Atlanta…We\'re Heading Your Way Next With The Small Biz Tech Tour!

The 3rd Annual Small Business Technology Tour 2012, produced by Smallbiztechnology.com, is in full swing with small business owners in four cities already well on their way to growing their business with the great information they learned during the full day event.  Now we are gearing up to arrive in Atlanta, GA on Thursday, November 1st, where we'll be taking over The Loudermilk Center â€" Atlanta Conference Center and equipping more business owners with the tools they need to grow their business and head for success in 2013!

 

 

Join our very own Ramon Ray, Technology Evangelist and Editor of Smallbiztechnology.com, along with great keynote speakers and industry professionals for this full day event is filled with TONS of learning on topics geared to helping small businesses grow.  Topics include:

  • How Small Companies Can Do Big Things With Technology
  • Are You Leveraging Your Superfans?
  • 7 Steps: Dating Your Leads. Marrying Your Customers
  • The Power of Video: Why Every Business Should Be a Video Producer

Thanks to Intel, our tour sponsor, we have a few complimentary tickets available for the first 10 people to register with the code RamonVIP. You can use the code and REGISTER HERE.

Visit the tour website to see the full list of speakers and agenda for each city.

We hope to see you on the tour!!



Big Advice for Small Business from Twitter\'s Biz Stone

There are few businesses bigger than Twitter, but co-founder Biz Stone recently dished up some excellent advice for small business owners.

While Twitter is now valued in the billions, it was still just a small “side project” as recently as 2006, and didn't begin to take off until 2007. So Stone still knows what it feels like to be an entrepreneur betting his future on the fate of a startup.

Speaking this week at the Public Relations Society of America's International Conference in San Francisco, Stone pointed to passion, creativity, moxie, and a focus on customer service as keys to success for businesses of any size.

Stone recounted the plot of Wim Wenders' movie Wings of Desire, in which an angel was willing to give up immortality just to know what it felt like to be human. The protagonist was willing to make the ultimate sacrifice-death-just to pursue his passion.

Stone likened this to the path of the entrepreneur, who is willing to put everything on the line to pursue his/her passion.

“In order to succeed spectacularly, you need to be willing to fail spectacularly,” Stone told the audience. “That's the entrepreneurial spirit.”

Of course, he added, that doesn't necessarily involve killing yourself.

Passion alone doesn't cut it. Success requires hard work and a willingness to create opportunities out of thin air.

Stone told the story of his efforts to make a varsity sports team in high school. He went out for football and baseball, but found the rules way too confusing. Not having played organized sports as a kid, he was well behind the other guys going out for the team, and quit.

He then did some research and thought lacrosse might be a great game for him to play. Unfortunately, his high school didn't have a lacrosse team. He petitioned his school to start one, and the powers that be told him if he could put a team together, then they would support a club team. Stone, through sheer power of will, found enough students willing to play, organized a team, and turned out to be an excellent lacrosse player.

“I figured if everybody was as clueless as I was, then it would be an even playing field,” he said.

Stone did the same thing with his first job. During college, he worked for the publisher, Little Brown, where his main responsibility as a gofer was “moving boxes around.”  At the time, the Little Brown design team was fairly clueless as to how to use Mac computers for designing, and Stone, a longtime Mac user, knew he could do a better job than the designers currently on the payroll.

One day, the entire design team went out to lunch and Stone jumped on the opportunity. He logged into one of the designer's computers and used his skills to design a book cover.  Stone slipped in his design with the other proposed designs and his was ultimately chosen. When the head of the department asked who had done the design, Stone raised his hand.

“The box boy?” the boss asked incredulously. Immediately thereafter, Stone was offered a job as a designer.

“The real takeaway is that opportunity can be manufactured,” Stone said. “Circumstances can be arranged by you.”

Another key for small businesses, Stone said, is the need to be focused on customer service. Twitter hired its first head of customer service when there were only 16 employees. It would be another three years before they hired their first salesperson.

When using Twitter as a customer relations tool, Stone advised businesses to spend “a good amount of time” listening to what people are saying about your brand.

“Look what's being said about you before you begin to respond,” he advised. A simple Twitter search of your brand or your executives, Stone said, can give you a good feel for the sentiment about your brand.

The final, and perhaps most important lesson for entrepreneurs is that you have to love what you are doing or else you are wasting your time.

“If I was working at a job I didn't feel was worthwhile I wouldn't be happy, and eventually I'd do a bad job,” he said.


Key to Success Photo via Shutterstock




MiniFlame spyware extremely targeted, but could pose future threat

Security researchers investigating the Flame malware toolkit have uncovered a new malware component designed to be used for extremely targeted attacks.

Enterprises need to get ahead of the problem instead of being in the reactive mode.

Avivah Litan, vice president, Gartner Inc.

The newly discovered SPE malware, or miniFlame, connects Flame to another attack toolkit believed to be used in nation state-sponsored cyberespionage called Gauss because of its ability to work with both modules, according to researchers at Russia-based Kaspersky Lab. The connection is not the first Kaspersky researchers have uncovered between Flame and other malware. The security vendor discovered in June that Flame had shared source code with Stuxnet.

"The SPE/miniFlame malware is unique in a sense that it can work either as a stand-alone program, as a Flame plugin or as a Gauss plugin. Essentially, it is a link connecting the Flame and Gauss projects tighter, while remaining independent of them," according to the technical paper about miniFlame, published by Kaspersky this week.

While the threat of being targeted by advanced malware such as Flame or Stuxnet is extremely low, experts say protection against targeted attacks is necessary. Avivah Litan, vice president of Gartner Inc. in Stamford, Conn. said the success of attacks like Flame and Stuxnet will lead to more strikes of a similar nature.  Firms in the financial industry or organizations with sensitive intellectual property such as government contractors, critical infrastructure owners and operators and manufacturers and suppliers connected to high value targets are at the greatest risk. Thus far, Litan said attacks coming out of the Middle East have been focused on disruption and espionage activities, but she believes financial gain will be a growing motivator. Financially motivated cybercriminals can copy the techniques used by advanced malware, making it a more widespread problem.

Flame and Stuxnet highlight the need for enterprises to further develop a layered security program and proactively maintain one.  Companies should take these attacks very seriously, but also stop letting the cybercriminals lead the way, she said.

"Enterprises need to get ahead of the problem instead of being in the reactive mode," Litan said.

MiniFlame used in isolated attacks

The scope of miniFlame is much smaller, as the name suggests. Gauss, detected by Kaspersky targeting thousands of individuals in the Middle East, steals passwords, banking credentials, browser cookies and configuration data of infected machines. While the total number of Flame and Gauss victims is believed to be more than 10,000 systems, miniFlame has been identified in 50-60 systems in Western Asia.

"[MiniFlame] is a small, fully functional espionage module designed for data theft and direct access to infected systems. If Flame and Gauss were massive spy operations, infecting thousands of users, miniFlame/SPE is a high precision, surgical attack tool," according to the paper.

MiniFlame also differs from Flame and Gauss in its targets. The espionage malware is not focused in one or two countries; rather, targets are based on the variant of malware.  Countries with recorded incidents include Lebanon, Palestine, Iran, Kuwait and Qatar. In many cases, researchers believe those infected with miniFlame may have already been attacked by Flame or Gauss.

Multiple wave attack

Kaspersky researchers believe miniFlame has been active for as long as Flame, which was traced back to 2007. The connection between Flame, Gauss, and miniFlame has led security researches to believe that each version was part of a multiple wave attack.

“First wave: infect as many potentially interesting victims as possible. Secondly, data is collected from the victims, allowing the attackers to profile them and find the most interesting targets. Finally, for these "select" targets, a specialized spy tool such as SPE/miniFlame is deployed to conduct surveillance/monitoring,” according to the paper.

While the specialization of Flame and miniFlame leaves a small percentage of enterprises as targets, there are steps companies can take to make sure they are protected. Nick Lewis, an information security architect at Saint Louis University, recommends businesses practice whitelisting and watch for suspicious network traffic. These steps may be useful in preventing future attacks that use similar methods to Flame. 

There are still many questions surrounding this malware trio, including what the purpose of the attacks was and who the attackers and victims were.

“With Flame, Gauss and miniFlame, we have probably only scratched surface of the massive cyber-spy operations ongoing in the Middle East,” the paper read.




Kaspersky announce plans to create a secure operating system for industrial control systems

Kaspersky has announced that it is in the process of developing a secure operating system (OS) to protect industrial control systems used in industry/infrastructure. 

According to a blog by Kaspersky Lab CEO Eugene Kaspersky, while it was still in development he said it is ‘a truly secure environment'.

“It's a sophisticated project, and almost impracticable without active interaction with ICS operators and vendors. We can't reveal many details of the project now because of the confidentiality of such cooperation and we don't want to talk about some stuff so competitors won't jump on our ideas and nick the know-how,” he said.

Kaspersky also admitted that the OS will not be for gaming or social networking, as the company was working on methods of writing software which by design, will not be able to carry out any behind-the-scenes, undeclared activity.

The idea and development has come from the recognition that ‘always on' environments cannot be switched off due to them maintaining constant operation where ‘security is relegated to second place', especially when it comes to patching and vulnerability management.

He said: “As experience has shown, corners (costs) are normally cut on this kind of activity and patches are released only if a certain exploit has been found and put on the internet. In fairness, this is true for common, garden-variety software, not just specialised software; today we're talking about specifically industrial software.-

“Specialists at industrial/infrastructure organisations also apply traditional methods of protection of vulnerable software and operating systems through control over program behaviour and also over actions of users. But a 100 per cent guarantee of protection can't be provided, again because of vulnerability-by-default in the software doing the controlling. But for critical infrastructure a guarantee is what is needed most of all.”

Kaspersky said that to solve the problem in an ideal world, all industrial control system software would need to be rewritten to incorporate all of the security technologies available, also taking into account the new realities of cyber-attacks.

“Alas, such a colossal effort coupled with the huge investments that would be required in testing and fine-tuning would still not guarantee sufficiently stable operation of systems,” he said.

This is why a secure operating system is a ‘fully realisable alternative', one onto which industrial control systems can be installed and can be built into the existing infrastructure to control ‘healthy' existing systems and guarantee the receipt of reliable data reports on the systems' operation.

Kaspersky said that it was quite simple to create a secure OS, as it was working on methods of writing software which by design won't be able to carry out any behind-the-scenes, undeclared activity.

“This is the important bit: the impossibility of executing third-party code, or of breaking into the system or running unauthorised applications on our OS; and this is both provable and testable,” he said.

“In anticipation of the multitude of questions from colleagues, partners, media and simply curious folks, a few basics: the development is a truly secure environment."



Why You Should Publish An eBook and 3 Tips To Make It Successful

Do you remember the days when you used to go out for a drive, came across a billboard with a cool product and then soon purchased it? That was conventional advertising. It still exists; the only difference is that it's not the only medium of branding your product anymore. In this digital age, where any information on any archaic topic can be accessed through a search engine, the source that provides the most relevant information is the king. Think of Wikipedia. The clicks that the citations receive from its pages are possible only because people trust the brand.

Now, what if you had information on a topic that very few other people knew about or what if you knew something that others could use? These would be the best conditions for you to market yourself to the world while also providing people with relevant information. All in all, your first target would be to increase your ‘online visibility', the digital age's equivalent of the billboard perched on a busy freeway.

Ramon Ray, Editor of Smallbiztechnology.com, recently published an article, ‘Is It Time To Publish Your Next eBook' on the Dun and Bradstreet website.  In the article he shares tips that will help you create an eBook that will boost your brand.  They are:

  • Create a high-quality product-While publishing an eBook may be relatively easy these days, publishing agood eBook is a little more of a challenge. In addition to providing well-written, useful content, people still judge a book by its cover. Invest in a professional cover designer who will create a look that entices readers to buy your book.
  • Choose multiple publishing platforms-There are a variety of choices when it comes to making your book available online. It's important to put your book out there, where browsing readers can find it. Lulu.com and Lightning Source are popular self-publishers, but availability on Amazon is a must.
  • Keep your prices low-Remember, the goal isn't to make millions. It's to get word out about your business. Readers are looking for good reads at low prices, especially now that electronic readers have become so popular, so by keeping your prices low, you'll attract a larger number of people.
You can check out the entire article and more of Ramon's reasons to write an eBook here.

So, if you have something to sell or a service to offer and you know people will pay for such a service, write your eBook today.



PCI council admits challenges in regulating mobile payments

The PCI council is racing to keep up with technology, particularly in the rapidly-developing mobile payment space.

Speaking to SC Magazine, Jeremy King, European director of the PCI Security Standards Council (PCI SSC) said that it was ‘surprised at how fast new technologies were coming along', especially as e-commerce was being offered via banking, payments and transactions apps via mobile devices.

Ahead of its European Community Meeting event next week, King said the challenge for merchants is that they want to offer the best user experience for their customers and allow people to use their iPhones and iPads to do payments.

He said: “We've had a taskforce running on this and we have a long history of locking down. Mobile technology is still new and there is no knowledge of how to do mobile security. You can search on Google for ‘Android' and ‘malware' to make users aware of the security challenges that need to be addressed, but you cannot stop mobile payments, you need to know the challenges and risks.”

King also commented that there is the Payment Application Data Security Standard (PA-DSS), for secure applications, but that is not providing guidance for mobile applications yet, as the industry does not know how to secure it. “There is still work in progress,” he said.

Analyst Alan Goode, said that he understood the challenge and agreed that it is not just about payments, but it was an equal regulatory challenge for authentication and data protection.

He said: “It is difficult to regulate and ensure that data is protected. Technology is moving in line with what the regulator is doing, but it is disruptive as new payment providers emerge like Square and Google Wallet and you would imagine Apple will enter the space in the next couple of years. There are a lot of requirements as to how secure they are.

“The onus is on the card issuer and financial services company to get it right and the desire on handlers for mobile to get it right and get the security right. With mobile you can do it right providing that the data is protected and assured. There is an opportunity for banks to get it right and convenient.”



RandomStorm combines three scanners to offer vulnerability details on a single dashboard

RandomStorm has launched a vulnerability scanning platform to combine the capabilities of three leading scanners.

It combines the Nessus, SAINT and OpenVAS vulnerability scanning engines and compiles data into a single dashboard. Two versions are offered: iStorm is the appliance-based management platform; and xStorm is the hosted management version.

According to the company, the combination of three industry-leading scanners allows organisations to constantly monitor and maintain their defences to prevent hacking and loss or exposure of customer data.

Robin Hill, director of RandomStorm, said: “We believe that this is the first management platform that automatically integrates and correlates the results from three scanning engines. We've been amazed at the difference in reports that individual vulnerability scanners provide on the same IP addresses, so we decided to combine and automate three of the best scanners, providing correlation between an extended range of network vulnerabilities and new types of attack.

“By automating and integrating three scanning engines we've effectively brought more hands on deck to fight the increase in malicious attacks on company networks.”



Facebook adds Webroot, AVG and Panda as friends into AV Marketplace

Facebook has announced partnerships with three security vendors to join its AV Marketplace.

Partnerships have been announced with Panda Security, AVG and Webroot to offer security services to Facebook's more than one billion members via the marketplace. The deals with the vendors will allow users to access software from the vendors as well as users being notified of malicious websites on their newsfeeds via the classification services.

Mike Malloy, executive vice president of Webroot, said: “The social networking phenomenon that Facebook has ushered in has also created a new opportunity for cyber criminals to exploit â€" our inherent nature to share.

“Some links placed into your timeline may have been put there by hackers. Clicking these links can be risky, so Facebook has chosen Webroot to help protect their users from unknowingly clicking on a malicious link which they believe a trusted friend has shared with them.”

A similar service is also offered by AVG. Its CEO JR Smith, said: “This partnership with Facebook marks our continuing commitment to collaborating with major brands to help protect online communities from cyber crime.

“Social platforms are today a vital part of our modern communications networks, and it's important that people do not feel worried about using them. We believe that consumers should have a choice of options they can use to secure their connected world, giving them peace of mind to enjoy their digital experiences whether through a computer, mobile device or tablet.”

Enrique Aguilera, VP consumer sales and marketing at Panda Security, said: “Facebook is the most popular social networking site, and we wanted to partner with them to offer an additional layer of protection to users. Facebook has shown a growing commitment to securing its millions of users, and we are delighted to collaborate with them to make the site a malware-free environment.”

Joe Sullivan, chief security officer at Facebook, said: “With over one billion users, we are tireless in our commitment to keep both our users and their data safe. We look forward to better protecting the people who use our service with these partnerships and industry-leading technology and expertise."



YouTube Changes Video Ranking, Emphasizes Engagement

Entrepreneurs and small business owners have been told for quite some time about the importance of video in the marketing mix. At one time, getting someone to click on your video might have been enough, and video content did certainly help your Website in search results. But increasingly, the amount of time visitors spend watching your video or the degree to which your video engages them is gaining additional importance. Attention grabbing may no longer be sufficient. As online video becomes more important, holding your viewers attention is what really counts.

Seeing the Sights

Where do you rank? In fact, a recent change at YouTube, the world's largest video streaming site, exemplified just how much things have changed. It seems YouTube is now ranking videos uploaded to its players based on the amount of time people have spent watching them, rather than based on the number of clicks they have received. This is a sea change in the way video popularity is determined. The Next Web

Time for a chat. Video engagement is increasing in another way too. Social video chat is exploding, as witnessed in the rapid expansion of ooVoo, a video chat app now used by millions. The service has experienced incredible growth, with a recent report suggesting 7 million users have signed up in the last 100 days. The app is now gaining an estimated 1 million users every 10 days. Venture Beat

Persistence of Vision

Must see TV. Online video advertising seems on the rise everywhere. For example, an Australian study suggests ad spending is not only moving online at the expense of traditional media, but is concentrating in online video and mobile. In Australia, online video advertising represented an estimated 58 percent increase over the 12 months ending in June of this year. Video growth elsewhere has been similarly robust, as we'll see. IT Wire

Becoming engaged. After recounting some of online video's incredible growth this year, the folks at a Toronto video marketing firm give a taste of the present and near future of video marketing and advertising. Advertisers are increasingly demanding to know not just how many times their videos were viewed, but what affect those videos had on their audience. VMG Cinematic

Making a Scene

A big production. You don't need to be Steven Spielberg to make a video capable of becoming viral on YouTube or on any other online channel, says business tech journalist Preetam Kaushik. There are many resources that can help you produce video content of acceptable quality with the most inexpensive of consumer equipment. What you will need is a sufficient social network and the ability to market your video effectively when the time comes. Smallbiz Technology

Collaboration station. Businesses today use online video for much more than marketing and advertising, by the way. Video software company Polycom has introduced a new suite of products aimed at small businesses. The software allows business users to collaborate with others using platforms like Google Talk, Facebook, and Skype. Small Business Trends

Staying on schedule. Behind the scenes, using online video as a component in your marketing strategy is becoming easier and more convenient, with increased tweaks and innovation. Just like posts on Facebook, YouTube videos can now be scheduled to go live at a later date and time. See this recent post and video tutorial by Ileane Smith. Basic Blog Tips