Wells Fargo Redesigns It\'s Business Insight Resource Center

Wells Fargo recently redesigned it's Business Insight Resource Center adding several design and functionality improvements that will benefit their visitors.

One new tool they are introducing is the content customization tool on the homepage entitled ‘Customize Your Content'.  Here, small business owners can filter content based on their business challenges and numbers of years in business. This allows them to drill down and focus on the content that's the most useful and applicable to their businesses.

If you were not aware of the Well Fargo site, you'll definitely want to click on over and check it out.  They share many great resources for businesses, including their Expert Columns, which our very own Ramon Ray, editor of Smallbiztechnology.com, contributes to.

Resources, like the ones they offer, can prove to be invaluable to any small businesses looking to grow and succeed.  Go on over and check them out and let us know what you think of the new design!



Bizelo: Customizable Apps Built for Small Businesses

Many small businesses use spreadsheets for everyday tasks like inventory management and accounting. Most know that this may not be the most efficient method, but software built specifically with these tasks in mind is often geared toward larger companies, and has the price tag to match.

Bizelo

That's where Bizelo comes in. Bizelo is a startup that offers individual apps for different business functions. The company and its offerings were built specifically for small businesses, so the features are simple and minimal, and apps cost just $25 per month.

Said founder Ron Schmelzer:

“Most small business owners don't want a thousand-dollar product with thousands of features, they want a simple product with three or four features that is priced appropriately.”

Currently, the company offers four different types of apps: inventory management, supply management, returns management, and accounting sync. But it has plans to add at least 12 more apps by early next year.

Said Schmelzer:

“Eventually we'd like to have a supply of hundreds of apps that small businesses can pick and choose from, but for now we're starting with a few simple ones that we think can benefit a lot of small companies.”

The apps “snap” together so that companies can keep all of their data in one place, but can customize the service to fit the needs of their industry without having to navigate around a bunch of unnecessary and unused features aimed at different types of businesses.

So for example, businesses that have an online store and a local storefront can use the inventory management app to sync and manage the inventory of both stores. But other businesses may just have an online store or multiple online stores, maybe on different platforms such as Ebay or Etsy. These different business models can all use the same app and just customize it to their own needs.

Schmelzer compared the concept behind Bizelo, which launched its first app in 2011, to that of Salesforce, but said the functions behind the two are completely different. Where Salesforce is often used for customer management tasks, Bizelo can provide a similar platform for the back office tasks like supply and inventory.

Though there are programs available for each of the functions of Bizelo's apps, this concept allows for businesses to keep all or most of their data in one place. And once the company releases more apps, there could possibly be even more business functions that Bizelo can help companies manage.




Women Entrepreneurs: Helping Other Women Succeed

Are women more or less likely to help others of their gender get ahead at work? A Catalyst study done earlier this year asked both men and women about the kinds of mentoring and assistance they'd received. Overall, more than half (59 percent) had received either informal or formal mentoring.

mentoring women

What's interesting is that women who had been mentored were more likely than men to be “paying it forward” to the next generation of emerging leaders at work. Sixty-five percent of women, vs. 56 percent of men, were doing so. And 73 percent of those women were mentoring other women.

The Catalyst report focused on executives in big corporations (the men and women were all MBA grads who had been identified as having “high potential” before earning their degrees). But I believe the value of helping other women applies, whether you're an employee or an entrepreneur.

First, there's financial value. Catalyst found both men and women who mentored others earned an average of $25,075 more between 2008 and 2010 than those who did not, even when the study controlled for other factors. For employees, helping others achieve clearly leads to greater career success and consummate rewards. But for business owners, mentoring others so they achieve more also leads to greater financial success for your business.

Of course, for entrepreneurial women, there's also loyalty at stake.

Think about it: An employee who gets support, encouragement and guidance from you about how to improve in his or her job is more likely to be loyal to your business, rather than ready to bolt at the first opportunity.

Finally, and maybe most important, for women business owners mentoring isn't just about mentoring your employees. For us, mentoring the next generation of leadership also means looking outside our own businesses and encouraging young women and girls to learn more about entrepreneurship.

I was fortunate to have entrepreneurial role models in my family-my dad, who owned a small business, was a huge influence in my life. But “entrepreneurship” was a word you barely heard when I was a kid. And even now, when young people are acutely aware of entrepreneurial role models like Steve Jobs or Mark Zuckerberg, most of the focus is on tech startups, where women are still underrepresented.

There are many ways you can be a mentor and role model to younger women. Involve your daughters or nieces in your business. Find a younger entrepreneur you connect with through social networks like Twitter and Facebook. Or get involved with an official organization like Junior Achievement or the Collegiate Entrepreneurs' Organization.

The coolest thing about mentoring younger people is while in the past, the relationship might have been more one-way, today's young women have a lot to teach older entrepreneurs about technology, social media and more.

If you get involved with mentoring, you'll gain as much as you give.

Mentoring Photo via Shutterstock




12 Major Turnoffs When Hiring Virtual Employees

What's a major turnoff to you (on a resume or in the interview) when hiring virtual team members?

The following answers are provided by the Young Entrepreneur Council (YEC), an invite-only nonprofit organization comprised of the world's most promising young entrepreneurs. In partnership with Citi, the YEC recently launched #StartupLab, a free virtual mentorship program that helps millions of entrepreneurs start and grow businesses via live video chats, an expert content library and email lessons.

 

1. Employment Instability

Running a recruiting firm for the past six years, I've come to notice that employees who work virtually are more prone to not working out, whether it be performance-based problems or simply lack of interest in the job. Therefore, I would suggest that any hiring company avoid a resume of a candidate that has a track record of not holding positions for extended periods of time.

- Ken Sundheim, KAS Placement

2. Bad Communication Skills

Being able to communicate effectively is key to projecting your image as a brand. Candidates must have strong written and verbal communication skills in order to properly represent your brand. Poor English, grammar, or simply careless spelling mistakes are a major turnoff. And due to our fast-paced society, they are more prevalent today than ever.

- Richard Lorenzen, Lorenzen Capital

3. What's in It for Me?

It's a subtle thing, but when potential team members write a cover letter full of how much your company is perfect f or them, I think it sends the completely wrong message. Instead, it should be all about what they can do for the company. After all, you're hiring to grow your company, not improve the prospective employee's cocktail conversations!

- Derek Flanzraich, Greatist

4. Ridiculous Availability Requests

When a virtual team member goes beyond communicating availability for a position to dictating the days and times acceptable for meetings, it's a red flag for me. Online work is more flexible, but you wouldn't dream of telling a corporate boss, “Tuesday meetings don't work for me, I want Saturday meetings instead.” Setting boundaries in a professional manner is a sign of maturity.

- Kelly Azevedo, She's Got Systems

5. Awful Email Addresses

I'm an email address snob. I expect anyone applying for work to have a professional-sounding email address (ideally their name) - no ‘baby...@aol.com's need apply. But if the person wants to work virtually, I also take a look at their email service provider. Something at AOL or Hotmail sends me the message that I'm not dealing with someone particularly web savvy.

- Thursday Bram, Hyper Modern Consulting

6. Lack of Virtual Experience

If they haven't worked in a virtual environment before, it is a turnoff because it isn't meant for everybody, and I prefer not to be your first experiment. The one exception is if they have something in their resume where they worked autonomously in a previous venture. It takes an independent spirit and someone who is a self-starter to be a great virtual hire.

- Raoul Davis, Ascendant Group

7. Where's the Passion?

If someone isn't clear on why they want to work for my company specifically and why they're passionate about what I'm doing, it turns me off. With a small company, every hire is so incredibly important, and you need those people to be completely “bought in” to what you're doing.

- Megan Berry, LiftFive

8. Being Unprepared

Asking potential employees what they like most about the company during their interview is a great way to find out how much time they've already dedicated to you and the opportunity. Walking into an interview without having done any research means they're likely to put in the same limited effort while sitting in your office - or that they don't know how to use Google!

- Erika London, iAdventure.com

9. Poor Email Response

Before I schedule an interview with a potential virtual team member, I test their email communication abilities. If that potential team member cannot properly send me a calendar invite or does not answer questions via email in a concise and organized way, then I will not proceed and schedule the interview.

- Jun Loayza, Lion Step Media

10. No Attention to Detail

We weed out tons of applicants who don't pay attention to the details. Our employment ads specify that certain details should be included, for example, links to Facebook and LinkedIn accounts. People who neglect to include the information specified are automatically eliminated. The rigor of the process continues as the applicant progresses through subsequent rounds.

- Nick Reese, Elite Health Blends

11. What an Ego!

To be successful, startups need to find talented individuals with high value to build a team. That being said, you must make sure to focus on team's chemistry in order to make the team work. If someone has awesome skills and is super talented, but has an abrasive personality, you should pass. I'd rather hire someone who wants to know it all, rather than some who already does.

- Lucas Sommer, Audimated

12. Not Following Directions

I hate it when I give specific instructions about the application process and the applicant does not follow them. It makes me think that I am going to have a hard time training them when the real work begins. Anyone who doesn't follow the initial directions gets cut immediately from the rest of the application process.

- Lawrence Watkins, Great Black Speakers



Tech award music to Maire\'s ears

US accolade a great confidence-builder, says Fusion chairman

Sir Peter Maire says a top award his latest technology venture has scooped in the United States is the honour he always wanted to win for Navman, the navigation device maker he sold in 2004, but never achieved.

Auckland-based Fusion Electronics has won the 2012 National Marine Electronics Association award in the US for its Fusion 700 marine stereo entertainment system.

"It means a lot," Maire said from Las Vegas, where he was attending a trade show. "It is the highest technology award that you can get in the marine industry in the technology area."

He said the award was typically won by one of the major navigation brands.

"So for a little company like Fusion it really is quite a big accolade," Maire said.

"It's a real confidence builder for our partners, customers and particularly our international sales team."

When Maire bought into Fusion, which he now chairs, about three years ago he diverted the company's focus away from home and car entertainment electronics.

"We had so many good designers from Navman working at Fusion so I knew we could use that horsepower to really drive up a robust business," Maire said.

The company now supplies its marine technology to more than 50 of the world's leading boat builders, including Regal, Hanse, Senseeker and Princess.

Maire said the Fusion 700 system, used on boats, had been in development for the best part of three years and was "a pretty remarkable piece of technology".

It had multi-zone capability - the equivalent of multi-room in a house - and apps had been developed that allowed users to control the system from a smartphone or iPad, Maire said.

"It's one of the most complex products I've ever developed, more complex even that what we did with Navman when we did car navigation."

Maire said it was the kind of innovation that made Navman a great company.

"With this single step, we've aligned with the world's major marine electronics companies like Garmin, Navico and Raymarine."

Navman, which Maire established in his garage in 1986, was sold to North American group Brunswick for $108 million.

Brunswick later broke up the navigation technology maker's divisions and sold them off separately.

Maire's disappointment about Navman's fate is well documented and last month he told the Business Herald that selling the company was the worst thing he ever did.

Fusion, which conducts its research and development in Auckland and makes its products in China, also produces technology for petrol stations.

Maire is estimated to be worth $65 million and is Fusion's main shareholder.

'China bashing'

America's accusations against Huawei are just an attempt at limiting the Chinese telecommunication giant's success, says Sir Peter Maire.

The Navman founder is a director of Rakon, which signed a technology partnership with Huawei in August and also does business with ZTE, another China-based telco.

The United States House Intelligence Committee has warned US firms not to do business with the two Chinese companies over fears of spying and corruption, and links to China's Government and military.

"I think what's going on here is China bashing," said Maire. "It is just a means to limit their [Huawei and ZTE's] success in the market."

It has been suggested that firms aligned with Huawei could face difficulties doing business in the US.

But Maire said he did not see any risk for Rakon.

By Christopher Adams Email Christopher

RSA Conference: \'Fixer-developers\' for web applications needed

It is a fantastic time for companies to build security into the cloud, but they have big challenges over web apps, particularly around finding people skilled to deal with fixing vulnerabilities.

This was a major message from Qualys chairman and CEO Philippe Courtot, speaking at a RSA Conference Europe 2012 Keynote. He said cloud computing, with its computing power, storage and control capabilities, brought both opportunities and challenges for IT security.

He said: "We have a fantastic opportunity as security professionals to sit at the table and of a CIO and really build security into the cloud. That's a unique opportunity that doesn't come often. This is the time for us to embrace the technology."

Courtot warned the speed of development, particular over web applications hosted over the cloud, was causing problems. Speaking to a roomful of security professionals he talked about the complexity of dealing with web apps, with Java and JavaScript huge attack vectors.

"The problem with web applications is that they are created by people, at an extremely fast speed. That speed itself creates a problem," he stated. 

"You have to analyse the vulnerabilities of these apps and understand attacks, at a very fast speed. We don't have that time anymore. It's a huge challenge."

"You won't find good engineers interested [in fixing vulnerabilities]. It's a waste of their talent. I think there is a need for new tools to remediate these apps, creating a new generation of what I call fixer-developers."

"People who have good engineering skills, but are also passionate in ensuring web apps are well-written. I believe you will never get the engineers who are coding spending an amount of time fixing bugs."



Reaching Out To Departed Customers For Recovery

Every business has customers who have departed.  There are a variety of reasons that prompt departure. How you react to the departure will either validate that they left for a good reason or begin the process of bringing back that customer and that customer revenue.

reaching out

Follow these five steps below to identify and regain customer trust and relationships:

1. Track Customers Who Have Departed

Most companies only track customer retention as a percentage of their business. They often don't get down to the number and the actual customers who have departed. This effort must be about caring about the customers who left, not just the percentage or how they impact your balance sheet.

So, the first step is to quantify the volume of customers and the volume of business that departed. This can be done monthly or quarterly, depending on the volume of your business model.

2. Segment and Identify Those Who Departed

All customers who have departed, especially if you have a high volume business, are not contributing the same value to your business. Now you need to make some hard decisions. Segment the customer base of departed customers and then determine which customers you will reach out to for recovery.

3. Reach Out to Customers with Respect, Reason and Reconciliation

Once you know who you want to save, reach out to them with a phone call. My suggestion is to have two groups within your company make the calls.

First, executives should call a handful (1-10) of departed customers in every “rescue” cycle. These calls keep them close to the issues that are driving customers out the door.

The second group is a specially prepared group of people who are trained in a recovery conversation with the customer. This is not a sales pitch. The first part of the conversation is apologizing that the customer left. The second part is listening, intently to the customers' explanation.

The third part is diagnosing and verifying back to the customer why they departed, and cataloging this information for the company.

The fourth part is extending support and immediate assistance in resolving the issue.

Finally, there should be an offer (not a pitch) extended to the customer to bring them back. These skills need to be developed and this can be a very rewarding project for your best call center folks, or for exceptional managers within your company. I would not outsource this step.

4. Categorize Reasons for Departure and Take Action

After the calls, there is a major opportunity for your company to identify the issues that came from all of the calls, and then trend and track these issues. By attaching them to the revenue of the departed customers, these issues can also be prioritized. Within the second session of customer recovery, the most critical issues will emerge and there will be no question what you should focus on.

There may also be opportunities that arise from these calls about the frontline service that can provide immediate and specific feedback to the frontline that served the customer and potentially contributed to the customers' departure. Creating a closed loop process for this feedback is very potent since very specific information usually comes out of these calls for coaching.

5. Put Returned Customers into “Intensive Care”

Once a customer has agreed to come back into your business, to be rescued, keep an eye on them. Conduct a review every six months of their experiences, tracking customer service calls, purchasing, support and other indicators which will identify the health of the restarted relationship. Then reach out again.

Your close attention will not go unnoticed.

Results You Can Expect from Customer Recovery

The process of customer recovery has been fruitful in every vertical business where I have seen this practiced. In financial services, with high levels of customer departure, we experienced as high as 30% customer recovery. We also achieved an improvement in frontline service as the feedback gleaned from these calls was provided immediately to the managers of account reps serving customers who departed.  In an automotive client, we experienced 10-15% return for service work following calls and rescue efforts to customers who had lapsed.

The key is to ensure that there is a planned process to contact, resolve and reconcile the issues with the customers who have departed. There must also be an intention and commitment to fix the issues which pushed the customers out the door. The focus must be to fix the customers AND to fix the company.

In this way, the customer rescue process brings back in revenue and prevents future revenue from departing from your business.

Companies that do a great job of winning back departed customers will frequently have a stronger relationship with customers as a result.

Reach Out Photo via Shutterstock




9 Tips To Help Your Bottom Line Go Ballistic During The Holidays

If you're a shopper you couldn't have helped but to notice the Christmas decorations going up in stores after Labor Day (in a few places, anyway). No matter how early you start your holidays promotions and how well your business plans, the more you prepare the less ready you feel. We recently had a chance to talk with Fred Lizza, CEO of Dydacomp, to pass on tips on preparation and practices.

The bottom line is, of course, the bottom line. “For some retailers,” says Mr. Lizza, “40 percent of their annual sales occur in the last two months of the year. It is essential that retailers start preparing now to ensure that they can effectively scale their operations to get the most out of the busy holiday season.”

Mr. Lizza suggests three steps to help increase this during the holidays:

  • Start Early. This seems to happen earlier each year, but it's suggested that you start advertising your sales and any specials around late October instead of waiting until you're on the verge of the season.
  • Have Back-Up Plans. Have a plan or two in the wings waiting to be deployed if your sales slip or start to trend down. Consider advertising, coupons, and other deals.
  • Be Visible. Make it easy for your customers to find your company, your coupons, your discounts, and your promotions. If they find them, they'll very likely use them.

When it comes to your website, there are some good tips to keep in mind during the holidays as well:

  • Minimize Updates. Better yet, eliminate your site's updates over the six-week period that follows Cyber Monday. This will remove any chance of your customers being frustrated and looking elsewhere. If you have to perform updates, do it between 3 a.m. and 8 a.m.
  • Test, Test Again, and Re-Test. Any special holiday-themed changes to your site should be tested multiple times. Ensure your site works across multiple browsers. Have back-up site plans in place in case something goes wrong.
  • Prepare for the Best. Ensure your site can handle large numbers of shoppers on it at the same time. There are plenty of third-party software out there that will test your site's load capacity, such as LoadStorm. More info can be found in the Performance Testing blog.
  • Upgrade. Now that Adobe has phased out support for Flash, look to other solutions, such as HTML5.
  • Organize Your Data. Ensure your product descriptions, codes, prices, and inventory counts, to name a few, are all up to date. Bad data can mean lost sales.
  • Communication. Ensure your suppliers' contact info is available, including hours of operation and people you should get a hold of when you need something.

The Carolina Cookie Company utilized the services that Dydacomp offers to help automate the back end of their ordering systems, allowing them to bake, pack, and ship cookies the same day they were ordered â€" allowing them to easily meet the increased demands of holiday sales. You can read all about the Carolina Cookie case study to see for yourself and by embracing at least a few of the tips we've noted above, you too may find yourself better prepared, and a little less stressed, this coming holiday season.



Rapid7 acquires Mobilisafe to assess mobile device risks

Rapid7 has acquired Mobilisafe, a fledgling Seattle-based mobile security firm that assesses smartphones and tablets for known platform vulnerabilities. Terms of the deal were not disclosed.

You can tell if a device is out of date and inform employees to get their devices updated.

Dirk Sigurdson, CTO, co-founder, Mobilisafe

Boston-based Rapid7 sells the Nexpose vulnerability management software and maintains the Metasploit pentesting platform. Mike Tuchen, CEO of Boston-based Rapid7 said the firm saw Mobilisafe as an opportunity to expand its reach into assessing the risks posed by mobile devices.

"Now customers can get a unified view of the rest of their network vulnerabilities with their mobile device vulnerabilities," Tuchen said.

The Mobilisafe software is capable of being deployed in 15 minutes across the entire organization without requiring agents on devices. Mobilisafe integrates with Microsoft Exchange and Active Directory servers, collecting incoming traffic from devices when they attempt to connect to receive email, contacts and calendar items. The software determines whether device firmware needs updating and then assigns a risk score based on the known platform vulnerabilities.

Dirk Sigurdson, CTO and co-founder of Mobilisafe said the firm maintains a database tracking the availability of firmware updates for over 650 devices. Mobilisafe is focused on device firmware and carrier customizations primarily in the United States, he said. The software also has the ability to tap into the basic security controls in Microsoft ActiveSync, ensuring passcode protection, remote wipe and encryption capabilities.  

"You can tell if a device is out of date and inform employees to get their devices updated," Sirgurdson said.

Sigurdson said the software is commonly used by exchange administrators. A centralized console shows the devices connected to the network, the risk status posed by devices and enables administrators to drill down to assess the risk posed by single device owner. Policies can be set to block access to Exchange or simply send an email encouraging users to upgrade the device firmware.

The software doesn't assess the risk posed by a poorly written mobile app and cannot detect a malicious or Trojanized mobile application. Rapid7's Tuchen said the firmware is a great place to start because malicious applications would typically attempt to exploit vulnerabilities in the firmware, using platform resources to steal malicious data.

Other security firms focus on mobile application security

Security giant Symantec announced integration plans this week for its acquisition of Nukona. The mobile device management vendor focuses on application control, enabling enterprises to sandbox some third-party mobile apps and set security controls on them. Symantec said this week it is reaching out to other third-party vendors in an effort to expand the functionality to wider variety of apps. The Nukona name is being phased out with the unveiling of Symantec Mobile Management Suite, which contains device and asset management functionality.

Application security testing firm Veracode Inc. extended its mobile capabilities this week, acquiring Marvin Mobile Security. Burlington, Mass.-based Veracode said itwould integrate Marvin's mobile app analysis service for enterprises and mobile carriers. Marvin provides a web-based service that tests mobile apps and provides data on the app's capabilities and behavior, including malware detection, the potential for data leakage and privacy loss.




Rapid7 announces acquisition of mobile risk management vendor Mobilisafe

Rapid7 has announced the acquisition of mobile risk management vendor Mobilisafe to add visibility of mobile threats to its portfolio.

Speaking to SC Magazine, Rapid7 CEO Mike Tuchen said that he always felt that bring your own devices (BYOD) solutions should and could be done securely and as more and more employees are allowed to bring personal devices to work, the challenge for business is to have visibility of the threats.

He said: “It is a question of how to do BYOD securely and how secure are devices? What needs to be upgraded to be secure? In keeping with our vision of helping companies view threats and prioritise risk, we are taking targeted action on improving security.”

According to Mobilisafe, it offers a cloud-based risk management solution that enables users to view threats across their mobile assets, offering visibility, management of each device connected to the network and the ability to define and deploy policies that mitigate mobile risk, such as blocking devices with a low TrustScore from accessing the network or wiping all data from lost devices.

Financial terms of the acquisition were not disclosed.

Tuchen said the addition of a mobile capability was a natural step for Rapid7, as it is about managing and prioritising risk but expanding the offering to mobile devices. “It is about getting visibility into what is out there and the risks and it is a natural extension of what is not covered,” he said.

Giri Sreenivas, CEO and co-founder of Mobilisafe, said the solution was about three layers: what devices are doing; visibility into risks via characteristics; and enforcement of security. He said: “We are very excited to join Rapid7 as they have done a phenomenal job in their space and they have got great products with Nexpose and Metasploit and as we look at the complexities of security, we can see mobile as one of the most complex.”



Microsoft issues one critical patch and seven important on October\'s Patch Tuesday

Microsoft released seven patches yesterday to address 20 vulnerabilities, with one critical flaw addressed.

The flaws covered included elevation of privilege, denial-of-service and remote code execution and follow Microsoft's announcement about the rejection of certificates with fewer than 1024 bits.

The critical patch is MS12-064 and it fixes two vulnerabilities in Microsoft Word and applies to all versions of Microsoft Office. Wolfgang Kandek, CTO of Qualys, said: “It addresses a vulnerability that can be exploited via a malicious RTF formatted email through the Outlook Preview pane without having to open the email.

“Since the development complexity of an attack against this vulnerability is low, we believe this vulnerability will be the first to have an exploit developed and recommend applying the MS12-064 update as quickly as possible.”

Ziv Mador, director of security research at Trustwave SpiderLabs, said: “A specially crafted RTF file could allow an attacker to take complete control of a system to install their own programs, delete data or even create new accounts. The vulnerability is present in most versions of Microsoft Word 2003, 2007, 2010 and even SharePoint Server 2010 SP1 and is caused by how Word handles memory when parsing certain files.

“This one can be a little tricky because Microsoft Word is set as the default mail reader in Outlook 2007 and 2010, which means that an attacker could leverage email as the attack vector to get you to open the specially crafted RTF file. This vulnerability has been hidden away in a dungeon and has not yet been seen in the wild.”

The remaining six patches are rated as important. Mador said he was surprised to see a fix for Microsoft Works, but MS12-065 fixes a remote code execution flaw. “If you are using Works 9.0 you will want to pay attention to this one especially if you try to open Microsoft Word files with your version of Works. When Works attempts to convert a Word file it can potentially cause system memory corruption that could allow an attacker to execute arbitrary code,” he said.

MS12-066 addresses an XSS vulnerability in Microsoft's SafeHTML library that is in use in a number of products, including Microsoft SharePoint and LYNC, Microsoft's IM client.

Paul Henry, security and forensic analyst for Lumension, said: “MS12-066 is an HTML sanitisation fix. There have been limited active attacks on this in the past, but most of it was handled in a previous bulletin. This cleans up the vulnerability code that was left out and cleans up the HTML sanitisation component in Windows.”

Kandek said MS12-067 is another instance of a vulnerability introduced by the Oracle Outside-In library. “Oracle addressed a number of critical vulnerabilities in that library in its last CPU in June 2012, and now all software vendors that had embedded a version of this vulnerable library need to provide updates to their products,” he said.

“This instance is a non-default, paid add-on to SharePoint that provides document indexing capabilities. An organisation could be exploited if the add-on is installed and if an attacker is able to upload a malicious file into a SharePoint server.”

Jason Miller, manager of research and development at VMware, said: “This is the second time this year we have seen Microsoft release a security bulletin for vulnerabilities that exist in Oracle's software. Microsoft SharePoint servers with Fast Search 2010 use Oracle's Outside-In libraries code in their product. We could be seeing different software vendors working more closely on security vulnerabilities in shared software code.”

MS12-068 fixed an elevation of privilege flaw in the Windows Kernel. Mador said: “This is a classic elevation of privilege requiring an attacker to already have access to a system either through legitimate credentials or some other vulnerability. Once inside, an attacker could use this vulnerability to gain administrator level access.”

MS12-069 applies to Windows 7 and Windows 2008 R2 and addresses a DOS-style vulnerability where a specifically malformed Kerberos packet can crash the target machine. Henry said: “This is a DOS issue that affects Windows Authentication for DOS. If you're accepting Kerberos for Windows authentication, then you are vulnerable to this DOS.”

Finally, MS12-070 fixes an XSS vulnerability in one of the reporting modules of Microsoft SQL Server. Kandek said: “An attacker could use it to gain information about the SQL Server installation and would have to convince an SQL Server administrator to click on a link that contains the malicious XSS code.”



Social Media Myths Worth Debunking

Sometimes when we don't understand the true potential of something, we tell ourselves it doesn't matter. And then we come up with all sorts of reasons as to why it doesn't matter to justify our in action. I'm not saying you would ever do this, but others do. Below are some myths I've heard about social media that I think need some debunking. Because, really, we're all smarter than that.

unicorn

Tell me if you've heard this one…

Myth 1: Social Media Is A Fad

Ah, yes, the old fad myth! The notion that eventually we will Facebook and tweet ourselves sick and no one will be interested in these sites anymore. And that may be true. There may come a time when Twitter and Facebook are no longer. But even if the social media sites we are using today die, the behavior is here to stay.

The 2012 Local Search Study found that the number of people using social media to look for local business information has increased 67 percent since 2012, bringing it to 15 percent of users. That represents a 3x growth from where it was in 2008.

This is not a fad. It's a new pattern of behavior as users are using the information they find about your business online to make buying decisions offline. If they can't find information about your business via social media, you may not even enter their buying decisions.

Myth 2: My Customers Aren't On Social Media

As of February, 66 percent of online adults were said to be using social media sites. The numbers continue to grow.

As of August:

  • 12% of online adults say they use Pinterest
  • 12% of online adults say they use Instagram
  • 66% of online adults use Facebook
  • 20% use LinkedIn
  • 16% use Twitter

And just last week it was announced there are now one billion users are Facebook.

The numbers show that your customers probably are on social media. If you don't know where they're hanging out â€" ask them. Ask them in person, put an insert in a local mailer, use the “find a friend” feature on many social media sites to see if customer addresses pop up.

Myth 3: My Teenage Daughter Can Run My Social Media Campaign

Did you hear about the social media trouble KitchenAid recently found itself in due to an accidental tweet? These are the things that happen when you're not careful about what your brand is doing on social media. Just because your daughter or son is constantly on Facebook or Tumblr for personal use doesn't mean they have the maturity, the insight, or the strategic thinking for business use of social media.

Someone needs to be driving the bus to create a strategy, determine metrics, to understand how to maturely deal with critical customers, etc. If you wouldn't let someone answer the phones in your business or speak directly to your customers, don't give them the keys to your social media channels either. It's the same thing.

Myth 4: Social Media Is Dangerous â€" People Will Say Bad Things!

I'm not going to lie to you. People might use social media to complain about your business or say things that will be difficult for you to hear. But wouldn't you rather be on social media to hear what you're saying than to close your ears and ignore it? I would. Studies have shown that NOT addressing customer complaints does more than hurt your reputation - it actually sends customers to competitors.

According to the Harris Interactive/Right Now Customer Experience Impact Report [PDF]:

  • 89% of consumers began doing business with a competitor following a poor customer experience
  • 50% of consumers give brands a week to respond to a question before they stop doing business with them.

By getting involved in social media, you have the chance to spot these types of situations before they grow out of control and begin to harm your business.

Myth 5: Nobody Cares what I Think

Here's the thing, if you use social media to simply broadcast information about yourself or your company, you're probably right. However, if you use it to respond to customer service complaints, to share valuable information, and to make your brand of a hub for your industry, people will care. They'll actually care very much.

Don't use social media to constantly talk about yourself. Use it to learn about what your customers want, to improve what you offer them, and to become part of the larger industry. These are the uses that make social media beneficial to SMBs and which attract people to the brand.

Those are some of the most common myths I heard about social media from small business owners. What are some of the things you're fighting against?

Unicorn Myth Photo via Shutterstock




Don\'t Forget Your Local Customers When Marketing Online

An astounding 33.4 percent of SMBs have local phone numbers listed on their company website, according to a recent SMB DigitalScape study. Only 22 percent have an e-mail address on their website. This oversight highlights a problem with today's small business, who has been increasingly urged to shift advertising and marketing efforts online. However, for small businesses that rely on local traffic, it's important to find ways to get the word out to those closest to you. Local.com is offering a solution.

Launch by Local is Local.com's online solution to reaching people in your own neighborhood. While there are many other online local marketing solutions (Yelp, Reach Local, etc.), Launch by Local offers a far more comprehensive service.

“Because this is built into our own platform, we're able to offer it at an incredibly low price as compared to our competitors, yet with very high gross margins,” states Heath Clarke, Local Corporation's chief executive officer. “We plan to grow our direct sales force in order to sell Launch by Local at larger scale, and also intend to increase the number of sales channels using the product. We're excited with the performance thus far and look forward to reporting growth in our direct Launch subscriber numbers in future periods.”

With prices starting at only $249, small businesses can be up and running within ten business days. Launch by Local offers listings in at least thirty places, including websites, mobile, banner ads, banner listings, and content. Additionally, Launch by Local can provide SEO, lead generation, and loyalty/rewards programs that can keep customers returning to your business over and over again.

Launch by Local focuses on helping small businesses in three ways:

  1. Increasing Web Presence
  2. Reaching More Customers
  3. Engagingt with New and Existing Customers

Clients work directly with Launch's marketing staff, who will develop a customized marketing plan. From that point forward, clients can track progress of campaigns via Launch's dashboard customized for that client.

Local.com began when its CEO went online to find a product locally and was unable to find anything. His mission was to find a way to help bring customers and local businesses together. Through Launch by Local, Local.com gives businesses the boost they need to have a clear online presence.

Reach Search offers a similar service, assigning clients an internet marketing expert who helps place search engine ads and display ads. The cost is customized to each campaign, but according to data by the United States Securities and Exchange Commission, for every $100 your small business spends on its Google campaign budget, Reach Local takes $50.96.

One of the best ways to determine your business's local reach is to do a search for yourself by entering the type of service you offer. If your business isn't prominently featured when customers in your area search, you're likely losing out to competitors.

Additionally, you should do a thorough inventory of your business's website. Customers must be able to easily find out the information they needâ€"your prices, your operating hours, your services, and, especially, a phone number and e-mail address to contact youâ€"without drilling down too far into your site.



RSA Conference: Rock star says to expect a new wave of Anonymous

Rock star Alec Empire, frontman of controversial band Atari Teenage Riot, warned that Anonymous has only just completed its first chapter, and that a new wave of members would be coming to raise arms.

RSA Conference Europe saw the musician, known for supporting the anarchist movement, claim that another ‘wave' of Anonymous was coming. He said, “I see it like this. I think it's the first wave. It's almost like the first chapter has closed. There's another wave coming from a lot of people outside that circle, like artists, students and activists.”

The German star said that people were joining Anonymous because for example, institutions such as news networks are being widely manipulated, and that they wanted to expose lies.

He said: “I think they see a fake democracy. I've seen it often people asking why they should be voting for Obama or Romney, because they are the same thing.

“We witness Anonymous Twitter accounts during a debate bringing this up. A lot of people believe that certain people are in power which hasn't been earned.”

Empire was invited to RSA Conference Europe to discuss Anonymous with a panel including University of Surrey computing professor Alan Woodward, who was more dismissive of the group. “My issue with hacktivist groups in general is that the internet has given them the ability to have a disproportionate voice, and that brings responsibilities," he said.

“My trouble is, I don't know who's given them the mandate to do this. I'm the first to admit democracy isn't perfect, but this is such an amplification of their voices, thanks to the internet. It's disproportionate.”

Woodward felt that Anonymous distracted people away from real threats, such as criminals and nation states that he felt deserved more attention from the media at large. He said of the group, “Anonymous is like a noisy child. They're the ones who get the most attention.”



Verizon adds mobile device management capabilities into enterprise mobility solution

Verizon has expanded its Enterprise Mobility-as-a-Service technology to provide support for applications, access options and devices including smartphones, tablets and laptops.

According to the company, the product's offering include a secure workspace to separate and protect professional data on both corporate-issued and employee-owned devices and mobile device management.

It said that it is easier for IT managers to secure both mobile and stationary computing devices by automatically pushing software updates, IT policies and patches across a global enterprise workforce. Verizon also claimed that the service provides up-to-date, detailed inventory reports on all hardware, software and devices on corporate-owned equipment.

Employees can download authorised enterprise apps via a self-service portal to enable the adoption of multiple services.

Bill Versen, director of mobility solutions for Verizon enterprise solutions, said: “Until now, companies have had to cobble together the essential requirements to employ effective enterprise mobility policies and programs. With Enterprise Mobility-as-a-Service, companies can leverage a single user-based management platform to outfit a global workforce to successfully navigate the changing business landscape for greater productivity.”



RSA Conference Europe: No real solutions yet for mobile handset security

A former chief IBM security strategist has said that the security industry has not yet hit upon a real solution to protect mobile handsets from hackers.
 
Speaking at the RSA Conference Europe in London, Gunter Ollman, now vice president of research for Damballa, said that although the security industry has done really well in protecting the desktop, mobile protection isn't going to be any easier.
 
He said: “The fact [is] that you have end-users [who] have more access control than administrators in an organisation, the ability to download applications outside of the enterprise network, [and] erosion of perimeter defences. The strategy had to change from protecting what you can, into detecting when something does go wrong and having processes to immediately shut down the handset.”
 
He did reveal a snapshot of research that Damballa was working on with a US telco, which focuses on the criminals behind attacks and sugg ested that the mobile security threat might not be as dangerous as reported in the past.
 
Comparing data from previous security research from other companies, he said: “We're just not seeing that level. The number of handsets compromised and engaging with bad guys is considerably small.”
 
But he was clear that mobile threats were evolving, generally changing and modifying themselves to chase where the money is. But the criminals behind it don't.
 
Ollman said: “We're seeing the same bad actors. The same bad guys running the same crime routes on the operating system and mobile side. As they continue to develop malware, they are using the same protocols and destinations. That's good, because at least it gives me attribution around who the real bad operators are.”

Twitter Buys Vine, Plans Video Feature

For some time, experts have extolled the virtue of both online video and social media for business marketing and communications. Recent news suggests that one of the most popular social media channels will soon offer video as part of its service. What remains to be seen is how the new feature will change the way businesses use social media and video to market, communicate, and network.

Seeing is Believing

Tweet this video. Of course, Twitter users have long been able to share video, usually by posting it to YouTube, Vimeo Twitvid, or another third party host, but news that Twitter has just bought Vine, a tiny video-sharing startup, suggests the company's ambitions may go much farther than simply supporting these third party options. Business Insider

Twitvid beware. The new plan could be bad news for Twitvid and a handful of other third party video hosts like yFrog, Mobypicture, and Vodpod. Up until now, Twitter has nurtured such third party developers that give its platform an additional video dimension, but now seems intent upon bringing video features in-house, possibly for the opportunity to sell advertising on video content. Venture Beat

The Medium is the Message.

Speaking their language. If you haven't started using video for your online business yet, Paul Farrell of Frederick Digital Media can give you some idea of what you could be missing out on. Customers like this medium with Web video increasing the likelihood of purchase by 145 percent and decreasing the likelihood of product returns by 45 percent. Wood Street Inc.

Choosing what to say. Once you've decided to use video for your business, the next decision becomes choosing the message you will communicate. Laura Jennings, a marketing professional with Fountain Partnership in the U.K., has some suggestions for the most effective messages to use with video content. They include testimonials, instructional videos, and more. Have a look at the full post. True to Business

Staying Connected

The ties that bind. While contemplating how you could use video in social media, it might be a good idea to review what constitutes the most effective social networking. Small business and marketing blogger Daniel Kehrer offers these tips on how to make your connections count. BizBest

Power user status. There are, of course, other social media channels besides Twitter, and each platform comes with its own features and standards for helping you connect with others both in your niche and beyond. No matter what overall message you are trying to communicate, be sure to become knowledgeable about the differences between these networks. Here Cendrine Marrouat gives us tips for LinkedIn best practices. Creative Ramblings

Tarnishing your brand. Using social media poorly, whether sharing video or some other content, may have its consequences too. Just look at the results of a recent study shared by blogger Kimberly Crossland showing what might cause people to unlike your brand on Facebook. Bad behavior on all social media platforms, as during live networking events, can cause censure and damage to your brand. Make sure your efforts don't hurt your business. The Savvy Copywriter