39% of Small Businesses Get a Return On Investment From Social Media

Thirty-nine percent (39%) of small business owners are seeing a return on investment from social media.  That is according to a recent survey by Manta, released just last week.

Manta, an online small business community, surveyed more than 1,200 of its members to generate its quarterly Small Business Wellness Index, where these findings are from.  Chart excerpt:

Now you might think that 39% isn’t so positive, if more than 60% are not seeing a return.  However, let’s put in perspective with the other findings of the survey. When you do that, the small business attitude toward social media looks far more positive.

Consider these additional findings:

• Small businesses are dedicating significant people to social media - Seventy-four percent (74%) of small businesses have at least  one person dedicated to social media activities. Clearly, small business owners must think it is worthwhile to dedicate precious human resources to social media.  Small businesses don’t have teams of people that they can deploy, like large corporations.
• Small businesses are spending significant time on social media - The overwhelming majority (81%) have increased the amount of time they are investing in social media or stayed the same, compared to a year ago  (actually, 49% increased their time, and 32% are spending the same amount of time).  Only 7% decreased the amount of time they spend on social media.  So clearly, small business owners must be seeing some value if the vast majority continue investing time in social media.  In a small business, time IS money.  You don’t spend it without good reason.
• Small businesses plan to invest in social media for Q2  - When asked what they plan to invest in, during Q2 of 2013, social media was included along with online advertising and marketing as the second highest area.  Thirty one percent plan to invest in generating sales, and 26% plan to invest dollars in online advertising/marketing/social media.  By contrast, only 12% plan to invest in traditional marketing, and just 2% plan to invest in mobile.
• Some have been able to pin down a dollar return - Of those seeing a return on investment, thirty percent have achieved more than $2,000.  Thirteen percent have achieved ROI of between $1,000 and $2,000.

Taken all together, it suggests that small businesses are seeing benefits, because they keep devoting the resources to social media.  However, not as many have seen a clear return on investment from social media quantified in actual dollars.

Still,  just because you can’t pin a dollar amount to it, doesn’t mean it is worthless.  There are many activities in a business that add value but are hard to pin down in dollars.

One possibility is that small business owners are still experimenting to find what works best.  After all, we know that social media is complex.  Not every social site works for every business.  It takes time and knowledge â€" and trial and error â€" to figure out how to get a return on investment from social media.

Pamela Springer, CEO of Manta, notes that a shift is taking place, in her comments accompanying the release of the results.  As small businesses experiment and figure out what works best for them, they will settle on activities that drive the most return for them, she observes. She says, ”"As a highly pragmatic and time-constrained group, small business owners are strategically adopting platforms that show real results for their business. However, social media is not a stationary phenomenon. As SMBs shift from the experimental stage to a results-focused phase, their social media usage will evolve to maximize the value.”

Other interesting factoids from the survey are that Facebook is the site small businesses have the most difficulty maintaining.  LinkedIn and Twitter follow, in that order.

39% of Small Businesses Get a Return On Investment From Social Media

Thirty-nine percent (39%) of small business owners are seeing a return on investment from social media.  That is according to a recent survey by Manta, released just last week.

Manta, an online small business community, surveyed more than 1,200 of its members to generate its quarterly Small Business Wellness Index, where these findings are from.  Chart excerpt:

Now you might think that 39% isn’t so positive, if more than 60% are not seeing a return.  However, let’s put in perspective with the other findings of the survey. When you do that, the small business attitude toward social media looks far more positive.

Consider these additional findings:

• Small businesses are dedicating significant people to social media - Seventy-four percent (74%) of small businesses have at least  one person dedicated to social media activities. Clearly, small business owners must think it is worthwhile to dedicate precious human resources to social media.  Small businesses don’t have teams of people that they can deploy, like large corporations.
• Small businesses are spending significant time on social media - The overwhelming majority (81%) have increased the amount of time they are investing in social media or stayed the same, compared to a year ago  (actually, 49% increased their time, and 32% are spending the same amount of time).  Only 7% decreased the amount of time they spend on social media.  So clearly, small business owners must be seeing some value if the vast majority continue investing time in social media.  In a small business, time IS money.  You don’t spend it without good reason.
• Small businesses plan to invest in social media for Q2  - When asked what they plan to invest in, during Q2 of 2013, social media was included along with online advertising and marketing as the second highest area.  Thirty one percent plan to invest in generating sales, and 26% plan to invest dollars in online advertising/marketing/social media.  By contrast, only 12% plan to invest in traditional marketing, and just 2% plan to invest in mobile.
• Some have been able to pin down a dollar return - Of those seeing a return on investment, thirty percent have achieved more than $2,000.  Thirteen percent have achieved ROI of between $1,000 and $2,000.

Taken all together, it suggests that small businesses are seeing benefits, because they keep devoting the resources to social media.  However, not as many have seen a clear return on investment from social media quantified in actual dollars.

Still,  just because you can’t pin a dollar amount to it, doesn’t mean it is worthless.  There are many activities in a business that add value but are hard to pin down in dollars.

One possibility is that small business owners are still experimenting to find what works best.  After all, we know that social media is complex.  Not every social site works for every business.  It takes time and knowledge â€" and trial and error â€" to figure out how to get a return on investment from social media.

Pamela Springer, CEO of Manta, notes that a shift is taking place, in her comments accompanying the release of the results.  As small businesses experiment and figure out what works best for them, they will settle on activities that drive the most return for them, she observes. She says, ”"As a highly pragmatic and time-constrained group, small business owners are strategically adopting platforms that show real results for their business. However, social media is not a stationary phenomenon. As SMBs shift from the experimental stage to a results-focused phase, their social media usage will evolve to maximize the value.”

Other interesting factoids from the survey are that Facebook is the site small businesses have the most difficulty maintaining.  LinkedIn and Twitter follow, in that order.

Network with Other Business Owners in Your City Using ‘Meetup’

Being the CEO of a growing business is demanding work. More often than not as a small business owner you are single-handedly responsible for making executive decisions, from identifying your target segment, to developing your product/ service, hiring the right people, getting your goods out there and developing your marketing strategy (which today includes a gamut of social media tools).  Add to this the obvious financial risks of going solo. While a prerequisite to being a successful entrepreneur is the ability to take on precisely these challenges, it can feel lonely and at times perplexing to run a business by your own. 

Wouldn’t it be great if you could meet up with fellow business owners on a regular basis, exchange ideas, discuss problems and gain insight into probable solutions for your business? Well that’s exactly what ‘Meetups’, the largest networking website of local groups, has to offer. Meetups are groups of people that come together to discuss their likes, interests, passions and yes, even business strategy.  Finding a group that is relevant to your area of interest is as simple as entering your city, category of ‘Meetup’ and reaching out to a group that you want to be part of. For example under the career and business category in New York, the NYC Business Networking Group and NY Entrepreneurs Business Network are some of the more popular Meetups.  Most Meetup’s are managed by a group of organizers who fix the venue, send out invites and plan the agenda. Members of the group can RSVP their intent for attending he event. Some gatherings are sponsored so the group members don’t pay, while others require members to pay a fee for attending the Meetup event.

Starting a MeetUp is easy too. The website subscription charges are as little as $2 a month to $5 a month and you are required to pledge facilitation of face to face interaction among the group you wish to start.  Once the group is activated, the website helps send out invites to other like-minded members who may be interested in becoming part of your group. With effect from April 30th this year, new features are being enabled that group organizers can use to make their MeetUp page stand out. These include headlined group names, new color palettes and background images.

The MeetUp website currently hosts 13.37 million members and 126,837 groups across 196 countries. At the time of writing this article, the site had registered a staggering 100,682,152 RSVP’s from people confirming attendance of MeetUps hosted on the site. It is estimated that the number of gatherings held as a result of MeetUp generate an economic value of roughly $100-150 million a year.

We certainly hope that after reading this blog you will be inclined to look for a Meetup group near you and not necessarily a business group. After all, being a small business owner doesn’t have to be all work and no play.

 

Network with Other Business Owners in Your City Using ‘Meetup’

Being the CEO of a growing business is demanding work. More often than not as a small business owner you are single-handedly responsible for making executive decisions, from identifying your target segment, to developing your product/ service, hiring the right people, getting your goods out there and developing your marketing strategy (which today includes a gamut of social media tools).  Add to this the obvious financial risks of going solo. While a prerequisite to being a successful entrepreneur is the ability to take on precisely these challenges, it can feel lonely and at times perplexing to run a business by your own. 

Wouldn’t it be great if you could meet up with fellow business owners on a regular basis, exchange ideas, discuss problems and gain insight into probable solutions for your business? Well that’s exactly what ‘Meetups’, the largest networking website of local groups, has to offer. Meetups are groups of people that come together to discuss their likes, interests, passions and yes, even business strategy.  Finding a group that is relevant to your area of interest is as simple as entering your city, category of ‘Meetup’ and reaching out to a group that you want to be part of. For example under the career and business category in New York, the NYC Business Networking Group and NY Entrepreneurs Business Network are some of the more popular Meetups.  Most Meetup’s are managed by a group of organizers who fix the venue, send out invites and plan the agenda. Members of the group can RSVP their intent for attending he event. Some gatherings are sponsored so the group members don’t pay, while others require members to pay a fee for attending the Meetup event.

Starting a MeetUp is easy too. The website subscription charges are as little as $2 a month to $5 a month and you are required to pledge facilitation of face to face interaction among the group you wish to start.  Once the group is activated, the website helps send out invites to other like-minded members who may be interested in becoming part of your group. With effect from April 30th this year, new features are being enabled that group organizers can use to make their MeetUp page stand out. These include headlined group names, new color palettes and background images.

The MeetUp website currently hosts 13.37 million members and 126,837 groups across 196 countries. At the time of writing this article, the site had registered a staggering 100,682,152 RSVP’s from people confirming attendance of MeetUps hosted on the site. It is estimated that the number of gatherings held as a result of MeetUp generate an economic value of roughly $100-150 million a year.

We certainly hope that after reading this blog you will be inclined to look for a Meetup group near you and not necessarily a business group. After all, being a small business owner doesn’t have to be all work and no play.

 

Network with Other Business Owners in Your City Using ‘Meetup’

Being the CEO of a growing business is demanding work. More often than not as a small business owner you are single-handedly responsible for making executive decisions, from identifying your target segment, to developing your product/ service, hiring the right people, getting your goods out there and developing your marketing strategy (which today includes a gamut of social media tools).  Add to this the obvious financial risks of going solo. While a prerequisite to being a successful entrepreneur is the ability to take on precisely these challenges, it can feel lonely and at times perplexing to run a business by your own. 

Wouldn’t it be great if you could meet up with fellow business owners on a regular basis, exchange ideas, discuss problems and gain insight into probable solutions for your business? Well that’s exactly what ‘Meetups’, the largest networking website of local groups, has to offer. Meetups are groups of people that come together to discuss their likes, interests, passions and yes, even business strategy.  Finding a group that is relevant to your area of interest is as simple as entering your city, category of ‘Meetup’ and reaching out to a group that you want to be part of. For example under the career and business category in New York, the NYC Business Networking Group and NY Entrepreneurs Business Network are some of the more popular Meetups.  Most Meetup’s are managed by a group of organizers who fix the venue, send out invites and plan the agenda. Members of the group can RSVP their intent for attending he event. Some gatherings are sponsored so the group members don’t pay, while others require members to pay a fee for attending the Meetup event.

Starting a MeetUp is easy too. The website subscription charges are as little as $2 a month to $5 a month and you are required to pledge facilitation of face to face interaction among the group you wish to start.  Once the group is activated, the website helps send out invites to other like-minded members who may be interested in becoming part of your group. With effect from April 30th this year, new features are being enabled that group organizers can use to make their MeetUp page stand out. These include headlined group names, new color palettes and background images.

The MeetUp website currently hosts 13.37 million members and 126,837 groups across 196 countries. At the time of writing this article, the site had registered a staggering 100,682,152 RSVP’s from people confirming attendance of MeetUps hosted on the site. It is estimated that the number of gatherings held as a result of MeetUp generate an economic value of roughly $100-150 million a year.

We certainly hope that after reading this blog you will be inclined to look for a Meetup group near you and not necessarily a business group. After all, being a small business owner doesn’t have to be all work and no play.

 

Twitter Advertising 101: 8 Things to Know About Advertising Your Business on Twitter

Recently, Twitter announced it was ramping up its business offerings, providing more targeted ad placements to better reach customers. The changes are in response to customer demand, with many small businesses long having clamored for a better way to reach customers on the second most popular social media site. With its nemesis, Facebook, so successfully catering to businesses, it’s important for Twitter advertisers to reach out to businesses in order to remain competitive.

But many small business owners are still unaware of the changes. To make it easier for businesses to start marketing on the social media network immediately, here are a few top things to know about Twitter advertising.

1. Advertising is easy.

Twitter offers a self-service model that allows business owners to stay in control of when and what ads are posted. Ad campaigns can be deployed immediately, from a mobile device or PC, and instant access to analytics helps business owners adjust efforts on the fly.

2. Well-tested.

By opening up this new advertising platform to a select, invitation-only group of businesses last spring, Twitter was able to test the new service and work out any bugs. These businesses have been reporting back success stories over the past year. Twitter has been collecting feedback from these users and making changes to help meet business needs.

3. Target @users.

Twitter’s new platform lets businesses directly target users who follow specific usernames. A business that sells clothing, for instance, may wish to deploy ads to everyone who follows @fashion or @WomensWearDaily.

4. Choose categories.

Advertisers can now choose from hundreds of categories, targeting users specifically by the interests they’ve communicated. This narrows ad reach to those who are most likely to take action on them, helping maximize each advertising dollar.

5. Target specific devices.

Is your product or service aimed specifically to iPhone users? Or maybe your audience lies solely in mobile device users in general. Twitter lets advertisers choose to target only those devices that they want. Send your ad to desktop and laptop computers, iOS devices, Android devices, Blackberries, other mobile devices, or all of the above.

6. Reach out to a specific gender.

Some products or services are most likely to resonate with men. Some with women. Twitter lets advertisers choose to target only one gender or both.

7. More control.

Twitter has improved its advanced interface, making it easier for advertisers to control campaigns. With multiple-campaign optimization, businesses can launch several campaigns at once and easily track their progress.

8. Better analytics

Studies have shown ad campaigns are more effective when advertisers monitor successes and failures. Twitter’s analytics allow businesses to adjust campaigns in response to what the reports are telling them.

One thing that hasn’t changed is Google’s pricing structure. Businesses can still administer ad campaigns without breaking their budgets. For current self-service advertisers, to get the new features, choose “Switch to Advanced” from the top of your dashboard once you’re signed in. If you’re a new user, go to https://business.twitter.com/start-advertising to start reaching Twitter members today.

Twitter Advertising 101: 8 Things to Know About Advertising Your Business on Twitter

Recently, Twitter announced it was ramping up its business offerings, providing more targeted ad placements to better reach customers. The changes are in response to customer demand, with many small businesses long having clamored for a better way to reach customers on the second most popular social media site. With its nemesis, Facebook, so successfully catering to businesses, it’s important for Twitter advertisers to reach out to businesses in order to remain competitive.

But many small business owners are still unaware of the changes. To make it easier for businesses to start marketing on the social media network immediately, here are a few top things to know about Twitter advertising.

1. Advertising is easy.

Twitter offers a self-service model that allows business owners to stay in control of when and what ads are posted. Ad campaigns can be deployed immediately, from a mobile device or PC, and instant access to analytics helps business owners adjust efforts on the fly.

2. Well-tested.

By opening up this new advertising platform to a select, invitation-only group of businesses last spring, Twitter was able to test the new service and work out any bugs. These businesses have been reporting back success stories over the past year. Twitter has been collecting feedback from these users and making changes to help meet business needs.

3. Target @users.

Twitter’s new platform lets businesses directly target users who follow specific usernames. A business that sells clothing, for instance, may wish to deploy ads to everyone who follows @fashion or @WomensWearDaily.

4. Choose categories.

Advertisers can now choose from hundreds of categories, targeting users specifically by the interests they’ve communicated. This narrows ad reach to those who are most likely to take action on them, helping maximize each advertising dollar.

5. Target specific devices.

Is your product or service aimed specifically to iPhone users? Or maybe your audience lies solely in mobile device users in general. Twitter lets advertisers choose to target only those devices that they want. Send your ad to desktop and laptop computers, iOS devices, Android devices, Blackberries, other mobile devices, or all of the above.

6. Reach out to a specific gender.

Some products or services are most likely to resonate with men. Some with women. Twitter lets advertisers choose to target only one gender or both.

7. More control.

Twitter has improved its advanced interface, making it easier for advertisers to control campaigns. With multiple-campaign optimization, businesses can launch several campaigns at once and easily track their progress.

8. Better analytics

Studies have shown ad campaigns are more effective when advertisers monitor successes and failures. Twitter’s analytics allow businesses to adjust campaigns in response to what the reports are telling them.

One thing that hasn’t changed is Google’s pricing structure. Businesses can still administer ad campaigns without breaking their budgets. For current self-service advertisers, to get the new features, choose “Switch to Advanced” from the top of your dashboard once you’re signed in. If you’re a new user, go to https://business.twitter.com/start-advertising to start reaching Twitter members today.

Facebook Home Reaches 500,000 Downloads

Facebook Home, the new Android-based app that is designed to overlay the regular Android home screen, reached a bit of a milestone recently. According to several reports, at least a half-million people have downloaded Facebook Home from the Google Play store.

Facebook Home is currently exclusively available through Google Play, and only ready to run on select Android phones. New HTC First phones are the first devices to have the App pre-loaded.

Observers consider the number of  downloads a slow start considering the popularity of Facebook. Reviews of the phone are mixed. For example, Steve Kovach at Business Insider observes that the app’s messaging feature “Chat Heads” is so brilliant everyone from Apple to BlackBerry should copy it. On the other hand, Kovach says if you use your phone for productivity and need access to other apps, Facebook Home is too much of a distraction.

Outside of the download statistics, the early reviews have not been kind to Facebook Home. Based on the reviews at the Google Play store, more than 6,000 people have rated it with just 1 star and the app gets an overall 2.2 rating. Facebook’s standard Android app gets an overall 3.6 rating, but a majority of owners have given it a full 5 stars.

Facebook says it is constantly updating the Home app and will release new versions more often than an operating system would, according to a report at FastCompany. Facebook’s VP of Mobile Engineering Corey Ondrejka spoke with reporters recently and hinted that some features could be updated soon, including the addition of folders and widgets so that Home does not interfere as much with a user’s regular Android home and lock screens. Ondrejka also said that users will likely be able to edit their news feeds on Home more like the way they can on Facebook’s website.

Posted by Joshua Sophy on April 24, 2013.

Categories: Social Media

About Small Business Trends

Small Business Trends is an award-winning online publication for small business owners, entrepreneurs and the people who interact with them.

Small Business Trends is the premier source of information, news and advice covering issues of key importance to the small business market.  Small Business Trends appears on countless “Top” and “Best of” lists of small business resources.

We offer a variety of newsletters and information feeds to help you stay informed about the small business market.  As we like to Read More

more â†'

Opinion: DBIR, other computer security statistics paint tricky picture

There's something of a spring season in computer security reports.

This is in part because many reports aim to summarize the prior year, so they appear early in the following one. It's also because many vendors time the release of their reports to coincide with the RSA Conference. Over the past couple of months we've seen reports of various sizes and gravity from Veracode, Trustwave, Cisco, Solutionary, the Ponemon Institute, Symantec, Fortinet, Mandiant, Prolexic, Vormetric and Arbor Networks, to name a few.

The publication of the Verizon Data Breach Incident Report (DBIR) Monday forms something of a natural close to this busy spring season. One can't help but wonder whether all this research, taken as a whole, creates any coherent overall view. Are there "big takeaways" from all this tallying?

The short answer is that consistent takeaways are hard to come by. For one thing, there are some contradictions among the reports.

Take distributed denial-of-service (DDoS) attacks, for example. Prolexis, in its Quarterly Global DDoS Attack Report, stated that average attack bandwidth totaled 48.25 Gbps in the first quarter of 2013, a 718% increase versus the previous quarter. Arbor, on the other hand, has used its ATLAS program to compile Internet traffic data from over 250 service providers, tracking a whopping 42 Tbps of traffic, and finding that in Q1 2013 the average attack size was 1.77 Gbps compared to 1.48 Gbps in 2012. Without putting too fine a point on it, these answers are vastly and improbably different in scale.

Or consider SQL injection. The Veracode State of Software Security report, arguing that knowledge of prevalent software flaws predicts prevalent attack vectors, noted that 32% of applications Veracode analyzed contain SQL injection flaws. "Knowing that," the report states, "you should not be surprised that Trustwave reported that SQL injection was the attack method for 26% of all reported breaches in 2012." Yes, but by the same logic we should perhaps be rather surprised indeed to learn that this year's Verizon DBIR reports SQL injection was involved in 8% of breaches involving "hacking," which it says are 52% of incidents overall. In other words, SQL injection weighs in at about 4% of breaches overall.

There's an even bigger potential problem with Veracode's findings for those of a cynical predisposition. The Verizon DBIR asserts that software flaws per se are mostly too "fancy" for most attackers to bother to exploit. Attackers go for what might be called ridiculously low-hanging fruit. They use stolen credentials and brute force, or phishing and malware. As the report puts it, "While some may argue that we are dealing with an intelligent and adaptive adversary, the data tells us that adaptation isn't necessary for many of these attackers."

If attackers are mostly just asking you nicely to hand over your password, looking at software vulnerabilities isn't going to tell you much about actual attacks. Veracode's report makes a pretty good case, though, that software developers continue to make the same amateur security blunders they've made for the past several years.

Maybe it is hard to draw a straight line from software vulnerabilities to attack vectors in the wild, but that doesn't necessarily justify taking reports from the field as a framework for tying various research results together. For one thing, reports about damages are inextricably beholden to their underlying assumptions, some of which the report authors are fairly, well, eager to assume. A recent report the Ponemon Institute prepared and Venafi sponsored concluded that each of the Global 2000 enterprises worldwide was "projected to lose $35m over the next 24 months due to improper trust technology management; this estimate is based on a total possible cost exposure of $400 million."

When the survey was released, I asked the institute's founder and chair, Larry Ponemon, about how "expected value" worked in compiling dollar values for estimates of financial risk. Ponemon said the survey "required respondents to estimate both exposure value and probability of occurrence to nine separate scenarios relating to operational issues, compliance and cyberattack incidents all relating to key and certificate compromise." The exposure value was based on estimating four categories of potential loss. "The probability of exposure," Ponemon said, was "estimated from a number line between 0 to 10."

Surveys have to take these kinds of "scale of 1 to 10" shortcuts, to be sure. And it's often the case that broader categories ("Is it bigger or smaller than a breadbox?") provide paradoxically better estimates. But on the other hand, the value is directly derived from an estimated risk that doesn't necessarily square with the risks one might determine by examining, say, Verizon's numbers, based as they are on actual field observations, though Verizon's information on the prevalence of stolen credentials in successful breaches is clear and compelling.

Yes, but then again there's a skew in the incident data at Verizon's disposal that is quite possibly not reflected in other reports. One could argue that the DBIR should really be called the "ATM and Point of Sale, Along with Some Servers, Breach Incident Report," because ATMs and POS device-related breaches are heavily represented in Verizon's 2013 dataset. The incidence of "user device" attacks is skewed high, Verizon senior analyst Kyle Maxwell said in a prerelease interview with SearchSecurity.com editors, "because we categorize ATMs as user devices, which sometimes seems a little bit controversial to people. In the end we decided that since the device's main focus is interaction with an end user -- in this case a bank customer -- the ATM attacks get thrown in there."

More generally, the fact that vendors issue or sponsor these reports means not so much that the results are unreliable, but that conclusions are drawn based on niches and lines of inquiry that are sufficiently different in their definitions and underlying assumptions that no meaningful comparisons can be made from one report to the next. Isn't it problematic, for instance, that Verizon's report doesn't consider cloud-related attacks as a separate category?

None of this is to say that there aren't important, thought-provoking findings lurking in these reports. But most of the insight comes within an intentionally narrow focus. Tucked within the Veracode report, for example, is a fascinating look at how code quality improves as the number of rounds of vulnerability testing, fixing and resubmission increases.

The Verizon DBIR is riveting (and alarming) on the subject of how long it takes organizations to find out they've been pwned. (Short answer -- they remain thoroughly clueless till someone outside the organization bothers to tell them.) But is there a coherent summary finding from all that research going on out there? Not this time around.

This was first published in April 2013

Your Franchise Location Needs This

Traffic. You’re going to need a lot of traffic. If you’re thinking about buying a franchise and the one that you end up choosing is going to require a commercial location, read on.

You Need Traffic

If your franchise location is going to achieve the kind of success that you’re hoping for, you’re going to need a lot of traffic. Your retail store or restaurant is going to need foot traffic. All storefronts and food-service establishments need feet. Feet = Revenue.

For example, 740 million feet entered and exited Apple’s retail stores last year. That’s 370 million visitors. Do you think that’s one of the reasons that Apple enjoys amazing profits?  (Apple stores are company stores, not franchises.) Apple stores are in the retail space and in retail, it’s about volume.

Of course, you need a way to encourage the traffic that exists in the vicinity of your business to open the door to your franchise location and enter your establishment. But how?

You Need Visual Appeal

Your business is going to need visual appeal. According to The Retail Doctor®, Bob Phipps:

“If you’re in a popular destination with great foot traffic, you can create a great window that tells one story and tells it well. Your window display must be your invitation to the passerby. A well-designed window display encourages impulse sales and peaks a customer’s curiosity. It might even tug at their heartstrings.”

In addition to your window display, you may have another option; sidewalk attractors. You’ll have to check with your local zoning commission, but you may be allowed to put some simple sidewalk signage up in front of your franchise. Attention-grabbing sidewalk signage works wonders, and can force potential customers to look twice at what your business is offering.

In addition to sidewalk signage, seasonal outdoor plants can spruce up a storefront, so leave room in your advertising and marketing budget for a few of those.

You Need Workshops And Seminars

One way for your business to stand out is by offering informational workshops or seminars. Today’s consumers love stuff that is free, and you can really capitalize on that fact by putting on information-laden talks and demonstrations.

For example, let’s say that you’re a Pet Supplies Plus franchisee. If your franchise location offers dog grooming, why not take it outside? Grab one your employees’ pets, and do a demonstration (if your local community will allow it) right in front of your store. That would really attract attention.

One caveat: I haven’t read the Pet Supplies Plus franchise agreement. I’m not sure what their rules are when it comes to marketing and advertising in and out of their franchise locations. Make sure that you check with your franchisor before doing anything too creative.

You Need to Host A Charity Event

Hosting a local charity event at your franchise location can be a real win-win. But, it must come from the heart.

What I mean is that to do this right, you need to choose a charity that is close to your heart in some way. Don’t host a charity event just because it would provide good exposure for your business. Do it because you really want to help. In addition, make sure that you choose a charity that your target market can easily identify with.

If you own and operate a Tutoring Club franchise, you can easily set-up a book drive and donate the books that you’ve collected to local daycare centers and community centers.  You could even ship them to third world countries where they’d most certainly be welcomed. If you own an Edible Arrangements franchise, it shouldn’t be too difficult to find a charity that accepts food donations.

Do you know of any other ways to attract foot traffic?

Your Franchise Location Needs This

Traffic. You’re going to need a lot of traffic. If you’re thinking about buying a franchise and the one that you end up choosing is going to require a commercial location, read on.

You Need Traffic

If your franchise location is going to achieve the kind of success that you’re hoping for, you’re going to need a lot of traffic. Your retail store or restaurant is going to need foot traffic. All storefronts and food-service establishments need feet. Feet = Revenue.

For example, 740 million feet entered and exited Apple’s retail stores last year. That’s 370 million visitors. Do you think that’s one of the reasons that Apple enjoys amazing profits?  (Apple stores are company stores, not franchises.) Apple stores are in the retail space and in retail, it’s about volume.

Of course, you need a way to encourage the traffic that exists in the vicinity of your business to open the door to your franchise location and enter your establishment. But how?

You Need Visual Appeal

Your business is going to need visual appeal. According to The Retail Doctor®, Bob Phipps:

“If you’re in a popular destination with great foot traffic, you can create a great window that tells one story and tells it well. Your window display must be your invitation to the passerby. A well-designed window display encourages impulse sales and peaks a customer’s curiosity. It might even tug at their heartstrings.”

In addition to your window display, you may have another option; sidewalk attractors. You’ll have to check with your local zoning commission, but you may be allowed to put some simple sidewalk signage up in front of your franchise. Attention-grabbing sidewalk signage works wonders, and can force potential customers to look twice at what your business is offering.

In addition to sidewalk signage, seasonal outdoor plants can spruce up a storefront, so leave room in your advertising and marketing budget for a few of those.

You Need Workshops And Seminars

One way for your business to stand out is by offering informational workshops or seminars. Today’s consumers love stuff that is free, and you can really capitalize on that fact by putting on information-laden talks and demonstrations.

For example, let’s say that you’re a Pet Supplies Plus franchisee. If your franchise location offers dog grooming, why not take it outside? Grab one your employees’ pets, and do a demonstration (if your local community will allow it) right in front of your store. That would really attract attention.

One caveat: I haven’t read the Pet Supplies Plus franchise agreement. I’m not sure what their rules are when it comes to marketing and advertising in and out of their franchise locations. Make sure that you check with your franchisor before doing anything too creative.

You Need to Host A Charity Event

Hosting a local charity event at your franchise location can be a real win-win. But, it must come from the heart.

What I mean is that to do this right, you need to choose a charity that is close to your heart in some way. Don’t host a charity event just because it would provide good exposure for your business. Do it because you really want to help. In addition, make sure that you choose a charity that your target market can easily identify with.

If you own and operate a Tutoring Club franchise, you can easily set-up a book drive and donate the books that you’ve collected to local daycare centers and community centers.  You could even ship them to third world countries where they’d most certainly be welcomed. If you own an Edible Arrangements franchise, it shouldn’t be too difficult to find a charity that accepts food donations.

Do you know of any other ways to attract foot traffic?

Your Franchise Location Needs This

Traffic. You’re going to need a lot of traffic. If you’re thinking about buying a franchise and the one that you end up choosing is going to require a commercial location, read on.

You Need Traffic

If your franchise location is going to achieve the kind of success that you’re hoping for, you’re going to need a lot of traffic. Your retail store or restaurant is going to need foot traffic. All storefronts and food-service establishments need feet. Feet = Revenue.

For example, 740 million feet entered and exited Apple’s retail stores last year. That’s 370 million visitors. Do you think that’s one of the reasons that Apple enjoys amazing profits?  (Apple stores are company stores, not franchises.) Apple stores are in the retail space and in retail, it’s about volume.

Of course, you need a way to encourage the traffic that exists in the vicinity of your business to open the door to your franchise location and enter your establishment. But how?

You Need Visual Appeal

Your business is going to need visual appeal. According to The Retail Doctor®, Bob Phipps:

“If you’re in a popular destination with great foot traffic, you can create a great window that tells one story and tells it well. Your window display must be your invitation to the passerby. A well-designed window display encourages impulse sales and peaks a customer’s curiosity. It might even tug at their heartstrings.”

In addition to your window display, you may have another option; sidewalk attractors. You’ll have to check with your local zoning commission, but you may be allowed to put some simple sidewalk signage up in front of your franchise. Attention-grabbing sidewalk signage works wonders, and can force potential customers to look twice at what your business is offering.

In addition to sidewalk signage, seasonal outdoor plants can spruce up a storefront, so leave room in your advertising and marketing budget for a few of those.

You Need Workshops And Seminars

One way for your business to stand out is by offering informational workshops or seminars. Today’s consumers love stuff that is free, and you can really capitalize on that fact by putting on information-laden talks and demonstrations.

For example, let’s say that you’re a Pet Supplies Plus franchisee. If your franchise location offers dog grooming, why not take it outside? Grab one your employees’ pets, and do a demonstration (if your local community will allow it) right in front of your store. That would really attract attention.

One caveat: I haven’t read the Pet Supplies Plus franchise agreement. I’m not sure what their rules are when it comes to marketing and advertising in and out of their franchise locations. Make sure that you check with your franchisor before doing anything too creative.

You Need to Host A Charity Event

Hosting a local charity event at your franchise location can be a real win-win. But, it must come from the heart.

What I mean is that to do this right, you need to choose a charity that is close to your heart in some way. Don’t host a charity event just because it would provide good exposure for your business. Do it because you really want to help. In addition, make sure that you choose a charity that your target market can easily identify with.

If you own and operate a Tutoring Club franchise, you can easily set-up a book drive and donate the books that you’ve collected to local daycare centers and community centers.  You could even ship them to third world countries where they’d most certainly be welcomed. If you own an Edible Arrangements franchise, it shouldn’t be too difficult to find a charity that accepts food donations.

Do you know of any other ways to attract foot traffic?

Death of the Cubicle: How Businesses Are Transforming The Workspace

A decade ago, the idea of an open workspace gave rise to the image of relaxed, goofy coworkers with overly creative imaginations collaborating in an office that was more a playground than work place. The cubicle was the frontline in office efficiency, trimming the workplace fat down to the leanest possible configuration, which prioritized work usually to the expense of the individual identity. However, The Wallstreet Journal officially announces the death of the cubicle. It even has a slideshow examining workplaces over the past ninety or so years, from the lines of desks and cubicles of “yesteryear” to the modern workplace at the Campbell Soup HQ toay. In the cubicle’s place comes the open, creative workspaces that foster collaboration and helps to attract and maintain talent within a company.

And not surprisingly, small businesses are leading the evolution of the office space. With fewer employees comes an easier amount of room to change, and they can better adopt styles that work on an individual level, as well as at the company level. Jon Eggleton, the CMO for Turnstone, said that the “one-size-fits-all workspace does not exist anymore.” With everyone being creative in different ways, it only stands to reason that the office should match that. A quick glance through the customer stories available on the Turnstone website shows that offices all over the country are different, styled to match those that work there.

Eggleton goes on to emphasize how space can be a major asset to productivity and that ideally a workplace should have a “palette of place” that allows individuals to choose how and where they work throughout the day. Further, while technology continues to change, the human process of innovation doesn’t. Allowing for a place to create strong social bonds and collaboration are critical to creating fresh, new ideas.

So what does that mean for your small business? Simply, uniform cubicles may not be the way to go. Spending time and effort early in your business to create a space that fosters communication can pay dividends later. A lot of time, businesses focus on the technology that can help to increase creativity, productivity, and efficiency, but maybe taking down the walls between coworkers and creating a sense of community can be just the thing to kick-start your employees.

Trusteer warns of new man-in-the-browser Twitter attack

Twitter has attracted a new follower: financial malware capable of facilitating man-in-the-browser attacks through an infected computer.

We haven't seen a Twitter attack like this before.

Yishay Yovel,
vice president of marketing, Trusteer

Trusteer, a Boston-based cybercrime prevention vendor, said this week one of its researchers recently identified the malware, which targets Twitter accounts. While the malware attacks initially have appeared to focus on PC endpoints in banks and financial-services firms, experts said Android-based mobile platforms could eventually help spread the Twitter-based attacks to enterprises.

The attack works by injecting JavaScript code into a user's Twitter account webpage. Once inside, the malware snaps up the user's authentication token, obtaining access to Twitter application programming interfaces. At that point, Trusteer said, the malware can begin posting malicious tweets via a victim's account.

Unsuspecting followers of the infected Twitter account see the customary shortened URLs that disguise the underlying links, making it nearly impossible for a follower to spot a suspicious link to a webpage.

Trusteer said the malware attacks could be used to target financial transactions after gaining access to user credentials. So far, the attacks have been limited to the Netherlands, but could quickly spread to Twitter accounts around the world.

The company also released an excerpt from the injected JavaScript code it uncovered:

"We haven't seen a Twitter attack like this before," said Yishay Yovel, Trusteer's vice president of marketing. He said the malware essentially creates "an open channel" through which it can be distributed to followers of an infected Twitter account, which can then potentially "create a storm" of malware across enterprise networks.

Since identifying the Twitter-based malware while working with a Dutch bank, Trusteer's approach has been to try to establish what Yovel called a "bridgehead," which prevents the malware from breaching PC endpoints. Like most malware, Yovel said, "It's all about establishing a foothold in your network" -- in this case via Twitter -- by getting users to click or open a malicious link, document or application.

As with other types of attacks, Yovel said early detection of Twitter-based malware is critical since it narrows an attacker's options for breaching a network endpoint and gaining access to Twitter and, eventually, financial or proprietary information.

The challenge for enterprises, he warned, is managing security on mobile platforms where some of the malware attacks have gained access to Twitter accounts via SMS messages.

Yovel warned that while early malware samples have largely targeted banks, a wider range of companies could be at risk of falling prey to this or similar attacks. Twitter-based malware, he said, "is absolutely not banking-specific."

Emotiva Audio Increased Sales And Survived Industry Changes By Using Technology To Interact With Their Customers

Based in Franklin, Tennessee, Emotiva Audio is an audio equipment developer and manufacturer that has been in business for over ten years. In that time, they’ve seen a lot changes in the industry and consumer’s needs.

Emotiva Audio has managed to maintain a strong relationship with their core customers, who use and advocate their products, by establishing an open online message board for people to interact with the company, other customers, and most interestingly, the engineers that made the very products that are being discussed. The forum, The Emotiva Lounge, is hosted on ProBoards, a popular message board host that has been widely used.

“We were looking for the best and fastest way to introduce and market new products, learn about our customers’ needs and better serve them, and using ProBoards has allowed us to do just that and more,” explains Jessica Gordon, Director of Marketing at Emotiva.

Every day, there is evidence of  much activity on the forum’s pages, with over 14,000 topics posted since the board’s inception in 2007. There are hundreds of registered members logging in regularly along with a slew of guests hitting the webpage too to check it out, as well as up to 500 posts a week.

Clicking through the myriad sub-sections of The Emotiva Lounge reveals a wealth of discussion on the ins and outs of products or even just general FAQs. There’s a lot of ground covered when you really delve into each little sub-section of the forum and it seems to be working for Emotiva.

“The open engagement we get from our forum has translated into happier customers and has helped boost sales because we’re able to learn what our customers want and create solutions to fill their need, while fixing possible problems,” she adds.

“Our customers have direct access to the engineers and product developers through The Emotiva Lounge,” says Jessica of the bridges built between customer and business. “It’s enabled a direction connection between our company, fellow enthusiasts, and our customers, and the creation of a really wonderful and powerful user community. The value is hard to quantify. We wouldn’t be who we are today without it.”

How Emotiva Audio has maintained their strong presence and customer relationships with their message board is something of a paradox. Message boards aren’t the hubs of conversation like they used to be a number of years ago, falling prey to the sheer enormity and vast reach of social media. Of course, Emotiva Audio still has a Facebook page and a Twitter account but let’s compare numbers.

At the time of writing, Emotiva’s last tweet was on October 30th 2012 and their account has 866 followers, and it’s important to note that only three tweets were posted in 2012 with the last sight of regular tweeting being in July 2011. Their Facebook page is much more active however, with regular, almost daily posting and the numbers reflect that, with over 3,700 likes on board and comments on each post, but the numbers pale when compared to those discussing the latest news or equipment on the hive of activity that is the company’s ProBoards forum. Jessica explains why this works for Emotiva.

“Forums are meant for people with specific interests and that’s not what Facebook and Twitter deliver,” she says. “We found that sites like Facebook and Twitter allow you to get a message out, but don’t always encourage intimate two-way communication. We want our customers to feel like we’re listening to them, not dictating to them, and a forum provides a more intimate interactive conversation,” adds Jessica. “Forums are the primary way we interact with customers.”

The effect of social media, specifically Facebook and Twitter, on business is a hotly discussed topic, especially as it is always evolving. So does Emotiva have plans to harness these social media channels more in the future?

“We are already fully harnessing social media with our forum.  Facebook and Twitter are not going to drive our sales - it’s talking to our customers and that’s what a forum allows us to do because it creates a conversation.”

Emotiva may now have a chance to expand on the methods that have been serving them well. In late 2012, ProBoards released the BETA version of their ProBoards 5.0, with the official release date coming on April 29th. The update will add some new feathers to its cap that companies like Emotiva can take advantage of, like Live Search and one-click navigation.

“Broadly speaking, we will continue to grow and be one the leading audio companies selling directly to consumers. You can only buy Emotiva products through our site or on Amazon. We do not sell through traditional retailers or dealers,” says Jessica to finish. “The community we built with our forum, created using ProBoards, will continue to be an important aspect of how we communicate with our customers and audio enthusiasts. We recently hired a community manager, so you can expect to see even more social engagement from us in the future.”

Infosec 2013: C&C research finds 93.8 per cent of countries have received a \'callback\'

According to research, 93.8 per cent of countries in the world host malware or a command and control (C&C) server.

Research by FireEye of 12 million callback events, found that 184 countries had a callback, or were hosting some sort of malware or crimeware server, of 196 recognised countries.

Its report discovered that Asian and Eastern European countries accounted for the majority of activity, and that the majority of advanced persistent threat (APT) callback activities were associated with APT tools that are made in China or that originated from Chinese hacker groups and the main tool is Gh0st RAT.

Speaking to SC Magazine, FireEye's senior director of malware research, Rob Rachwald, said that UK statistics showed that communications were mostly 'in-country', so attackers were not setting up C&C servers, as they did not have to set them up. “It could be either where the C&C server is, it doesn't mean that the country is attacking, it could be the case that it is being attacked,” he said.

Infosec 2013: DIY survey kits are appearing and beginning to torment search engine results

Survey-based threats on Facebook may be declining, but a rise in 'DIY surveys' could cause concerns.

Speaking to SC Magazine at the Infosecurity Europe exhibition in London, Chris Boyd, researcher at ThreatTrack Security, said that it was only a matter of time before surveys, which capture user's personal information, disappeared.

Boyd said: “The rogue surveys are interesting and from what I can see, I cannot remember the last one, but most of the time they are targeting users. However now it is about rogue links within search engine results as they are a lot easier to drive traffic through.

“We are seeing the 'Facebook survey' run its course, but the concern now is DIY survey kits that encouraged the victim to fill in the survey and eventually download an executable file, and this is becoming more and more popular. This is an existing way of hijacking PCs.”

Asked if this was an especially 'new' challenge, Boyd said it was, as opposed to search engine optimisation poisoning, new threats will leave the details of victims IP addresses open. “People don't know, it is alarming really and there are ways and means of preventing that,” he said.

Five Lessons To Protect Your Business From Identity Theft

Business identity theft has become a big problem across the United States, with businesses large and small losing millions of dollars every year and suffering huge challenges in recovery.

NPR did a great story on business identity theft, saying, “Business identity theft takes many forms. Posing as a look-alike or sound-alike business to lure customers is one of them. But in many cases, shady operators go after information to tap into business’ credit and reputation. They change a business’s contact information, for example, then use it to obtain credit cards or order goods, skipping town before bills arrive.”

However, most business owners are oblivious to the risks, and business ID theft victims don’t know where to turn for information and assistance.

In response to this, the National Association of Secretaries of State and the Identity Theft Protection Association collaborated to create BusinessIDTheft.org. The  website is designed to educate businesses and business owners about business identity theft, help them to manage and reduce their risks, and to provide assistance to victims of business identity theft crimes.

Education on the myriad of business ID theft schemes is provided - from fraudulent filings to cyber crime. There are also resource pages that provide state-specific information and resources for every U.S. state and  territory. The state resource pages were developed with input from the secretaries of state and/or the state commercial administrators.

The website’s business identity theft protection kit is a list of things you can do to keep your business safe and something you definitely ought to review. The list includes:

• How to protect your business bank accounts from fraud
• How to protect your business information and identifiers
• How to protect your credit
• How to protect your computers and network
• How to avoid being burned on fraudulent orders

And there’s a lot more. There are some great resources on the website and we at SmallBizTechnology.com strongly encourage you to check it out.

Let us know if you’ve had experiences with business ID theft, and how you dealt with it, in the comments.

How You Can Stay on Top Like Apple

If Apple’s brand doesn’t already impress you, consider the fact that Apple’s store in New York City has a valuation of approximately $4,700 per square foot. Jiminy Cricket - that’s worth as much as the White House.

Despite increased competition from Google and Samsung, Apple retains its status as king of the technological marketplace. Forget any rumors of Apple’s demise. All brands experience cyclical business waves, and while Apple may have had recent blips on the radar, their overall trajectory is still impressive by any figure.

Fortunately, you can incorporate a little bit of Apple into your pie by learning from their marketing strategy. Just like the technology it sells, Apple’s marketing strategy focuses on staying relevant and nimble.

Lessons From Apple’s Geniuses

One of the reasons Apple has stayed on top is because of their incredible customer service. I mean, has anyone else been flocked by a swarm of blue-shirted employees the instant they step foot into the Apple store?

Apple’s customer service goes far beyond their helpful floor associates. Anytime you have a problem with your device, you can bring it in to be seen and troubleshot by a “Genius.” And these Geniuses actually know how to fix the technological issues you face. Unlike Best Buy’s Geek Squad, which has frustrated many consumers,Geniuses are effective.

Likewise, is your customer service equipped to handle problems?

Apple’s Comprehensive Marketing Strategy

Apple’s content is everywhere, from YouTube to television to Twitter. Regardless of where you look, the tone of their brand and advertising content is consistent. By keeping a focused vision of what you want your marketing to look like, you will be able to enact a consistent marketing strategy.

Also remember that content isn’t limited solely to your advertising. Emails that you exchange as part of customer service become content that you can use to your advantage. For instance, Steve Jobs was known as one of the few CEOs who personally responded to customer service emails. Even though it was impossible for him to respond to everything, of course, his gesture distinguished him as a CEO who truly valued the consumer experience - and that built loyalty.

You’re Only As Strong As Your Weakest Product

What was one of the first things that Steve Jobs did when he returned to Apple? He slashed the company’s product offerings from nearly 400 to just 10. Jobs wanted to focus on the quality of Apple’s products, thereby ensuring that consumers understood that anything they bought from Apple would be quality no matter what.

Likewise, when you ensure that your brand only carries and promotes the best products, you’re building consumer trust.

Apple Photo via Shutterstock

How You Can Stay on Top Like Apple

If Apple’s brand doesn’t already impress you, consider the fact that Apple’s store in New York City has a valuation of approximately $4,700 per square foot. Jiminy Cricket - that’s worth as much as the White House.

Despite increased competition from Google and Samsung, Apple retains its status as king of the technological marketplace. Forget any rumors of Apple’s demise. All brands experience cyclical business waves, and while Apple may have had recent blips on the radar, their overall trajectory is still impressive by any figure.

Fortunately, you can incorporate a little bit of Apple into your pie by learning from their marketing strategy. Just like the technology it sells, Apple’s marketing strategy focuses on staying relevant and nimble.

Lessons From Apple’s Geniuses

One of the reasons Apple has stayed on top is because of their incredible customer service. I mean, has anyone else been flocked by a swarm of blue-shirted employees the instant they step foot into the Apple store?

Apple’s customer service goes far beyond their helpful floor associates. Anytime you have a problem with your device, you can bring it in to be seen and troubleshot by a “Genius.” And these Geniuses actually know how to fix the technological issues you face. Unlike Best Buy’s Geek Squad, which has frustrated many consumers,Geniuses are effective.

Likewise, is your customer service equipped to handle problems?

Apple’s Comprehensive Marketing Strategy

Apple’s content is everywhere, from YouTube to television to Twitter. Regardless of where you look, the tone of their brand and advertising content is consistent. By keeping a focused vision of what you want your marketing to look like, you will be able to enact a consistent marketing strategy.

Also remember that content isn’t limited solely to your advertising. Emails that you exchange as part of customer service become content that you can use to your advantage. For instance, Steve Jobs was known as one of the few CEOs who personally responded to customer service emails. Even though it was impossible for him to respond to everything, of course, his gesture distinguished him as a CEO who truly valued the consumer experience - and that built loyalty.

You’re Only As Strong As Your Weakest Product

What was one of the first things that Steve Jobs did when he returned to Apple? He slashed the company’s product offerings from nearly 400 to just 10. Jobs wanted to focus on the quality of Apple’s products, thereby ensuring that consumers understood that anything they bought from Apple would be quality no matter what.

Likewise, when you ensure that your brand only carries and promotes the best products, you’re building consumer trust.

Apple Photo via Shutterstock

Work Smarter with Mobile Devices - Chat Recap

Small businesses are becoming more mobile. But learning to work smarter with mobile devices is an ongoing challenge.

On Thursday, April 18, 2013, we were delighted to welcome Judi Hembrough (@JudiHembrough), small business marketing director of Plantronics, to join the small business community for a special live chat on Twitter.   The chat focused on sharing tips and advice on how entrepreneurs use mobile devices including tablets; mobile etiquette, including do’s and don’ts; tips for holding conference calls outside the office; and mobile productivity tips.

Not everyone may have as many items in their briefcase as Ramon Ray (@ramonray), founder of SmallBizTechnology.com.  But the voyeur in all of us was curious to see. So he shared a picture of all the gadgets in his bag that evening:

Thanks to the phenomenal participation from so many entrepreneurs, the chat trended #1 on Twitter for the topic #SmarterWorking on the evening of the event.

The chat was sponsored by Plantronics.  Plantronics also provided three Voyager Legend UC headsets that we randomly gave away during the chat to selected participants who offered insightful answers.

Below you will find a small number of selected excerpts from the event.

When asked the number of mobile devices they used or thought others used, here are a few of the responses:

Thanks to Plantronics for sponsoring this chat and for supplying Voyager Legend UC headsets as prizes for the participants.  Plantronics’ involvement made it possible for us to host the event.

Posted by Anita Campbell on April 23, 2013.

Categories: Technology Trends

About Small Business Trends

Small Business Trends is an award-winning online publication for small business owners, entrepreneurs and the people who interact with them.

Small Business Trends is the premier source of information, news and advice covering issues of key importance to the small business market.  Small Business Trends appears on countless “Top” and “Best of” lists of small business resources.

We offer a variety of newsletters and information feeds to help you stay informed about the small business market.  As we like to Read More

more â†'

Infosec 2013: Flood of breaches show really bad year for small business security

Small businesses in the UK are now experiencing security breach incident levels previously only seen in larger organisations.

This was the biggest takeaway from this year's Information Security Breaches Survey, commissioned by the Department for Innovation, Business and Skills and released at this year's Infosecurity conference in Earls Court, London.

The survey said 87 per cent of small businesses had a security breach in the last year, significantly up from 76 per cent a year ago. This almost matched the 93 per cent of large organisations that had a breach. 

Security breaches reached their highest ever levels compared with previous years of the survey, costing UK companies billions of pounds per year. The costs of these breaches varied widely, with some individual intrusions costing over £1 million.

"Small businesses are really in the crosshairs, much more than they have ever been before," said Andrew Miller, director at PricewaterhouseCoopers, which commissioned the survey 

"The number of attacks they face is up massively. It's a rising trend, and over the last few years the small business communities are in the forefront of a lot of changes."

The survey said attacks by outsiders were increasing, with the average large business suffering an attack every few days. However, the insider threat was still significant, with 36 per cent of the worst breaches due to human error.

Businesses were prioritising security, but this wasn't translating into effective security. The survey said 42 per cent of large organisations were not providing on-going security awareness training for staff. Businesses were even getting basic issues wrong, such as patch management.

Miller added, "The security industry needs to prove to management exactly what value they are getting for the controls they are putting in place."

"We're not quite getting the basics right. There are an awful lot of simple steps which we as organisations aren't doing. There's anÂ!  awfully long road to go just in doing the simple things, let alone in some of the more complex and interesting areas."

Lumension announces plans to launch mobile device management function to security suite

Lumension is to launch a mobile device management (MDM) function to its endpoint management and security suite.

Set to be added later this year, Alan Bentley, senior vice president of worldwide sales for Lumension, told SC Magazine that it expected to release this "within the next six months with the capability built into our platform".

Features of it will include enforced password, remote device lock, disablement of device camera functionality, disablement of non-approved application installation and disablement of back-up to non-approved cloud storage providers.

Bentley said: “We listened to our customer base and asked them what they would like to see, and they said that they would like more visibility from a mobile point of view, so we will give a complete view of capabilities of devices, whether they are corporately or employee-owned.

“From our view we could buy, build or partner with another vendor, but we asked what the customer really wants and we looked at the existing technologies. We are very much focused on what the customer requirements are and we continue to develop feature sets as we go.”

This week, the company announced the launch of version 7.3 of its Lumension endpoint management and security suite (LEMSS) with specific functionality to help defend against reflective memory injection (RMI) attacks, it said.

According to the company, the new capability will protect against sophisticated RMI attacks that are frequently used in the weaponised payloads and attacks that have become more mainstream in today's IT environment.

Also enhanced is the suite's patch and remediation module and anti-virus capabilities, while the device control function now has the capability to encrypt a USB device on a PC, and then unencrypt, and read and write onto that USB device from a Mac.

Lumension announces plans to launch mobile device management function to security suite

Lumension is to launch a mobile device management (MDM) function to its endpoint management and security suite.

Set to be added later this year, Alan Bentley, senior vice president of worldwide sales for Lumension, told SC Magazine that it expected to release this "within the next six months with the capability built into our platform".

Features of it will include enforced password, remote device lock, disablement of device camera functionality, disablement of non-approved application installation and disablement of back-up to non-approved cloud storage providers.

Bentley said: “We listened to our customer base and asked them what they would like to see, and they said that they would like more visibility from a mobile point of view, so we will give a complete view of capabilities of devices, whether they are corporately or employee-owned.

“From our view we could buy, build or partner with another vendor, but we asked what the customer really wants and we looked at the existing technologies. We are very much focused on what the customer requirements are and we continue to develop feature sets as we go.”

This week, the company announced the launch of version 7.3 of its Lumension endpoint management and security suite (LEMSS) with specific functionality to help defend against reflective memory injection (RMI) attacks, it said.

According to the company, the new capability will protect against sophisticated RMI attacks that are frequently used in the weaponised payloads and attacks that have become more mainstream in today's IT environment.

Also enhanced is the suite's patch and remediation module and anti-virus capabilities, while the device control function now has the capability to encrypt a USB device on a PC, and then unencrypt, and read and write onto that USB device from a Mac.

Infosec 2013: Flood of breaches show really bad year for small business security

Small businesses in the UK are now experiencing security breach incident levels previously only seen in larger organisations.

This was the biggest takeaway from this year's Information Security Breaches Survey, commissioned by the Department for Innovation, Business and Skills and released at this year's Infosecurity conference in Earls Court, London.

The survey said 87 per cent of small businesses had a security breach in the last year, significantly up from 76 per cent a year ago. This almost matched the 93 per cent of large organisations that had a breach. 

Security breaches reached their highest ever levels compared with previous years of the survey, costing UK companies billions of pounds per year. The costs of these breaches varied widely, with some individual intrusions costing over £1 million.

"Small businesses are really in the crosshairs, much more than they have ever been before," said Andrew Miller, director at PricewaterhouseCoopers, which commissioned the survey 

"The number of attacks they face is up massively. It's a rising trend, and over the last few years the small business communities are in the forefront of a lot of changes."

The survey said attacks by outsiders were increasing, with the average large business suffering an attack every few days. However, the insider threat was still significant, with 36 per cent of the worst breaches due to human error.

Businesses were prioritising security, but this wasn't translating into effective security. The survey said 42 per cent of large organisations were not providing on-going security awareness training for staff. Businesses were even getting basic issues wrong, such as patch management.

Miller added, "The security industry needs to prove to management exactly what value they are getting for the controls they are putting in place."

"We're not quite getting the basics right. There are an awful lot of simple steps which we as organisations aren't doing. There's anÂ!  awfully long road to go just in doing the simple things, let alone in some of the more complex and interesting areas."

Infosec 2013: Communication skills vital for CISOs of the future

Communication skills and the ability to engage with management are vital for the chief information security officers of the future.

Infosecurity 2013 saw a panel of respected CISOs reveal the skills they've needed to be successful in their roles, together with advice on what was needed to take on such a role for an organisation.

"We deal in what is a very technical discipline in information security," said John Meakin, head of security and technology risk, markets and international banking at RBS. "And yet we're liaising with people, 99.9 per cent who don't speak the same language."

"The key challenge for a CISO, not just for himself but also for the team, is to speak convincingly in a language that mere mortals can understand."

Avtar Sehmbi, head of information security at Centrica, added that a business was there to make money foremost, so any discussions around security risk always needed to have that in mind. 

He said, "It's taken me years and years to work out the busines perspective first and then look at the risk perspective, although they intertwine."

"You do need some kind of engagement strategy. You're selling what you're doing, your initiatives and your views on risk. It's really crucial."

Sehmbi believed that anybody could become a CISO, but many years grounding in different information security disciplines really helped, and that having a good team and hiring the right people was vital.

He said, "You're expected to know all the intricate details, as well a holistic picture. Having that 10, 15, 20 years of grounding is really quite useful."

On the other hand, Simon Riggs, SVP, regional ISO EMEA at Bank of America Merrill Lynch, did not think you necessarily needed to have lots of experience in the security industry for a CISO role.

"You can take transferable skills from any discipline and bring them to the role. That general managing perspective, marshalling the right people and focusing on the right things, doesn't require ! 25 years in the industry."

Infosec 2013: Communication skills vital for CISOs of the future

Communication skills and the ability to engage with management are vital for the chief information security officers of the future.

Infosecurity 2013 saw a panel of respected CISOs reveal the skills they've needed to be successful in their roles, together with advice on what was needed to take on such a role for an organisation.

"We deal in what is a very technical discipline in information security," said John Meakin, head of security and technology risk, markets and international banking at RBS. "And yet we're liaising with people, 99.9 per cent who don't speak the same language."

"The key challenge for a CISO, not just for himself but also for the team, is to speak convincingly in a language that mere mortals can understand."

Avtar Sehmbi, head of information security at Centrica, added that a business was there to make money foremost, so any discussions around security risk always needed to have that in mind. 

He said, "It's taken me years and years to work out the busines perspective first and then look at the risk perspective, although they intertwine."

"You do need some kind of engagement strategy. You're selling what you're doing, your initiatives and your views on risk. It's really crucial."

Sehmbi believed that anybody could become a CISO, but many years grounding in different information security disciplines really helped, and that having a good team and hiring the right people was vital.

He said, "You're expected to know all the intricate details, as well a holistic picture. Having that 10, 15, 20 years of grounding is really quite useful."

On the other hand, Simon Riggs, SVP, regional ISO EMEA at Bank of America Merrill Lynch, did not think you necessarily needed to have lots of experience in the security industry for a CISO role.

"You can take transferable skills from any discipline and bring them to the role. That general managing perspective, marshalling the right people and focusing on the right things, doesn't require ! 25 years in the industry."

Neustar: Too many companies have a \'never happen to me\' attitude in relation to DDoS attacks

Distributed denial-of-service (DDoS) attacks are growing in terms of sophistication and so are the technologies in place to stop them, but large attacks will standardise soon.

Talking to SC Magazine, Susan Warner, market manager for DNS services and DDoS solutions at Neustar, said that as attacks and the ability to rent botnets that deliver multiple gigabyte attacks increase in size and capability, attackers will continue to raise the bar.

She said: “Attackers are getting smarter and there are more ways to enhance attack methods and it will continue to be an effective weapon. It is not just high profile attacks, it happens to every company.”

Asked if there was an attitude of 'it will never happen to me', Warner said that there definitely was, as organisations have to look at the risk and revenue impacts, customer responsibility and brand identity, and said that "this requires a holistic view, but IT say it will not bother us".

She said: “The media cover the large attacks as they look at what has happened to the US banks, but people say 'this won't happen to me'.”

Warner said that attacks are also becoming flexible, and attackers will switch from a volumetric attack to an application layer type and thenback to a volumetric type. In its survey of 704 businesses, Neustar discovered that 33 per cent of UK respondents had experienced an attack in the last 12 months, and that 70 per cent of attacks lasted a day.

The survey found that of those respondents who had DDoS protection solutions in place, the number who did not have anything in place to mitigate attacks had dropped from 25 per cent in 2011 to eight per cent in 2012.

It also found that attacks had been seen at up to 120Gbps, the average was 50Gbps, but sometimes attacks were one to two Gbps. Warner said: “It is really frustrating to go down for multiple days; it creates uncertainty with your customers and they go to find out what is happening and it creates a problem for the organisation, and this can be a customer service nightmare.

“A one to two Gbps attack can be enough to take down a website, while 15 per cent of respondents said that attacks were at least 20Gbps, and that will cause a lot of damage to a large organisation. The Spamhaus attack was 310Gbps, and the next attack will be larger.”

ICO fines against self-reported breaches increased by two-thirds last year

The number of self-reported data breaches to the Information Commissioner's Office increased from 730 to 1,150 in the space of a year.

According to a Freedom of Information Act request by ViaSat, there were 730 self-reported breaches between March 2011 and February 2012, and 1,150 in the same months during 2012 to 2013.

Chris McIntosh, CEO of ViaSat UK, said: “Those of us concerned about the state of data protection in the UK can take some comfort from these figures. First is the fact that more data breaches are being reported; while this may mean an increase in the number of breaches, it also suggests that such breaches are being more readily identified and reported, rather than left unreported where the issues causing them will fester, unresolved.

“Second, it is clear that the ICO is standing by its promise to use both the carrot and the stick when enforcing the Data Protection Act. Not only has the number of monetary penalties increased year-on-year, but they have grown in size and been implemented across both the public and private sectors."

Also, over the same periods, the number of monetary penalties imposed on organisations for poor data security massively increased: from nine penalties totalling £791,000 in 2011-2012 to 20 penalties totalling £2,610,000 in 2012-2013, a growth of 230 per cent.

The request found that whilst eight of the nine monetary penalties in 2011-2012 were levied against the public sector - accounting for £790,000 of the £791,000 levied - in 2012-2013 the figure was more even: with four of the 20 penalties levied against the private sector for a total value of £520,000 out of £2,610,000.

In a recent SC Magazine webcast poll, 79 per cent of listeners agreed that if you suffer from a cyber security breach, you must report this to national regulators.

Speaking on that webcast, Stewart Room, partner at Field Fisher Waterhouse, said that this needs guidance and because there was no obligation to disclose to the regulator under the current Data Protection Act policy, it comes down to choice.

“Of 25 fines issued last year, 21 were self-reported while the other four were against those who were found out and if you disclose, you are at risk of being fined, but it doesn't give you an amnesty against fines,” he said.