content, and sites testing the tool so far are seeing three times the click through rate than that of Facebook's other means of social promotion. Facebook Developers

Survey says. Change is inevitable. While Facebook continues to gain users completely outdistancing competitors, it might not stay that way forever. Business users rely on the dominant social network for marketing and connecting, but a recent survey by the American Customer Satisfaction Index indicates users are more satisfied with Facebook competitor Google+, even if it has nowhere near the user numbers. Wired



Black Hat 2012: David Litchfield slams Oracle database indexing

LAS VEGAS â€" A reactive approach to software security, namely following the security research community's lead, has proven to be a winning strategy for Oracle Corp. in recent years.

"Then Larry Ellison said his products were unbreakable. I laughed and laughed. My brother (Mark) and I had found 36 flaws within 24 hours of the announcement."

David Litchfield

Since 2008 the database giant has steadily trimmed the number of critical buffer-overflow vulnerabilities in the Oracle database server. Longtime thorn David Litchfield, however, may have forced Oracle to reassess its software security strategy after his talk Thursday at the 2012 Black Hat Briefings.

Litchfield demonstrated several working exploits against the Oracle database server's indexing architecture, low-hanging fruit that Litchfield said has largely been ignored by attackers and Oracle-until now.

Litchfield, one of the industry's top database security consultants, demonstrated several proof-of-concept attacks, during which he was able to elevate his privileges to the DBA level, giving him the ability to manipulate database indexing records remotely via SQL injection.

Three of the exploits he demonstrated were able to beat  vulnerabilities reported and patched as long as two years ago:  CVE-2010-0902 (an unspecified OLAP vulnerability), CVE-2010-3512 (an unspecified Core RDBMS component vulnerability) and CVE-2012-0552 (an unspecified Oracle Spatial component vulnerability). He also demonstrated another exploit against an unpatched vulnerability that has been reported to MITRE Corp.'s Common Vulnerabilities and Exposures database (CVE) as well.

“If the back-end [indexing] is vulnerable, that means if you're two years out of date with your patching, which is a common situation, then we can exploit this to gain DBA privileges by creating an index as PUBLIC,” Litchfield said. By creating the PUBLIC index, anyone -- even users accessing the database via a Web application -- would have DBA privileges.

“The difficulty is that it has to be a deterministic function,” Litchfield said. “So, for example, we can't just use an auxiliary inject function directly because they're non-deterministic. So there are a couple more hurdles.”

Database indexes help DBAs sort through what could be trillions of records looking for a particular piece of data. No one in the research community has looked at the security of the index architecture to a large degree, and to an equally large degree, databases remain unpatched.

Far too few organizations are willing to take a database offline for security patching for fear of impacting availability or data corruption. According to a Sentrigo survey from several years ago, two-thirds of Oracle DBAs said they never apply security patches. A more recent survey by the Independent Oracle Users Group (IOUG) similarly found organizations' interest in applying database security patches to be lukewarm at best.

Litchfield said organizations should be up to date with patching, and pointed to his exploit demo on the unpatched vulnerability as an example of how simple it could be for an attacker with access to create an index, run what he called a second order SQL injection attack and gain system privileges that would enable the attacker to set his role as DBA.

“It's trivial,” Litchfield said in describing what it would take for someone knowledgeable to execute such an attack.

Litchfield has long been poking into database security, focusing initially on stack buffer-overflow vulnerabilities. He discovered the flaw that was eventually exploited by the SQL Slammer worm; Litchfield presented information on the vulnerability at Black Hat 2002, including shell code that demonstrated the seriousness of the flaw. Less than six months later, Slammer emerged and Litchfield said the attacker used his code as a template for Slammer.

“It caused me to call into question what I was doing,” Litchfield said. “Then Larry Ellison said his products were unbreakable. I laughed and laughed. My brother (Mark) and I had found 36 flaws within 24 hours of the announcement. It was really silly stuff too, like using a long username to cause a stack overflow.”