The deadline for technology companies to compete in CRM Idol is fast approaching. Â Monday, June 10, 2013 is the entry deadline.
CRM Idol takes a broad view of what constitutes CRM technology â€" it’s a competition to discover the most promising new marketing-related technologies.  Here is a sampling of the kinds of technology that may qualify:
CRM applications
Marketing Automation
ocial Marketing
Content Marketing
Sales Force Automation
Sales Intelligence
Sales Optimization
Sales Enablement
Sales Operations
Customer Service
Web Self-Service
Customer Experience Management (CEM, CXM)
Social Media Monitoring
Customer Analytics
Enterprise Feedback Management
Reputation Management/Engine
Innovation Management
Companies must have less than $12 million in revenue and have been founded less than seven years ago.
“The submissions for this competition keep getting better and better,†said Paul Greenberg, CRM Idol founder. “Every year we see great companies committed to innovation in the CRM space, and I’m sure this year will be no different.â€
Once submissions are in, those who meet requirements will be announced June 20. After product demonstrations, interviews, and voting by judges and the public, the CRM Idol 2013 winners will be announced Wednesday, Dec. 11, 2013.
This is the third year for the CRM Idol competition. Â Eight former participants in the competition have been acquired, with many others enjoying increased visibility and great success. Â Former winners and participants cite CRM Idol as an important differentiator with both prospects and investors.
The primary judges for CRM Idol 2013 for the Americas include industry experts Brent Leary, co-founder and partner of CRM Essentials LLC, Denis Pombriant, founder and managing principal of Beagle Research, Esteban Kolsky, principal and founder at ThinkJar LLC, Jesus Hoyos, partner and co-founder of Solvis Consulting, and Paul Greenberg, managing principal at the 56 Group.
Winners of the competition will be awarded with consulting hours from the judging panel, the opportunity to pitch to investing partners including Bain Capital Ventures, publicity with leading industry publications, and technology licenses with valuable tools including Salesforce.com, Infusionsoft, and Marketo.
When Superstorm Sandy hit New Jersey in October 2012, roughly 8.5 million customers were without power. In some areas, it was for weeks and even months. Over 19,000 businesses sustained damages of $250,000 or more with a total loss to area businesses of $8.3 billion. Tragic as it was, this was just one state facing the wrath of only one storm. As we near hurricane season and on the tail end of a tragic tornado season, businesses are facing more and more potential catastrophic damages due to power outages, telecommunications failures, and security issues. These problems create more downtime and loss of business that can take years to makeup. That is why disaster recovery should be a vital part of planning for catastrophes in every business. Knowing how to keep data safe and how to recover any loss data is simply smart business.
In preparing for natural and man-made disasters, business owners or managers should be considering several factors including what protection is needed when a disaster occurs, what is the best way to bring data back online, and what resources are available to help to do these things. Â There is more than just bringing a network system back up, Â including security such as firewalls and identity and access management; IT applications such as email and customer relationship management; voice services as used in call centers; and unstructured data such as spreadsheets and word documents.
Thankfully, there are new services coming available that can help a business keep data safe during a disaster. EarthLink recently announced their new Cloud Disaster Recovery service, a cloud-based IT disaster recovery solution that securely stores data assets for a business in EarthLink’s SSAE 16 compliant data centers to keep them protected from events that could cause a business’ servers to fail. The Cloud Disaster Recovery requires no capital expenditure, protects leading software applications such as SQL Server, Exchange, and SharePoint, and features customized email event notification. With the forecast for more and fiercer storms in the future, IT managers have to adapt and improvise more than ever to protect important business data. As Michael D. Toplisek, Executive Vice President of Sales and Marketing for EarthLink stated, “IT leaders must tackle complex business challenges with leaner udgets and staff.  Planning ahead with a sound disaster recovery plan is at the top of their list.â€
Having a plan and utilizing recovery solutions will ensure that your business doesn’t completely shut down in the event of a disaster. Are you prepared?
When Superstorm Sandy hit New Jersey in October 2012, roughly 8.5 million customers were without power. In some areas, it was for weeks and even months. Over 19,000 businesses sustained damages of $250,000 or more with a total loss to area businesses of $8.3 billion. Tragic as it was, this was just one state facing the wrath of only one storm. As we near hurricane season and on the tail end of a tragic tornado season, businesses are facing more and more potential catastrophic damages due to power outages, telecommunications failures, and security issues. These problems create more downtime and loss of business that can take years to makeup. That is why disaster recovery should be a vital part of planning for catastrophes in every business. Knowing how to keep data safe and how to recover any loss data is simply smart business.
In preparing for natural and man-made disasters, business owners or managers should be considering several factors including what protection is needed when a disaster occurs, what is the best way to bring data back online, and what resources are available to help to do these things. Â There is more than just bringing a network system back up, Â including security such as firewalls and identity and access management; IT applications such as email and customer relationship management; voice services as used in call centers; and unstructured data such as spreadsheets and word documents.
Thankfully, there are new services coming available that can help a business keep data safe during a disaster. EarthLink recently announced their new Cloud Disaster Recovery service, a cloud-based IT disaster recovery solution that securely stores data assets for a business in EarthLink’s SSAE 16 compliant data centers to keep them protected from events that could cause a business’ servers to fail. The Cloud Disaster Recovery requires no capital expenditure, protects leading software applications such as SQL Server, Exchange, and SharePoint, and features customized email event notification. With the forecast for more and fiercer storms in the future, IT managers have to adapt and improvise more than ever to protect important business data. As Michael D. Toplisek, Executive Vice President of Sales and Marketing for EarthLink stated, “IT leaders must tackle complex business challenges with leaner udgets and staff.  Planning ahead with a sound disaster recovery plan is at the top of their list.â€
Having a plan and utilizing recovery solutions will ensure that your business doesn’t completely shut down in the event of a disaster. Are you prepared?
Sameer and Ramon will share 49 ideas that will spice up your marketing program. You will learn how to use Information Marketing & Education Marketing to increase your bottom line by creating products and services that work in conjunction with your existing business or as a stand-alone business!
In this fun, interactive 2-hour seminar, you’ll learn how to:
Get clients to know, like & trust you!
Establish yourself as the expert in your industry (even if you’re not)
Add backend products & services so you’re never leaving money on the table!
Ramon will show you how to use the 7 steps of Lifecycle Marketing to capture leads, nurture prospects and turn customers into loyal, lifelong customers. This seminar is not for the weak at heart, so be prepared to come and LEARN so you can leave and GROW your business!
Your Presenters:
Ramon Ray, Regional Director of Development, Infusionsoft and Technology Evangelist, Smallbiztechnology.com
Sameer Kumar, Educator on how to leverage what’s in your head to make money, have more fun, and do it all while keeping business simple.
Apple continues to lead the pack in the U.S. as a smartphone make.   To iPhone users, that’s probably not a surprise.  iPhone users tend to be loyal fans.
More than 39 percent of mobile subscribers in the 3 month average ending April used Apple smartphones, comScore reports. That’s more than any other smartphone maker.
And popularity is growing.  April’s figures are a 1.4 percent increase over Apple’s share of the market as measured in January. The company’s market share in this category actually increased by nearly a full percentage point over its closest competitor, Samsung.
Here is how the rest of the smartphone market breaks down:
Samsung was next, with 22 percent of the market, up just over half a percentage point since January. These figures could change in favor of Samsung if the company sees customers confidently buying its Galaxy S4 smartphone or its competitively priced Galaxy S4 Mini (when it’s released).
Phone makes HTC (9.7%), Motorola (8.6%), and LG (7%) follow.
If you count by operating platforms â€" instead of phone makers â€" the story is different.
Google’s Android continues to dominate in the smartphone operating system market. This market is measured by the number of subscribers using the Android operating system, versus a particular make of phone.
According to comScore’s MobiLens service, over half of the 138.5 million smartphone users in the U.S. have phones running Google’s Android platform. But Android’s lead among operating systems decreased nearly two full percentage points from January to April.
Apple’s iOS, of course, is next at 39% and saw a 1.4 percent increase as mentioned above.
BlackBerry and Windows phones’ market shares each dropped a bit, less than a percentage point over the same period, according to the MobiLens survey.
MobiLens gets its information from a nationwide sample of smartphone subscribers over the age of 13. Only primary mobile phone numbers are used to collect data.
Lima Forensic Case Management Software from IntaForensics is a complete, end-to-end case management system that offers an easy way to organise every aspect of a digital forensic investigation.
The standout feature for Lima is its ability to tailor the system to the needs of the organisation. Whether it is being used for public or private sector use, Lima provides enough functionality and customisation capabilities to meet demand.Â
Perhaps more importantly, this system can be used to establish case management procedures that follow industry regulations, legal requirements and digital forensic best practices. This will help to ensure that if a case goes to court, or the process is audited by a regulatory agency, that there is a defensible and repeatable process in place.
Additionally, Lima provides some out-of-the-box functionality that can be useful. It can be configured to use an SMTP server, allowing alert and update emails to be sent to designated users throughout an investigation. Lima also allows the use of custom-report templates. These can be populated at the click of a button with data from the case in those instances where a physical document needs to be produced.Â
Another key strength of the system is extremely granular security controls, which allow user access to be locked down by modules, cases and even individual aspects of a case. It ties into Microsoft Active Directory for user access management, allowing user access provisioning to be integrated into existing processes. A log is generated of all activity that takes place within a case, making identifying which investigator made a change a simple task.Â
There is a bit of a learning curve when it comes to installing this product and using it to its full potential, so IntaForensics highly recommends the optional training sessions they offer for new users.Â
The server installation process required that an SQL database be created for the program. User accounts then had to be created and granted access to it. In addition, case-related configuration settings need to be entered during installation. This can be a daunting task for a less-experienced user.Â
Fortunately, IntaForensics provides a detailed, step-by-step installation guide in the Lima Server help file, and has bundled all of the necessary tools to get the SQL database up and running. Once installed, the server administration interface is straightforward, and organisation-specific configuration of the case management system can be accomplished quickly.Â
During our testing, we did not experience any significant performance or stability issues. The client and server interfaces and the included modules launched quickly. Processing time while using the system was negligible.Â
The base price is £3,495, which includes a perpetual licence for the server and two clients, as well as one year of support and all updates. Training, additional client licences, optional modules and additional years of support are available as extra costs. The capabilities are well worth the price. Lima would be of value to any organisation that is struggling to manage a heavy caseload.
Sameer and Ramon will share 49 ideas that will spice up your marketing program. You will learn how to use Information Marketing & Education Marketing to increase your bottom line by creating products and services that work in conjunction with your existing business or as a stand-alone business!
In this fun, interactive 2-hour seminar, you’ll learn how to:
Get clients to know, like & trust you!
Establish yourself as the expert in your industry (even if you’re not)
Add backend products & services so you’re never leaving money on the table!
Ramon will show you how to use the 7 steps of Lifecycle Marketing to capture leads, nurture prospects and turn customers into loyal, lifelong customers. This seminar is not for the weak at heart, so be prepared to come and LEARN so you can leave and GROW your business!
Your Presenters:
Ramon Ray, Regional Director of Development, Infusionsoft and Technology Evangelist, Smallbiztechnology.com
Sameer Kumar, Educator on how to leverage what’s in your head to make money, have more fun, and do it all while keeping business simple.
Pay-per-click (PPC) advertising has proven to be an extremely effective way to market your business across the web for years. If you’re doing PPC advertising on your own, the odds are that you’re probably not getting the best potential out of your ad campaigns. To correct this, many businesses have started relying on online marketing services that provide PPC management.
The above-mentioned online marketing platforms assist you with your ad campaigns to make them as effective as possible. Your return on investment predictably improves with their proven methods of advertisement. However, there are some caveats to using these services.
First of all, they’re quite cost-prohibitive. Orange Soda, a provider of local targeted online marketing for businesses, gives you its services for a starting price of $475 a month. The advantages? Such services streamline the whole advertising process and make it very easy for you to invest time and effort in running your business rather than shifting that focus into marketing. Still, the upfront cost of such a platform can be described as biting off more than you can chew, in most cases. This is aside from the fact that Orange Soda itself is more focused on local marketing rather than national, or international, endeavors.
Reach Local, another provider of web marketing services that suffers the same fate as Orange Soda: It’s, uhm, local.
What if you don’t want a ton of services you don’t really need, and want a service that allows you to advertise across a bigger territorial and demographic spectrum? Here’s where AgileBid comes in.
They specialize in PPC management, rather than being a “jack of all trades.†So, if this is the core element of your online marketing strategy, you might want to steer your eyes in their direction. For just under $50 a month, they’ll take over the work involved in making sure that your ad campaign flies where you want it to go. They’ll do the keyword research, the bidding, and all the other optimization stuff for you so you don’t have to worry about it. AgileBid is also compatible with Google AdWords, Bing Ads, and Yahoo Ads.
Whether you’ve got a big-budget company raking in the upper end of six figures every year or a mom-and-pop establishment that’s got a more modest budget, you’d stand to benefit from a proper service that can manage your PPC campaigns in a way that will make your conversion figures look a little more hefty.
Pay-per-click (PPC) advertising has proven to be an extremely effective way to market your business across the web for years. If you’re doing PPC advertising on your own, the odds are that you’re probably not getting the best potential out of your ad campaigns. To correct this, many businesses have started relying on online marketing services that provide PPC management.
The above-mentioned online marketing platforms assist you with your ad campaigns to make them as effective as possible. Your return on investment predictably improves with their proven methods of advertisement. However, there are some caveats to using these services.
First of all, they’re quite cost-prohibitive. Orange Soda, a provider of local targeted online marketing for businesses, gives you its services for a starting price of $475 a month. The advantages? Such services streamline the whole advertising process and make it very easy for you to invest time and effort in running your business rather than shifting that focus into marketing. Still, the upfront cost of such a platform can be described as biting off more than you can chew, in most cases. This is aside from the fact that Orange Soda itself is more focused on local marketing rather than national, or international, endeavors.
Reach Local, another provider of web marketing services that suffers the same fate as Orange Soda: It’s, uhm, local.
What if you don’t want a ton of services you don’t really need, and want a service that allows you to advertise across a bigger territorial and demographic spectrum? Here’s where AgileBid comes in.
They specialize in PPC management, rather than being a “jack of all trades.†So, if this is the core element of your online marketing strategy, you might want to steer your eyes in their direction. For just under $50 a month, they’ll take over the work involved in making sure that your ad campaign flies where you want it to go. They’ll do the keyword research, the bidding, and all the other optimization stuff for you so you don’t have to worry about it. AgileBid is also compatible with Google AdWords, Bing Ads, and Yahoo Ads.
Whether you’ve got a big-budget company raking in the upper end of six figures every year or a mom-and-pop establishment that’s got a more modest budget, you’d stand to benefit from a proper service that can manage your PPC campaigns in a way that will make your conversion figures look a little more hefty.
This webinar walks through the key concepts of having a business-class website, something so many small business struggle with. What’s a business-class website, you ask? It’s a website that is not just an online business card, but a powerful asset used for communication, sales or some other strategic business purpose. While many small businesses are focused more on social media efforts, websites are still the nmost important communication tool a business can possess and ensuring that your communication is spot-on to potential customers is a necessity.
While the webinar is now over, you can still listen to a recorded session by registering here.  You can also check out Ramon’s ‘Ten Website Musts‘ for more great tips on creating a business-class website and review the outline below:
This webinar walks through the key concepts of having a business-class website, something so many small business struggle with. What’s a business-class website, you ask? It’s a website that is not just an online business card, but a powerful asset used for communication, sales or some other strategic business purpose. While many small businesses are focused more on social media efforts, websites are still the nmost important communication tool a business can possess and ensuring that your communication is spot-on to potential customers is a necessity.
While the webinar is now over, you can still listen to a recorded session by registering here.  You can also check out Ramon’s ‘Ten Website Musts‘ for more great tips on creating a business-class website and review the outline below:
Foursquare is following the lead of other social media sites with more promoted posts,  this time courting small businesses. The pilot program allows small businesses to pay for promoted listings which would appear to Foursquare users when those users are near a business’s location.
Based on a report about Foursquare Local Updates we published last year, the service appears similar to one the company rolled out then â€" with some obvious differences. The existing feature allows small businesses to send messages about deals, specials, new items or any other pertinent information to Foursquare users who were already loyal customers.
Now, for a fee, under this new program, small businesses will be able to reach Foursquare users who might not be customers yet.
One difference, of course, is the new Foursquare promoted listings would allow small businesses to reach out and lure in new customers more  proactively. This way, you can make potential customers aware of your business for the first time.
And of course, the new service is fee-based - you have to pay for promoted listings. Â The fee is cost-per-action based, meaning the merchant pays only if someone taps on the promotion or checks in. Â The existing Local Updates and Specials are free.
The new promoted listings are marked with the word “Promoted†next to them.
So far the new program appears to be a test or pilot program. Â Foursquare is already working on promotions with select small businesses in the New York City area.
AdAge.com reports Foursquare is allowing small business advertisers to select certain criteria based on user account profiles. That way, a fine dining restaurant, for example, could find customers who express an interest in restaurants via their profiles or through their previous check-ins.
KFC, Radioshack and several other national brands have been using this form of advertising on Foursquare for some time. Â This latest Foursquare promoted listings advertising feature is now being rolled out to small businesses in a limited fashion in New York City, according to AdAge.com.
Over 1,000,000 businesses use the Foursquare merchant platform today â€" a ready pool of potential advertisers for Foursquare to tap into.
Yahoo CEO Marissa Mayer has made the return of teleworkers to the office a hot topic of coverage. We’ve covered it here at Smallbiztechnology and shared our thoughts on the Telecommuting Debate Pro’s and Con’s and shared tips on how you teleworkers can succeed outside of the corporate office. Ultimately, though, we are seeing that workers are being called back into the office, which can be a tough transition, not only for those returning, but for the workers already there.
Rosalinda Randall, a modern day etiquette and civility expert, and owner of Your Relationship Edge, shares the following tips on how to ease back into the office environment and do so while remaining productive and professional.
Rosalinda Randall, Etiquette and Civility Expert - Your Relationship Edge
Reentering to the Workplace: Adjusting Your Attitude, Attire, and Agenda
Â
Returning to the workplace after having worked from home is not only an adjustment for you, but also for your co-workers.
Undoubtedly, there will be one or two of your co-workers who may exhibit a peevish disposition when they are around you. How can you win them over?
Here are 5 Ways to Make Amends with Resentful Co-Workers:
1)Â Â Â Ask them for their opinion or assistance relating to work.
2)Â Â Â Greet them every day.
3)Â Â Â Smile or nod when you pass them in the hall.
4)   Invite them for coffee or lunch. Focus the conversation on them.
5)Â Â Â Most of all, give them time to get over it.
It is up to you to reenter and reestablish relationships with grace, patience, and effort. Expect a period of adjustment and consider their standpoint:
They aren’t used to having to listen to your opinions or comments throughout the day.
They may resent you for having been away, not carrying your weight, not attending the endless meetings that they had to endure; perhaps being set up with a newer computer and office furniture, or simply having to make room for you.
They may reply curtly to questions that seem obvious to them.
They may forget to invite you to lunch or for drinks after work.
 They may become annoyed when you describe the perks of a day in the life of working from home.
They may not cut you any slack.
12 Tips to Make Your Comeback Productive, Pleasurable, and Professional
Don’t bring your, “this is how I’ve been doing it†attitude.
Keep in mind that you are no longer on your own schedule.
Your actions and style affect those around you.
Your attire should match your co-workers’ attire.
Your priority should be to meet with each of your colleagues to re-engage.
If you aren’t sure about something, ask.
Listen. Your colleagues can be invaluable in filling you in about rules, protocol, and changes. Follow suit.
If you have brilliant ideas for change, wait a month or so before you present them.
You aren’t a guest; get up and get it yourself. Don’t act helpless.
Don’t whine about how bad traffic is, how much it’s costing you in gas to drive into work, your clothing bill, how you miss watching “The Talkâ€, or getting a load of laundry done.
Don’t submit a request for “time off†unless it is an emergency.
Bring in some donuts or a few pizzas for everyone.
If after a month or so, you are still experiencing discourteous communication or an uncooperative reaction from someone, it would be advisable to seek counsel from your superior.
In closing, delight in the fact that you are employed and that you had the privilege to work from home, all be it terminated.
Rosalinda Randall is a modern-day expert on etiquette and civility. By lending personality and humor to an age-old topic, Rosalinda has been successfully improving workplace environments, relationships, spreading civility and sharing enthusiastic and insightful etiquette advice for more than 14 years. Some of Rosalinda’s audience and clients include business executives, sales professionals, customer service and administrative professionals, civic groups, teens and children, and formerly incarcerated men and women. www.yourrelationshipedge.com Â
Yahoo CEO Marissa Mayer has made the return of teleworkers to the office a hot topic of coverage. We’ve covered it here at Smallbiztechnology and shared our thoughts on the Telecommuting Debate Pro’s and Con’s and shared tips on how you teleworkers can succeed outside of the corporate office. Ultimately, though, we are seeing that workers are being called back into the office, which can be a tough transition, not only for those returning, but for the workers already there.
Rosalinda Randall, a modern day etiquette and civility expert, and owner of Your Relationship Edge, shares the following tips on how to ease back into the office environment and do so while remaining productive and professional.
Rosalinda Randall, Etiquette and Civility Expert - Your Relationship Edge
Reentering to the Workplace: Adjusting Your Attitude, Attire, and Agenda
Â
Returning to the workplace after having worked from home is not only an adjustment for you, but also for your co-workers.
Undoubtedly, there will be one or two of your co-workers who may exhibit a peevish disposition when they are around you. How can you win them over?
Here are 5 Ways to Make Amends with Resentful Co-Workers:
1)Â Â Â Ask them for their opinion or assistance relating to work.
2)Â Â Â Greet them every day.
3)Â Â Â Smile or nod when you pass them in the hall.
4)   Invite them for coffee or lunch. Focus the conversation on them.
5)Â Â Â Most of all, give them time to get over it.
It is up to you to reenter and reestablish relationships with grace, patience, and effort. Expect a period of adjustment and consider their standpoint:
They aren’t used to having to listen to your opinions or comments throughout the day.
They may resent you for having been away, not carrying your weight, not attending the endless meetings that they had to endure; perhaps being set up with a newer computer and office furniture, or simply having to make room for you.
They may reply curtly to questions that seem obvious to them.
They may forget to invite you to lunch or for drinks after work.
 They may become annoyed when you describe the perks of a day in the life of working from home.
They may not cut you any slack.
12 Tips to Make Your Comeback Productive, Pleasurable, and Professional
Don’t bring your, “this is how I’ve been doing it†attitude.
Keep in mind that you are no longer on your own schedule.
Your actions and style affect those around you.
Your attire should match your co-workers’ attire.
Your priority should be to meet with each of your colleagues to re-engage.
If you aren’t sure about something, ask.
Listen. Your colleagues can be invaluable in filling you in about rules, protocol, and changes. Follow suit.
If you have brilliant ideas for change, wait a month or so before you present them.
You aren’t a guest; get up and get it yourself. Don’t act helpless.
Don’t whine about how bad traffic is, how much it’s costing you in gas to drive into work, your clothing bill, how you miss watching “The Talkâ€, or getting a load of laundry done.
Don’t submit a request for “time off†unless it is an emergency.
Bring in some donuts or a few pizzas for everyone.
If after a month or so, you are still experiencing discourteous communication or an uncooperative reaction from someone, it would be advisable to seek counsel from your superior.
In closing, delight in the fact that you are employed and that you had the privilege to work from home, all be it terminated.
Rosalinda Randall is a modern-day expert on etiquette and civility. By lending personality and humor to an age-old topic, Rosalinda has been successfully improving workplace environments, relationships, spreading civility and sharing enthusiastic and insightful etiquette advice for more than 14 years. Some of Rosalinda’s audience and clients include business executives, sales professionals, customer service and administrative professionals, civic groups, teens and children, and formerly incarcerated men and women. www.yourrelationshipedge.com Â
For all its wonder, the internet can still be a dangerous place and protecting your business’ online presence from cyber-attacks has never been more important. Leaving your online presence in a state of vulnerability can greatly damage your reputation as a company, as well as your relationship with other businesses, according to online security giant Symantec.
In one of their latest reports, Internet Security Threat Report (ISTR) Volume 18, Symantec found that the number of phishing attacks that had “spoofed†social network sites had risen by a staggering 123% last year. Meanwhile, companies’ own websites have been attacked and email-based hacks are also very common, as they can serve as portals into other sites and to other sensitive information.
So why exactly is it that hackers target the websites of small businesses opposed to larger companies? “Small businesses generally don’t have the same IT budgets as larger enterprises,†explains Paul Wood, Symantec’s cyber security intelligence manager, “and are less likely to have the defense-in-depth protection that larger businesses can afford. This makes them attractive targets for attackers.â€
“Moreover, small businesses are often in the supply chain to larger enterprises, and may have access to proprietary company confidential information, such as source code or project designs,†he says. “Moreover, a direct attack on a large company may be detected quickly and blocked, whilst an attack against a supplier, which is an SMB is perhaps more likely to succeed.â€
Cyber attackers are looking to gain currency in the form of information and a small business provides an easy stepping stone for someone with the know-how and malicious intent, assuming the small business hasn’t taken the necessary action to protect themselves. It’s vital that small businesses remain vigilant at all times when online.
“We are all more likely to trust something that comes from someone we know and trust. A message from a buddy linking to a video clip that purports to contain an amusing image of you is likely to attract your attention quickly,†says Paul on being wary of what you click. “Web-based email addresses are also popular for hacks, as these are often the keys to the other websites, such as social networks. We authenticate using our email addresses - and if an attacker can gain access to your webmail account, they can reset the passwords for a number of other accounts, like social networks, by clicking on the ‘I’ve forgotten my password’ button - which often sends you an email with a link to click on to reset your password, thus locking-out the legitimate users.
Paul offers three solid tips on protection, which  include:
Regularly changing your password and having different passwords on each account
Installing and updating the latest security software
Being cautious at all times (the most important tip!)
 “Security problems that originate with humans don’t have easy technical solutions. However, with proper user education, you can reduce the risk of successful phishing attacks on the social networks you and your employees use both professionally and personally,†adds Paul.
It’s a silly little thing, but to me there is nothing more irritating than visiting a shop or restaurant and finding the door locked and no display of what their business hours are so I can return.  It’s an easy way to lose potential customers and really quite senseless, since it can be remedied with a simple sign.
If you operate a brick and mortar location and you aren’t advertising what your business hours are (or even if you are and you want a more stylish way to do so!),  then you need to check out the ‘Business Hours Giveaway‘ from Signs.com.
Signs.com will be giving away FREE business hour decals to the first 5,000 businesses who visit the giveaway site and redeem their sign. That’s right - FREE and with no strings attached. You can even pick from one of eleven professionally designed templates that you can customize with your store or office hours.
So there it is….no more excuses for not displaying your business hours for potential customers and no excuse for having some ratty hand written sign, either!  Head over to the ’Business Hours Giveaway‘ site and get your sign now!
With the rise of mobile, social and the cloud, you are also seeing the rise of subscription model businesses. A model of business built on building long-term customer relationships, and not on one-off transactions. Companies like The Tie Society, who don’t sell you ties, but a subscription to wear a tie for a while, ship it back, and then where another tie for a while. Or the Dollar Shave Club, where you get razor blades sent to your house each month so you never have to go to a store for razors again. These subscription-based companies have to continually provide value to keep people signed up, or else they’re out of business. One of the more popular subscription-based offerings is the Amazon Prime Membership - Amazon.com’s $79/year service that allows you free 2-day shipping on pretty much everything they offer.
In this interview, my featured guest, R.J. Hottovy of Morningstar, discusses the findings of his recent report on how Amazon Prime members are worth eight times as much to the company than non Prime customers. And how building a subscription-based membership program can drive revenue and create an army of loyal customers that keep competitors away.
* * * * *
Small Business Trends: Can you tell us a bit about your personal background?
R.J. Hottovy: I am a senior eCommerce analyst at Morning Star. I also am the Global Director of Consumer Equity Research and I am responsible for a team that covers three hundred equities with 100 of those either in Europe or Asia or closer to our teams in Sydney, Australia and Shenzhen, China as part of Morningstar’s global equity research coverage.
I’ve been covering the eCommerce space for over a decade at this point and it’s been one of the most disruptive forces in retail since the advent of warehouse clubs in the early 90′s.
Small Business Trends: One of things that I want to talk to you about is the effect the Amazon Prime Membership has had?
R.J. Hottovy: Amazon, in particular, is one of the more debated stocks in the consumer universe. I think most people would recognize the tremendous growth; with cumulative average revenue growth averaging above 25% the last three years. So no one can deny that this is a tremendously fast growing company.
But the question - with operating margins contracting from 5%, three years ago to essentially just 1% this past year on a reported GAAP basis - is, ‘Can Amazon monetize this growth?’ Because without that, the growth becomes a moot point.
I started building some frameworks on how Amazon can monetize its growth. Some things that caught my eye are its digital content through its Kindle ecosystem, Amazon Web Services and the idea of Fulfillment by Amazon. One of the things that was under appreciated in the market was the fact that Amazon Prime, in its own right, was a pretty meaningful building block of profitability for this company. Something that, as it gets more and more members, not only increases top line revenues, but can also be profitable.
Small Business Trends: You estimated at the end of 2012 that there were roughly 10 million Amazon prime members. That number dramatically jumps in the last couple of years to around 25 million?
R.J. Hottovy: That’s approximately where we see things going as of 2017. Granted, there’s a lot of different variables at play. We feel there is a reasonable assumption of where this program can grow. I think that the idea of having Amazon Prime trial memberships that go long with a Kindle Fire purchase is going to help. I think the idea of adding substantial content - both video as well as some book and magazine content to the membership - is going to go a long way.
But I think at the end of the day, what’s been the selling point of this program is just the idea of having access to a wide set of products that you can get to your doorstep within a couple of days at low prices.
I think that is a combination of things which is going to help you draw more people to Amazon and entice them to become Prime members.
Small Business Trends: The other thing from an Amazon perspective is the impact that this program seems to have on buying patterns and behaviors. Your research pointed out that the average Prime member spends a little over twice the amount of the average Amazon shopper?
R.J. Hottovy: This study was done in partnership with a company called Consumer Intelligence Research Partners. What we found is that, generally speaking, last year Prime members spent about twice as much as non Prime members. They spent about $1,200 dollars compared to $600 for non Prime members. What’s also interesting is that the average person shopping online last year spent approximately $1,000. What that says to us it that Prime members generate more incremental revenue per than non Prime shoppers. They are doing most of their online shopping on Amazon as opposed to going to other sites. Prime members generate more income.
To us that’s interesting because that shows that Amazon has a powerful network effect it and has become a destination for consumers - that they have to be on that site. I think that’s powerful and shows that Amazon is protecting it’s customer base with it’s Prime membership program.
Small Business Trends: You actually say that a Prime member is eight times as valuable to Amazon as a non primer?
R.J. Hottovy: That is correct. They are driving a significant portion of the overall revenue. I think the interesting thing to is tying in this whole idea around, ‘Can Amazon be profitable?’ What we found doing the analysis is we broke down every line item that Amazon has. We pointed out that an average Prime customer brings in $700 in incremental revenue. When you include the $79 membership fee, what we found is that Amazon is actually generating about $80 in incremental profit on that revenue that they take in from a Prime member which is an operating margin of about 8%.
Now that compares to Amazon’s overall operating margin of 1%. The difference there is because Amazon is investing a lot in technology and a lot of investments in fulfillment centers, etc. What we’ve found, if you isolate them and take a look at the incoming revenue and the incremental cost of a Prime member, they are quite profitable.
As Prime membership grows over time, that gives a very good indication that Amazon can, in fact, monetize their growth.
Small Business Trends: One of the things that stood out to me is an article where you were interviewed for Wired titled, “Why Amazon Prime Can Soon Cost You Next to Nothing.†Can Amazon actually drop down the cost of a membership to next to nothing and still make it profitable?
R.J. Hottovy: I think it has the flexibility to make adjustments to the Amazon Prime pricing structure. Looking at potential different uses such as having a lower price membership for somebody who is just accessing Prime for video. I think that’s an alternative. I think that this is potentially an opportunity to upscale.
We’ve been able to be more confident that Amazon Prime is actually profitable. I think that really speaks to the overall value of the proposition it is bringing.
Small Business Trends: How does this impact the rest of the online retail industry or retail in general?
R.J. Hottovy: It’s going to be very difficult to compete with Amazon. Particularly those stores in commoditized categories like, clothes, electronics, toys, etc. because, by those companies having a physical storefront, Amazon can maintain a pretty significant price leadership. Even with online sales tax collection, Amazon can still undercut these companies and consumers will flock to the lowest price.
This is the whole idea of show rooming. Where consumers will potentially go out to BestBuy, play with the items so they can understand a little bit better and then go make a purchase elsewhere. The only way that retailers get to compete with Amazon is to essentially match prices â€" to keep people from making an ultimate purchase on Amazon. At the same time, they’d be doing so at the expense of the margins they maintain and it will make it a lot less possible for these retailers to stay in business.
Small Business Trends: Where can people people learn more about the research you’ve done on the subject?
R.J. Hottovy: For people interested in learning more about the research we’ve done, you can go MorningStar.com.
This interview on subscription based membership programs is part of the One on One interview series with thought-provoking entrepreneurs, authors and experts in business today. This transcript has been edited for publication. Â
With the rise of mobile, social and the cloud, you are also seeing the rise of subscription model businesses. A model of business built on building long-term customer relationships, and not on one-off transactions. Companies like The Tie Society, who don’t sell you ties, but a subscription to wear a tie for a while, ship it back, and then where another tie for a while. Or the Dollar Shave Club, where you get razor blades sent to your house each month so you never have to go to a store for razors again. These subscription-based companies have to continually provide value to keep people signed up, or else they’re out of business. One of the more popular subscription-based offerings is the Amazon Prime Membership - Amazon.com’s $79/year service that allows you free 2-day shipping on pretty much everything they offer.
In this interview, my featured guest, R.J. Hottovy of Morningstar, discusses the findings of his recent report on how Amazon Prime members are worth eight times as much to the company than non Prime customers. And how building a subscription-based membership program can drive revenue and create an army of loyal customers that keep competitors away.
* * * * *
Small Business Trends: Can you tell us a bit about your personal background?
R.J. Hottovy: I am a senior eCommerce analyst at Morning Star. I also am the Global Director of Consumer Equity Research and I am responsible for a team that covers three hundred equities with 100 of those either in Europe or Asia or closer to our teams in Sydney, Australia and Shenzhen, China as part of Morningstar’s global equity research coverage.
I’ve been covering the eCommerce space for over a decade at this point and it’s been one of the most disruptive forces in retail since the advent of warehouse clubs in the early 90′s.
Small Business Trends: One of things that I want to talk to you about is the effect the Amazon Prime Membership has had?
R.J. Hottovy: Amazon, in particular, is one of the more debated stocks in the consumer universe. I think most people would recognize the tremendous growth; with cumulative average revenue growth averaging above 25% the last three years. So no one can deny that this is a tremendously fast growing company.
But the question - with operating margins contracting from 5%, three years ago to essentially just 1% this past year on a reported GAAP basis - is, ‘Can Amazon monetize this growth?’ Because without that, the growth becomes a moot point.
I started building some frameworks on how Amazon can monetize its growth. Some things that caught my eye are its digital content through its Kindle ecosystem, Amazon Web Services and the idea of Fulfillment by Amazon. One of the things that was under appreciated in the market was the fact that Amazon Prime, in its own right, was a pretty meaningful building block of profitability for this company. Something that, as it gets more and more members, not only increases top line revenues, but can also be profitable.
Small Business Trends: You estimated at the end of 2012 that there were roughly 10 million Amazon prime members. That number dramatically jumps in the last couple of years to around 25 million?
R.J. Hottovy: That’s approximately where we see things going as of 2017. Granted, there’s a lot of different variables at play. We feel there is a reasonable assumption of where this program can grow. I think that the idea of having Amazon Prime trial memberships that go long with a Kindle Fire purchase is going to help. I think the idea of adding substantial content - both video as well as some book and magazine content to the membership - is going to go a long way.
But I think at the end of the day, what’s been the selling point of this program is just the idea of having access to a wide set of products that you can get to your doorstep within a couple of days at low prices.
I think that is a combination of things which is going to help you draw more people to Amazon and entice them to become Prime members.
Small Business Trends: The other thing from an Amazon perspective is the impact that this program seems to have on buying patterns and behaviors. Your research pointed out that the average Prime member spends a little over twice the amount of the average Amazon shopper?
R.J. Hottovy: This study was done in partnership with a company called Consumer Intelligence Research Partners. What we found is that, generally speaking, last year Prime members spent about twice as much as non Prime members. They spent about $1,200 dollars compared to $600 for non Prime members. What’s also interesting is that the average person shopping online last year spent approximately $1,000. What that says to us it that Prime members generate more incremental revenue per than non Prime shoppers. They are doing most of their online shopping on Amazon as opposed to going to other sites. Prime members generate more income.
To us that’s interesting because that shows that Amazon has a powerful network effect it and has become a destination for consumers - that they have to be on that site. I think that’s powerful and shows that Amazon is protecting it’s customer base with it’s Prime membership program.
Small Business Trends: You actually say that a Prime member is eight times as valuable to Amazon as a non primer?
R.J. Hottovy: That is correct. They are driving a significant portion of the overall revenue. I think the interesting thing to is tying in this whole idea around, ‘Can Amazon be profitable?’ What we found doing the analysis is we broke down every line item that Amazon has. We pointed out that an average Prime customer brings in $700 in incremental revenue. When you include the $79 membership fee, what we found is that Amazon is actually generating about $80 in incremental profit on that revenue that they take in from a Prime member which is an operating margin of about 8%.
Now that compares to Amazon’s overall operating margin of 1%. The difference there is because Amazon is investing a lot in technology and a lot of investments in fulfillment centers, etc. What we’ve found, if you isolate them and take a look at the incoming revenue and the incremental cost of a Prime member, they are quite profitable.
As Prime membership grows over time, that gives a very good indication that Amazon can, in fact, monetize their growth.
Small Business Trends: One of the things that stood out to me is an article where you were interviewed for Wired titled, “Why Amazon Prime Can Soon Cost You Next to Nothing.†Can Amazon actually drop down the cost of a membership to next to nothing and still make it profitable?
R.J. Hottovy: I think it has the flexibility to make adjustments to the Amazon Prime pricing structure. Looking at potential different uses such as having a lower price membership for somebody who is just accessing Prime for video. I think that’s an alternative. I think that this is potentially an opportunity to upscale.
We’ve been able to be more confident that Amazon Prime is actually profitable. I think that really speaks to the overall value of the proposition it is bringing.
Small Business Trends: How does this impact the rest of the online retail industry or retail in general?
R.J. Hottovy: It’s going to be very difficult to compete with Amazon. Particularly those stores in commoditized categories like, clothes, electronics, toys, etc. because, by those companies having a physical storefront, Amazon can maintain a pretty significant price leadership. Even with online sales tax collection, Amazon can still undercut these companies and consumers will flock to the lowest price.
This is the whole idea of show rooming. Where consumers will potentially go out to BestBuy, play with the items so they can understand a little bit better and then go make a purchase elsewhere. The only way that retailers get to compete with Amazon is to essentially match prices â€" to keep people from making an ultimate purchase on Amazon. At the same time, they’d be doing so at the expense of the margins they maintain and it will make it a lot less possible for these retailers to stay in business.
Small Business Trends: Where can people people learn more about the research you’ve done on the subject?
R.J. Hottovy: For people interested in learning more about the research we’ve done, you can go MorningStar.com.
This interview on subscription based membership programs is part of the One on One interview series with thought-provoking entrepreneurs, authors and experts in business today. This transcript has been edited for publication. Â
This article can also be found in the Premium Editorial Download "Information Security magazine: The rapid evolution of MDM solutions."
Download it now to read this article plus other related content.
The U.S. government information technology strategy is out, and it’s clear that cloud-based platforms are now preferred over traditional, on-premise servers. The message is so strong that the strategy is referred to as “Cloud First.†Many businesses are struggling with how to assess and mitigate risks when using cloud service providersâ€"the federal government is no different. It has developed a new methodology to help federal departments in their evaluations of cloud service providers in order to facilitate “a buy once, use many times†strategy.
The Federal Risk and Management Accreditation Program (FedRAMP) is being jointly developed in coordination with multiple government entities and the private sector. It is based on a conglomeration of existing security standards including FISMA, NIST-800 and FIPS-199 in order to keep the cost of developing this new assessment tool under control. The goal is to build a catalog of pre-screened cloud service providers from which government agencies can select while reducing the cost of multiple assessments.
There is a great deal riding on FedRAMP and the joint efforts to build this catalog of accredited cloud service providers. Security professionals tend to believe that compliance regulations alone cannot provide information security. This is sparking healthy skepticism as they watch this process develop from the outside.
Regulating security in the cloud
The assessment of a cloud service provider starts out with detailed documentation about processes and procedures that is then verified by a certified third-party assessment organization (3PAO). Risks that are discovered during this process are evaluated and sent back to the service provider for remediation if they are considered too high. The cloud service provider has to provide self-attestation and data feeds to maintain its FedRAMP status, once it has passed the initial assessment.
Reliable information security audits are still built upon the manual process of reviewing information from logs and various tools looking for weaknesses in the security architecture. FedRAMP starts off in this way with a comprehensive security assessment by qualified human assessors, who are responsible for reviewing technical controls and their associated documentation. All future verification of the cloud service provider’s compliance is then done through self-attestation and automated data feeds. Will this methodology really discover bad security practices or technical risks that develop over several years?
Cloud applications are often built across a number of underlying Infrastructure as a Service (IaaS) components from different cloud service providers. Many cloud-based applications use Amazon Simple Storage Service (Amazon S3) for storage, for example. Connections between FedRAMP accredited IaaS, Platform as a Service (PaaS) and Software as a Service (SaaS) providers could become a weak link and introduce security vulnerabilities. How does FedRAMP compensate for these potential combinations of accredited systems?
3PAOs only part of the review
The best source for answers to these questions about the auditing process is the newly authorized auditors, officially designatedâ€"the 3PAOsâ€"under FedRAMP. Only 17 firms have received 3PAO authorizationâ€"after an extremely rigorous application processâ€"and that number won’t be increasing anytime soon. The official deadline to apply to become a 3PAO was March 31, 2013.
The 3PAO makes up a part of the overall FedRAMP review process, which consists of multiple organizations. The Joint Authorization Board (JAB) is made up of CIOs from the Department of Defense, Department of Homeland Security and the General Services Administration. This group oversees the process and makes decisions on risk authorization. The FedRAMP Program Management Office (PMO) works with the 3PAOs and provides technical assistance and project oversight.
Insight into the 3PAO application process for this article was provided by eight information security firms that have achieved 3PAO status: BrightLine, DRC, EmeSec Inc., Homeland Security Consultants, Knowledge Consulting Group Inc., Lunarline Inc., SecureInfo, A Kratos Company and Veris Group.
Each of these companies was already well-established and focusing on some aspect of information security auditing (PCI, SSAE-16 or the ISO 27000). Most of these firms already had experience in working with the government. All of them found the application process challenging and incredibly thorough. One executive observed that in comparison becoming a PCI qualified security assessor (QSA) did not have the same rigor.
There are two parts to the 3PAO application process. The first is an ISO standard that doesn’t come up very often when reviewing information security companies. The ISO 17020 standard utilized in the 3PAO application process is focused on quality of the information processes as well as the impartiality and independence of the auditors. The 3PAO applicant has to show that its auditing division is separate from its consulting division, for example. This is a good example of separation of duties in FedRAMP to maintain impartiality. The 3PAO is actually hired by the cloud service provider and not the government. The 3PAO cannot consult with a cloud service provider to assist in FedRAMP accreditation while fulfilling the 3PAO auditing role.
The second part of the FedRAMP application involves a mock audit of a fictitious cloud service provider. The 3PAO applicant provides its technical and procedural analysis of the security posture of the fictitious cloud service provider using NIST-800-53 controls as a baseline. This part of the assessment is scrutinized for thoroughness and technical detail. A 3PAO has to show consistency, and all of the documentation associated with the sample deliverables, because the FedRAMP Program Management Office follows up with questions if it needs clarifications.
Auditor feedback on FedRAMP
NIST-800-53 could have been a controversial choice as the baseline standard on which to base the FedRAMP accreditation. It is a broad standard that is meant to apply to a number of information systems and isn’t cloud-specific. However, FedRAMP is applying NIST-800-53 in new and creative ways. And feedback is occurring between the 3PAOs, according to these firms, and the FedRAMP Program Management Office. There have been additions to the NIST-800-53 standard through this feedback process; it now totals 298 controls with 60 being called out as specific to cloud service providers. The 3PAOs all seem to agree that NIST-800-53 implemented in this way can be an effective measure of a cloud service provider’s security posture.
This NIST-800-53 based FedRAMP accreditation sets a very high bar for cloud service providers to meet. It is a new standard of excellence for information security in the cloud. It also takes a long time to complete and can be cost prohibitive to cloud service providers that didn’t consider FedRAMP accreditation when setting up their business model. This is probably why only two cloud service providers have received accreditation, although dozens more are in the queue, undergoing the authorization process. The process is still maturing, and there may be times when all 298 controls are not required. According to one 3PAO executive, a subset of controls could be used as an indicator of the cloud service provider’s overall security posture to reduce audit complexity. Others noted that there should be more work done on automating the tests in order to reduce costs and total audit time.
Even so, 3PAOs reported a lot of interest from cloud service providers that want to become FedRAMP accredited. The 3PAOs are receiving three types of requests related to FedRAMPâ€"FedRAMP gap assessments, FedRAMP assessments as a 3PAO and general education about FedRAMP. All of the authorized auditors agreed that more education about the program would certainly be helpful.
Many government programs are driving cloud adoption including cloud first strategy, green initiatives and data center consolidation. There is a lot of business opportunity for cloud service providers that do get on the government-approved list. One important side benefit to FedRAMP accreditation is the overlap with other compliance initiatives such as HIPAA or PCI. FedRAMP security controls contain protections for the same types of private information that need to be protected in HIPAA and PCI, such as patient demographics and credit card information. There is no perfect crosswalk between these regulations and areas in each still require additional compliance work. FedRAMP doesn’t provide for Business Associates Agreements (BAAs) specified under HIPAA, for example. However, the basic protections and focus on risk management could dramatically reduce compliance workloads for agencies that fall under multiple regulations. The Department of Health and Human Services has already recognized this overlap and incorporated FedRAMP into an information technology security Standard Operating Procedure (SOP) for the department.
Questions linger about FedRAMP security controls
As the process unfolds, some questions remain about risks associated with FedRAMP accreditation and how the monitoring of authorized cloud service providers will work. One area of concern is the validity and quality of on-going monitoring when the cloud service provider must provide self-attestation and automated security data feeds. The original idea behind this self-attestation was to reduce costs. However, a 3PAO must still assess a minimum of a third of the controls on an annual basis. The 3PAO can also perform unannounced penetration tests throughout the year to verify that controls are still effective and report back to the FedRAMP Program Management Office for any failures. This prevents any degradation of security controls over time while still keeping expenses low.
The potential security vulnerabilities introduced with the combination of accredited IaaS cloud service providers into a single cloud-based application is another major concern. FedRAMP requires that the entire application be assessed together as a whole. The 3PAO would utilize the existing security controls and documentation inherited from the IaaS cloud server providers. The focus would then turn to the documentation on the connection between cloud service providers and their roles for security protections. This process should ensure that combinations of IaaS cloud service providers are secure and still meet FedRAMP security control requirements.
According to the 3PAOs, cloud service providers can also find ways to increase overall information security and prepare for FedRAMP. One suggestion is to create a security SLA that defines items, such as time to patch, disaster-recovery time objectives and authentication-process failures. This reduces the need for voluminous controls to be tested in order to establish trust. Another recommendation is to identify the boundaries of the cloud provider’s services, and describe any shared components between commercial and government services. Document whether the authentication code would be shared between commercial and government sites, for example.
FedRAMP offers a comprehensive and innovative approach to cloud security. It is refreshing to see a government security standard evolve with feedback from those performing the audits. The NIST-800-53 standard provides a strong foundation for a low development cost. The certification process for a 3PAO is stringent and allows only high-quality organizations. The only potential roadblock for the success of this program may be the time and cost required to perform such an in-depth audit. With these issues under control, government agencies should have a long list of FedRAMP accredited cloud service providers from which to choose very soon.
About the author: Joseph Granneman, CISSP, has more than 20 years in information technology and security, with experience in both health care and financial services. He has been involved in the Health Information Security and Privacy Working Group for Illinois and the Certification Commission for Health Information Technology Security Working Group, and is an active InfraGard member.
It’s a silly little thing, but to me there is nothing more irritating than visiting a shop or restaurant and finding the door locked and no display of what their business hours are so I can return.  It’s an easy way to lose potential customers and really quite senseless, since it can be remedied with a simple sign.
If you operate a brick and mortar location and you aren’t advertising what your business hours are (or even if you are and you want a more stylish way to do so!),  then you need to check out the ‘Business Hours Giveaway‘ from Signs.com.
Signs.com will be giving away FREE business hour decals to the first 5,000 businesses who visit the giveaway site and redeem their sign. That’s right - FREE and with no strings attached. You can even pick from one of eleven professionally designed templates that you can customize with your store or office hours.
So there it is….no more excuses for not displaying your business hours for potential customers and no excuse for having some ratty hand written sign, either!  Head over to the ’Business Hours Giveaway‘ site and get your sign now!
It’s a silly little thing, but to me there is nothing more irritating than visiting a shop or restaurant and finding the door locked and no display of what their business hours are so I can return.  It’s an easy way to lose potential customers and really quite senseless, since it can be remedied with a simple sign.
If you operate a brick and mortar location and you aren’t advertising what your business hours are (or even if you are and you want a more stylish way to do so!),  then you need to check out the ‘Business Hours Giveaway‘ from Signs.com.
Signs.com will be giving away FREE business hour decals to the first 5,000 businesses who visit the giveaway site and redeem their sign. That’s right - FREE and with no strings attached. You can even pick from one of eleven professionally designed templates that you can customize with your store or office hours.
So there it is….no more excuses for not displaying your business hours for potential customers and no excuse for having some ratty hand written sign, either!  Head over to the ’Business Hours Giveaway‘ site and get your sign now!
A recent Java update was only downloaded by seven per cent of users.
According to research by Websense Security Labs, a month after April's Java update was released by Oracle, only seven per cent of users had upgraded to the latest version. Also, shortly after the update was distributed an exploit taking advantage of one of the fixed vulnerabilities went live.
The company found that after a full week, the average adoption of the newest version of Java was at less than three per cent and after two weeks rose to a little over four per cent. A month after release, the number of live web requests using the most recent version of Java was only around seven per cent.
Carl Leonard, senior security researcher at Websense Security Labs, said: “With the massive amount of Java zero-days, known vulnerabilities and headline-grabbing attacks using these vulnerabilities, most security professionals know that Java has been the equivalent of a faulty lock on your home.
“Unfortunately, the lock is proving very hard to secure and cyber criminals continue to get through. Since we can't yet manage to curtail this risk by patching in a timely manner, we absolutely must apply secondary defences to interrupt other stages of the attack life cycle and prevent data theft.â€
Oracle announced plans this week for a regular patching cycle for Java and other products after a series of zero-days were discovered in the early part of 2013.
The Information Commissioner's Office (ICO) has issued Glasgow City Council with a monetary penalty of £150,000 following the loss of two unencrypted laptops.
Of two unencrypted laptops, one contained the personal information of 20,143 people. The fine follows a previous enforcement notice three years ago, where an unencrypted memory stick containing personal data was lost.
In this incident, two unencrypted laptops were stolen from the council's offices that were being refurbished, and where complaints of theft and a lack of security had been made. One laptop had been locked away in its storage drawer and the key placed in the drawer where the second laptop was kept, but the second drawer was subsequently left unlocked overnight, allowing the thief access to both laptops.
One of the laptops stolen contained the council's creditor payment history file, listing the personal information of over 20,000 people, including 6,069 individuals' bank account details.
The ICO's investigation found that, despite the its previous warning and in breach of its own policy, the council had issued a number of its staff with unencrypted laptops after encountering problems with the encryption software. While most of these devices were later encrypted, the ICO also discovered that a further 74 unencrypted laptops remain unaccounted for, with at least six of these known to have been stolen.
Ken Macdonald, the ICO's assistant commissioner for Scotland, said: “How an organisation can fail to notice that 74 unencrypted laptops have gone missing beggars belief. The fact that these laptops have never been recovered, and no record was made of the information stored on them, means that we will probably never know the true extent of this breach, or how many people's details have been compromised.
“Glasgow City Council was issued with an enforcement notice back in 2010 after a similar incident where an unencrypted memory stick was lost. To find out that these poor practices have returned some two years later shows a flagrant disregard for the law and the people of Glasgow. The council should be held to account, and the penalty goes some way to achieving that.â€
The ICO has also served the council with an enforcement notice requiring it to carry out a full audit of its IT assets used to process personal data and arrange for all of its managers to receive asset management training. The council must also carry out a full check of all of its devices each year so that the asset register can be kept up to date.
For all its wonder, the internet can still be a dangerous place and protecting your business’ online presence from cyber-attacks has never been more important. Leaving your online presence in a state of vulnerability can greatly damage your reputation as a company, as well as your relationship with other businesses, according to online security giant Symantec.
In one of their latest reports, Internet Security Threat Report (ISTR) Volume 18, Symantec found that the number of phishing attacks that had “spoofed†social network sites had risen by a staggering 123% last year. Meanwhile, companies’ own websites have been attacked and email-based hacks are also very common, as they can serve as portals into other sites and to other sensitive information.
So why exactly is it that hackers target the websites of small businesses opposed to larger companies? “Small businesses generally don’t have the same IT budgets as larger enterprises,†explains Paul Wood, Symantec’s cyber security intelligence manager, “and are less likely to have the defense-in-depth protection that larger businesses can afford. This makes them attractive targets for attackers.â€
“Moreover, small businesses are often in the supply chain to larger enterprises, and may have access to proprietary company confidential information, such as source code or project designs,†he says. “Moreover, a direct attack on a large company may be detected quickly and blocked, whilst an attack against a supplier, which is an SMB is perhaps more likely to succeed.â€
Cyber attackers are looking to gain currency in the form of information and a small business provides an easy stepping stone for someone with the know-how and malicious intent, assuming the small business hasn’t taken the necessary action to protect themselves. It’s vital that small businesses remain vigilant at all times when online.
“We are all more likely to trust something that comes from someone we know and trust. A message from a buddy linking to a video clip that purports to contain an amusing image of you is likely to attract your attention quickly,†says Paul on being wary of what you click. “Web-based email addresses are also popular for hacks, as these are often the keys to the other websites, such as social networks. We authenticate using our email addresses - and if an attacker can gain access to your webmail account, they can reset the passwords for a number of other accounts, like social networks, by clicking on the ‘I’ve forgotten my password’ button - which often sends you an email with a link to click on to reset your password, thus locking-out the legitimate users.
Paul offers three solid tips on protection, which  include:
Regularly changing your password and having different passwords on each account
Installing and updating the latest security software
Being cautious at all times (the most important tip!)
 “Security problems that originate with humans don’t have easy technical solutions. However, with proper user education, you can reduce the risk of successful phishing attacks on the social networks you and your employees use both professionally and personally,†adds Paul.
Smallbiztechnology’s 
Yahoo CEO Marissa Mayer has made the return of teleworkers to the office a hot topic of coverage. We’ve covered it here at Smallbiztechnology and shared our thoughts on the 
It’s a silly little thing, but to me there is nothing more irritating than visiting a shop or restaurant and finding the door locked and no display of what their business hours are so I can return.  It’s an easy way to lose potential customers and really quite senseless, since it can be remedied with a simple sign.
Small Business Trends: Can you tell us a bit about your personal background?