The 5 Steps To Keeping Your Website Secure Without Hiccups

Your website is the world’s window into your business. In your brick and mortar locations, you secure the place by buying reinforced windows, installing alarm systems, placing surveillance cameras, and perhaps even hiring a guard. Are you doing the same to your online presence? You should be!

 

Brought to you by AVG Technologies, the provider of Internet and mobile security, privacy and optimization to 150 million active users. There’s nothing small about small business in our eyes. Get more information how AVG can help your small business stay protected - go to http://www.avg.com/us-en/internet-security-business .

 

The 5 Steps To Keeping Your Website Secure Without Hiccups

 

For some, it’s kind of difficult to wrap their heads around the fact that the internet could be a dangerous place. This is true whether you’re operating a small business or a multi-national corporation. It makes no difference. People become neglectful with their online presences all the time. All you’re doing, though, is making the hacker’s life easier.

Websites are pretty straightforward things. Most likely, you’re using a content management system (CMS), which is a piece of software created for the specific purpose of setting up a website. It works right out of the box and requires few, if any, modifications to cater to your business’ needs. This creates a false sense of security, especially since people become overly reliant on the software to do the job of keeping everything safe from invaders. The real problem lies in the user of the software, not so much in the software itself.

If you want to keep your website safe, there are a few things you should be doing:

  • Keep your CMS up to date! Missing an update for a few days usually won’t kill you. But if you’re still using the same version of your software for a year or so, some of its most known vulnerabilities will be exploited eventually. Every software has its cracks in the system. A CMS is no exception to this rule. There are always little crevices in the code that allows hackers to fall through and break your system. Developers are constantly working to fix these vulnerabilities. When they address these issues, they release updated versions of the CMS. When you update, you’re protecting yourself from exterior threats. That said, if a CMS is no longer being actively developed, it’s time to dump it and look for another one. The process may require an upfront investment at times, but you’ll be glad you did it.

  • Use more random and diverse passwords for your site’s accounts. Your SQL database, control panel, FTP accounts, and website should each have their own administrative passwords for all high-access accounts. The passwords should be complex. In other words, they should be difficult to guess. If you feel that the passwords are too difficult to remember, use a competent and reputable single sign-on (SSO) solution. SSOs store your passwords and sometimes even let you sign in accounts with a single click.

  • Set appropriate permissions. If a hacker ever gains temporary control of your site, he will use the site’s own mechanisms to try and sabotage it. This involves reading and writing information. When you first install your site, it sometimes needs full read/write/execute (“777”) permissions. If you have control over file permissions on your host, set permissions to 755 (the owner has “read/write/execute” permissions, and everyone else has “read/execute”) for folders and 644 (the owner has “read/write” permissions, and everyone else has “read”) for files. 777 basically lets everyone do anything they want to your server, regardless of what other protections you have in place.

  • Use SFTP instead of FTP to transfer files. This way, any transfers are encrypted and people can’t snoop in and grab copies.

  • Host through a VPS rather than a shared server. Most web hosts use shared servers. In other words, they run a script that separates websites from one another, but host them all on one machine. Virtual private server (VPS) hosting is kind of the same, except for the fact that each website is run on its own separate virtual environment. If a hacker gets into one environment, you remain unaffected. On the other hand, with shared hosting, a hacker gets access to all of the sites on the server when he compromises it.

Even if you follow this advice, you won’t be completely impervious to attacks. You must also keep your eyes open at all times and make sure that no hole goes uncovered. This minimizes the risk that you end up losing everything. In addition to this, you should keep consistent backups of your site and test them. The backups should remain in a hard drive or SD card that’s not permanently attached to your computer. This way, if a hacker manages to topple your site, you can have it back up and running in minutes.

 



9 Tactics Turn Referrals Into Rock Solid Relationships

referral tactics

“You will get all you want in life, if you help enough other people get what they want.” ~ Zig Ziglar

Referrals are the ultimate compliment in business. They mean people respect you for what you do, stand for and the results you have gotten for them.  It’s a sure sign of trust.

In business, networking and referrals are mostly common sense, following best practices and having good manners really. Recommending people that give great value, experiences and resources is something we should all be doing. It’s part of the “human referral effect“. Spreading good news about great work creates then kind of energy that comes back to you.

Not too long ago people did business with a handshake. Some people can still do this, but I have witnessed some very good handshakes go terribly wrong. Best to qualify aggressively and know who you are referring to and who is referring to you.

Referral marketing is one of the most effective ways of promoting products or services to new customers through word of mouth. These referrals often happen spontaneously and tend to produce very good sales outcomes. Several business sources report that 65% of new business tends to come from referrals.

1) Tap People You Already Have Results, History and Relationships With

Take those results, that history and your relationships deeper. Don’t be afraid to ask, “Can you suggest some people you know who can benefit from what I do and the results we have gotten?”

2) Thoroughly Qualify People’s Background, Tenure and Results

Determining competencies, qualities, values and intangibles is well worth the effort, especially when entrusting people to others. Search people and companies on the Internet not only for current information and reputation - but any complaints or problems posted online.

3) Be Strategic About Meeting People

Who do you want to meet and who do you want to meet you? I like to call this “sphere-ing.” I look at all the people who have me in common but don’t know each other yet and I try to connect good people to each other that I feel have the right synergy.

4) Take Care Of People As You Want To Be Taken Care Of

Old fashioned nice is so welcomed in business. The consistency of our temperament, attitude, motive and intent gives people a confident sense of what they can expect from us.

5) Offer People a Sampling, Red Spoon Taste of Who You Are and Ask Them to do the Same

Find ways to give people a sampling so they can get a taste of you and your work. Think of the ice cream shop where they give you a little red spoon taste before you buy the flavor of your choice.

6) Blend in Person and Social Media to Open Doors and Engage

LinkedIn, Twitter, Facebook, blogging and eMarketing used in tandem can speed up, enhance and move the relationship and referral process forward faster than ever before. The world wide Web, technology and social media used for business are the greatest communication advancements since the telephone.

7) Build a Referral Culture and Habit Into Your Day to Day Professionalism

The more you consistently connect and refer good people to each other for the right reasons, the more you will become known as a “master connector.” This is a very good thing to be known for.

8) Don’t Wait for Others to Make the First Move, Be Proactive

If you see a great opportunity to make introductions and referrals, don’t wait for them. Take the initiative, which shows people you are interested in them and, in turn, creates interest in you.

9) Always Thank People for Referrals or Introductions

Acknowledge interactions with people, whether they work out or not, with a timely, sincere thank you privately and publicly. It’s an opportunity to show gratitude, humility and authenticity.

If you want to get referrals and turn them into rock solid relationships, become the kind of person that attracts them, inspires them and rewards people for having that kind of confidence in you.

Right attitude, right action, right referrals, right results. Be sincere and go make one today.

Referral Photo via Shutterstock




The 5 Steps To Keeping Your Website Secure Without Hiccups

Your website is the world’s window into your business. In your brick and mortar locations, you secure the place by buying reinforced windows, installing alarm systems, placing surveillance cameras, and perhaps even hiring a guard. Are you doing the same to your online presence? You should be!

 

Brought to you by AVG Technologies, the provider of Internet and mobile security, privacy and optimization to 150 million active users. There’s nothing small about small business in our eyes. Get more information how AVG can help your small business stay protected - go to http://www.avg.com/us-en/internet-security-business .

 

The 5 Steps To Keeping Your Website Secure Without Hiccups

 

For some, it’s kind of difficult to wrap their heads around the fact that the internet could be a dangerous place. This is true whether you’re operating a small business or a multi-national corporation. It makes no difference. People become neglectful with their online presences all the time. All you’re doing, though, is making the hacker’s life easier.

Websites are pretty straightforward things. Most likely, you’re using a content management system (CMS), which is a piece of software created for the specific purpose of setting up a website. It works right out of the box and requires few, if any, modifications to cater to your business’ needs. This creates a false sense of security, especially since people become overly reliant on the software to do the job of keeping everything safe from invaders. The real problem lies in the user of the software, not so much in the software itself.

If you want to keep your website safe, there are a few things you should be doing:

  • Keep your CMS up to date! Missing an update for a few days usually won’t kill you. But if you’re still using the same version of your software for a year or so, some of its most known vulnerabilities will be exploited eventually. Every software has its cracks in the system. A CMS is no exception to this rule. There are always little crevices in the code that allows hackers to fall through and break your system. Developers are constantly working to fix these vulnerabilities. When they address these issues, they release updated versions of the CMS. When you update, you’re protecting yourself from exterior threats. That said, if a CMS is no longer being actively developed, it’s time to dump it and look for another one. The process may require an upfront investment at times, but you’ll be glad you did it.

  • Use more random and diverse passwords for your site’s accounts. Your SQL database, control panel, FTP accounts, and website should each have their own administrative passwords for all high-access accounts. The passwords should be complex. In other words, they should be difficult to guess. If you feel that the passwords are too difficult to remember, use a competent and reputable single sign-on (SSO) solution. SSOs store your passwords and sometimes even let you sign in accounts with a single click.

  • Set appropriate permissions. If a hacker ever gains temporary control of your site, he will use the site’s own mechanisms to try and sabotage it. This involves reading and writing information. When you first install your site, it sometimes needs full read/write/execute (“777”) permissions. If you have control over file permissions on your host, set permissions to 755 (the owner has “read/write/execute” permissions, and everyone else has “read/execute”) for folders and 644 (the owner has “read/write” permissions, and everyone else has “read”) for files. 777 basically lets everyone do anything they want to your server, regardless of what other protections you have in place.

  • Use SFTP instead of FTP to transfer files. This way, any transfers are encrypted and people can’t snoop in and grab copies.

  • Host through a VPS rather than a shared server. Most web hosts use shared servers. In other words, they run a script that separates websites from one another, but host them all on one machine. Virtual private server (VPS) hosting is kind of the same, except for the fact that each website is run on its own separate virtual environment. If a hacker gets into one environment, you remain unaffected. On the other hand, with shared hosting, a hacker gets access to all of the sites on the server when he compromises it.

Even if you follow this advice, you won’t be completely impervious to attacks. You must also keep your eyes open at all times and make sure that no hole goes uncovered. This minimizes the risk that you end up losing everything. In addition to this, you should keep consistent backups of your site and test them. The backups should remain in a hard drive or SD card that’s not permanently attached to your computer. This way, if a hacker manages to topple your site, you can have it back up and running in minutes.

 



5 Ways Highly Effective Professionals Are Productive Using Technology

I was recently looking at some news from Evernote announcing some upgrades and enhancements to their service - updated iPhone/iPad apps, updated Android app and then their were tips on how to email into Evernote and collaborate better using Evernote.

Whether you are using Evernote or some other tool it’s critical that you learn to maximize your use of digital tools so your day can be most productive.

Here’s a few power tips that I find productive:

  1. Dropbox on my tablet is amazing so I can access files anywhere
  2. Editing documents in Google Docs in real time with a colleague is VERY efficient
  3. Sending receipts directly to Concur (travel and expense app) saves time
  4. Managing my travel in Tripit is a big time saver and makes a stress free trip
  5. Use Asanato manage multiple projects makes life much easier

What are your power tips?



5 Ways Highly Effective Professionals Are Productive Using Technology

I was recently looking at some news from Evernote announcing some upgrades and enhancements to their service - updated iPhone/iPad apps, updated Android app and then their were tips on how to email into Evernote and collaborate better using Evernote.

Whether you are using Evernote or some other tool it’s critical that you learn to maximize your use of digital tools so your day can be most productive.

Here’s a few power tips that I find productive:

  1. Dropbox on my tablet is amazing so I can access files anywhere
  2. Editing documents in Google Docs in real time with a colleague is VERY efficient
  3. Sending receipts directly to Concur (travel and expense app) saves time
  4. Managing my travel in Tripit is a big time saver and makes a stress free trip
  5. Use Asanato manage multiple projects makes life much easier

What are your power tips?



NYC Event: Women Entrepreneurs Connect and Learn at WomanCon 2013 - Sept. 25th in NYC!

Women entrepreneurs - Are you thinking about starting a business? Looking to connect with entrepreneurial women? Want to learn more about financing options for your venture? Not sure how to pitch the media? Come to Womancon 2013 on September 25th in NYC!

This fresh, one-day conference brings together amazing women entrepreneurs, both on and off the stage. Our incredible speaker lineup will help you learn how to get funding for growth, make your brand stronger, and turn your idea into a company. Pitch journalists live on stage with our media panel. You’ll also hear the REAL behind-the-scenes stories from founders including:

  • JJ Ramberg, host of MSNBC’s It’s Your Business and Co-founder of Goodsearch
  • Janine Popick, CEO & Founder of VerticalResponse, just sold to Deluxe Corp. in July 2013
  • Pamela O’Hara, Co-Founder of Batchbook Software, Chairwoman of The Small Business Web and mentor in startup accelerator BetaSpring

Expert sessions include:

  • Angels, VCs and More: Getting Money for Growth  - Panel discussion moderated by Geri Stengel, President of Ventureneer and contributor to Forbes and Huffington Post
    • Kay Koplovitz, Founder of USA Network, which was sold for $4.5 Billion in 1998. Now Chairman and Co-founder of Springboard Enterprises, which has helped women owned companies raise over $5.5 Billion and create over 10,000 jobs
    • Peggy Wallace, Managing Director of Golden Seeds, an investment firm focused on female entrepreneurs
  • Turning Ideas into Companies with Yao Huang, Founder of The Hatchery and Partner in venture fund Pereg Ventures.
  • 5 Strategies for a Stronger Brand - Strengthen your brand live during this fun interactive lunch session with Julie Cottineau, Founder of BrandTwist and former VP of Brand at Virgin Group
  • Pitch the Media Live - You’ll get the chance to pitch our journalist panel LIVE and get feedback from Christine Lagorio, Executive Editor of Inc.com, JJ Ramberg, Host of MSNBC’s Your Business, and Colleen DeBaise of Entrepreneur!

Early bird registration ends on Tuesday, Sept. 2nd - so don’t wait! Readers and friends of Smallbiztechnology.com can get $50 off registration when using code SBT50 at registration.



NYC Event: Women Entrepreneurs Connect and Learn at WomanCon 2013 - Sept. 25th in NYC!

Women entrepreneurs - Are you thinking about starting a business? Looking to connect with entrepreneurial women? Want to learn more about financing options for your venture? Not sure how to pitch the media? Come to Womancon 2013 on September 25th in NYC!

This fresh, one-day conference brings together amazing women entrepreneurs, both on and off the stage. Our incredible speaker lineup will help you learn how to get funding for growth, make your brand stronger, and turn your idea into a company. Pitch journalists live on stage with our media panel. You’ll also hear the REAL behind-the-scenes stories from founders including:

  • JJ Ramberg, host of MSNBC’s It’s Your Business and Co-founder of Goodsearch
  • Janine Popick, CEO & Founder of VerticalResponse, just sold to Deluxe Corp. in July 2013
  • Pamela O’Hara, Co-Founder of Batchbook Software, Chairwoman of The Small Business Web and mentor in startup accelerator BetaSpring

Expert sessions include:

  • Angels, VCs and More: Getting Money for Growth  - Panel discussion moderated by Geri Stengel, President of Ventureneer and contributor to Forbes and Huffington Post
    • Kay Koplovitz, Founder of USA Network, which was sold for $4.5 Billion in 1998. Now Chairman and Co-founder of Springboard Enterprises, which has helped women owned companies raise over $5.5 Billion and create over 10,000 jobs
    • Peggy Wallace, Managing Director of Golden Seeds, an investment firm focused on female entrepreneurs
  • Turning Ideas into Companies with Yao Huang, Founder of The Hatchery and Partner in venture fund Pereg Ventures.
  • 5 Strategies for a Stronger Brand - Strengthen your brand live during this fun interactive lunch session with Julie Cottineau, Founder of BrandTwist and former VP of Brand at Virgin Group
  • Pitch the Media Live - You’ll get the chance to pitch our journalist panel LIVE and get feedback from Christine Lagorio, Executive Editor of Inc.com, JJ Ramberg, Host of MSNBC’s Your Business, and Colleen DeBaise of Entrepreneur!

Early bird registration ends on Tuesday, Sept. 2nd - so don’t wait! Readers and friends of Smallbiztechnology.com can get $50 off registration when using code SBT50 at registration.



NYC Event: Women Entrepreneurs Connect and Learn at WomanCon 2013 - Sept. 25th in NYC!

Women entrepreneurs - Are you thinking about starting a business? Looking to connect with entrepreneurial women? Want to learn more about financing options for your venture? Not sure how to pitch the media? Come to Womancon 2013 on September 25th in NYC!

This fresh, one-day conference brings together amazing women entrepreneurs, both on and off the stage. Our incredible speaker lineup will help you learn how to get funding for growth, make your brand stronger, and turn your idea into a company. Pitch journalists live on stage with our media panel. You’ll also hear the REAL behind-the-scenes stories from founders including:

  • JJ Ramberg, host of MSNBC’s It’s Your Business and Co-founder of Goodsearch
  • Janine Popick, CEO & Founder of VerticalResponse, just sold to Deluxe Corp. in July 2013
  • Pamela O’Hara, Co-Founder of Batchbook Software, Chairwoman of The Small Business Web and mentor in startup accelerator BetaSpring

Expert sessions include:

  • Angels, VCs and More: Getting Money for Growth  - Panel discussion moderated by Geri Stengel, President of Ventureneer and contributor to Forbes and Huffington Post
    • Kay Koplovitz, Founder of USA Network, which was sold for $4.5 Billion in 1998. Now Chairman and Co-founder of Springboard Enterprises, which has helped women owned companies raise over $5.5 Billion and create over 10,000 jobs
    • Peggy Wallace, Managing Director of Golden Seeds, an investment firm focused on female entrepreneurs
  • Turning Ideas into Companies with Yao Huang, Founder of The Hatchery and Partner in venture fund Pereg Ventures.
  • 5 Strategies for a Stronger Brand - Strengthen your brand live during this fun interactive lunch session with Julie Cottineau, Founder of BrandTwist and former VP of Brand at Virgin Group
  • Pitch the Media Live - You’ll get the chance to pitch our journalist panel LIVE and get feedback from Christine Lagorio, Executive Editor of Inc.com, JJ Ramberg, Host of MSNBC’s Your Business, and Colleen DeBaise of Entrepreneur!

Early bird registration ends on Tuesday, Sept. 2nd - so don’t wait! Readers and friends of Smallbiztechnology.com can get $50 off registration when using code SBT50 at registration.



Patch Fail Raises Questions About Business Model

business model questions

If you run a website as part of your business, figuring out a revenue model for the content you publish is probably a big priority.

Content marketing is certainly a powerful way to promote. But creating a business model to sell that content as a product or service can be a bit trickier.

The recent failure of Internet behemoth AOL to make Patch, a network of hyperlocal news sites, profitable after years of investment only underscores that challenge.

Hyperlocal Should be Hyper Small

One of the major stumbling blocks AOL faced while trying to make Patch a success was its overhead.

Denise Civiletti, editor and publisher of RiverheadLOCAL.com, covering local news in Long Island, NY, told Ad Age recently hyperlocal sites can be hyper profitable. But they must stay small and keep their costs low.

It’s hard to say how profitable an individual Patch site needs to be. But Civiletti insists her site’s six figure sales revenue is plenty to support herself and the only other employee, her sales rep husband.

Premium Content is Another Option

Another possibility is to charge visitors directly for some or all of the content published on your site.

Twitter co-founder Biz Stone proposed recently that larger sites like Facebook begin offering premium services. Those services could offer an alternative to advertising for people who wish to share and consume content on a site’s pages. Not everybody thinks that’s a great idea.

But Scott Fox, who launched his first ClickMillionaires forum in 2009 publishing content for lifestyle entrepreneurs, says he has run a successful subscription service for years.

Fox says the key is to regularly publish content users feel is worth the money. It’s also important to have a compelling difference between paid and any free content you offer, he says.

“Just look at your cell phone or cable bill to imagine how nice that recurring income is for those companies,” Fox explains. “I recommend that entrepreneurs try to build recurring revenues into their new online businesses, too.”

Failure Questions Photo via Shutterstock




Selling on Amazon: The Pros and Cons Every Small Business Should Know

E-commerce remains as attractive as ever for both growing and established businesses looking to enhance sales.  As per e-commerce sales data released on 15 August 2013 by the US Department of Commerce, the value of retail e-commerce sales for the second quarter of 2013 was $64.76 billion, an increase of 18.4 percent over the last one year.

However the question confronting growing businesses venturing into e-commerce, is whether they should build an e-commerce store from scratch or should they capitalize on the services and capabilities of an existing e-commerce mammoth like Amazon? Let’s look at the pros and the cons of selling on Amazon.

The Pro’s

Potentially large existing customer base: With a customer base of more than 200 million customers across 10 countries, Amazon represents an important market for any growing business. Equally significant is the established credibility that Amazon enjoys with its customers which a growing business can leverage from.

Save on investing time and money in online marketing strategies: Amazon spends millions of dollars towards driving customer  traffic to its website. On the other hand, the cost of selling on Amazon includes a transaction fee of $0.99 and an additional fee that varies between 6 percent to 25 percent of the sale, depending on the product category. Businesses can also create customized Amazon webstores for $40 per month with 2% transaction fee. Considering the vast potential for additional business, the cost of selling through Amazon appears more than justified.

Improved delivery through Fulfillment by Amazon (FBA): Instead of sending products directly to customers, businesses can ship in bulk to Amazon, which then takes care of the storing, packing and shipping. The FBA service also includes handling product returns and customer inqueries.

The Con’s

Intense competition puts downward pressure on pricing - Most selling categories on Amazon are fiercely competitive in terms of pricing. Amazon also sells directly in some of the product categories making it difficult for smaller businesses to compete. With the added expenses of an Amazon transaction fee, smaller businesses have to be extremely cautious of how they price themselves or all the effort of selling online may prove futile.

Vulnerability to customer ratings - Greater competition necessitates that every business selling online has to be well prepared to deliver quality products within stipulated timeline. Poor customer ratings on the overall purchase experience, could translate to poor visibility on the Amazon product listings and lower business potential.

Limited scope for branding  -  Customizing the Amazon webstore is dictated by terms and conditions that offer little scope for creating an online brand identity.

The alternative to selling on Amazon directly is to create product ads that appear on Amazon.  These ads, which are created from product information you upload into a seller account file, will be targeted to shoppers searching for similar or related items on Amazon.com. When shoppers see your ads and click, they are taken to your website to purchase the product. You are charged a cost-per-click each time a user clicks on your ad and total amount you can be charged is determined by the budget you set. Amazon is currently running a special offering $75 in free clicks when you sign up.

A final option for any business is to create  an independent e-commerce store.  While doing so gives businesses the creative freedom to create an online brand, it would necessitate earmarking resources (both time and money) for an online marketing strategy.  In addition managing online orders and delivery fulfillment can prove to be a challenge for a growing business.

There are pros and cons to each e-commerce model. But common sense dictates that selling on Amazon could definitely a good place to start while exploring e-commerce as a sales channel.



Leading In Local: SMB Digital Marketing Conference - Sept. 11th to 13th (Austin, TX)

Leading in Local: SMB Digital Marketing conference  is center stage for the fast-changing, exciting small business marketing solutions space, as digital innovations transform how small businesses attract, retain and upsell their customers. Created by BIA/Kelsey, this years conference is taking place in Austin, Texas from September 11th to 13th.

The Leading in Local conference highlights the industry’s true innovators and digs deep into the highest ROI for small businesses (and profits for their solution providers). Attend SMB Digital Marketing for a first-hand look at the latest innovations and influential players in small business-driven search, video, social media, mobile, promotions, CRM and reputation management.

Check out this video to see what others have taken away from the Leading in Local conference:

This event is focused on how the sales forces of Yellow Pages, search firms, newspapers, broadcasters and promotions companies are converging on independent small businesses, franchisees and regional groups. Attend SMB Digital Marketing for a first-hand look at the latest innovations and influential players in SMB-driven search, video, social media, mobile, promotions, CRM and reputation management.

Readers of Smallbiztechnology.com can receive $200 off registration costs by using discount code: SMALLBIZTECHNOLOGY.  Early bird registration ends on August 31st, so don’t wait and register today!

 



Leading In Local: SMB Digital Marketing Conference - Sept. 11th to 13th (Austin, TX)

Leading in Local: SMB Digital Marketing conference  is center stage for the fast-changing, exciting small business marketing solutions space, as digital innovations transform how small businesses attract, retain and upsell their customers. Created by BIA/Kelsey, this years conference is taking place in Austin, Texas from September 11th to 13th.

The Leading in Local conference highlights the industry’s true innovators and digs deep into the highest ROI for small businesses (and profits for their solution providers). Attend SMB Digital Marketing for a first-hand look at the latest innovations and influential players in small business-driven search, video, social media, mobile, promotions, CRM and reputation management.

Check out this video to see what others have taken away from the Leading in Local conference:

This event is focused on how the sales forces of Yellow Pages, search firms, newspapers, broadcasters and promotions companies are converging on independent small businesses, franchisees and regional groups. Attend SMB Digital Marketing for a first-hand look at the latest innovations and influential players in SMB-driven search, video, social media, mobile, promotions, CRM and reputation management.

Readers of Smallbiztechnology.com can receive $200 off registration costs by using discount code: SMALLBIZTECHNOLOGY.  Early bird registration ends on August 31st, so don’t wait and register today!

 



Selling on Amazon: The Pros and Cons Every Small Business Should Know

E-commerce remains as attractive as ever for both growing and established businesses looking to enhance sales.  As per e-commerce sales data released on 15 August 2013 by the US Department of Commerce, the value of retail e-commerce sales for the second quarter of 2013 was $64.76 billion, an increase of 18.4 percent over the last one year.

However the question confronting growing businesses venturing into e-commerce, is whether they should build an e-commerce store from scratch or should they capitalize on the services and capabilities of an existing e-commerce mammoth like Amazon? Let’s look at the pros and the cons of selling on Amazon.

The Pro’s

Potentially large existing customer base: With a customer base of more than 200 million customers across 10 countries, Amazon represents an important market for any growing business. Equally significant is the established credibility that Amazon enjoys with its customers which a growing business can leverage from.

Save on investing time and money in online marketing strategies: Amazon spends millions of dollars towards driving customer  traffic to its website. On the other hand, the cost of selling on Amazon includes a transaction fee of $0.99 and an additional fee that varies between 6 percent to 25 percent of the sale, depending on the product category. Businesses can also create customized Amazon webstores for $40 per month with 2% transaction fee. Considering the vast potential for additional business, the cost of selling through Amazon appears more than justified.

Improved delivery through Fulfillment by Amazon (FBA): Instead of sending products directly to customers, businesses can ship in bulk to Amazon, which then takes care of the storing, packing and shipping. The FBA service also includes handling product returns and customer inqueries.

The Con’s

Intense competition puts downward pressure on pricing - Most selling categories on Amazon are fiercely competitive in terms of pricing. Amazon also sells directly in some of the product categories making it difficult for smaller businesses to compete. With the added expenses of an Amazon transaction fee, smaller businesses have to be extremely cautious of how they price themselves or all the effort of selling online may prove futile.

Vulnerability to customer ratings - Greater competition necessitates that every business selling online has to be well prepared to deliver quality products within stipulated timeline. Poor customer ratings on the overall purchase experience, could translate to poor visibility on the Amazon product listings and lower business potential.

Limited scope for branding  -  Customizing the Amazon webstore is dictated by terms and conditions that offer little scope for creating an online brand identity.

The alternative to selling on Amazon directly is to create product ads that appear on Amazon.  These ads, which are created from product information you upload into a seller account file, will be targeted to shoppers searching for similar or related items on Amazon.com. When shoppers see your ads and click, they are taken to your website to purchase the product. You are charged a cost-per-click each time a user clicks on your ad and total amount you can be charged is determined by the budget you set. Amazon is currently running a special offering $75 in free clicks when you sign up.

A final option for any business is to create  an independent e-commerce store.  While doing so gives businesses the creative freedom to create an online brand, it would necessitate earmarking resources (both time and money) for an online marketing strategy.  In addition managing online orders and delivery fulfillment can prove to be a challenge for a growing business.

There are pros and cons to each e-commerce model. But common sense dictates that selling on Amazon could definitely a good place to start while exploring e-commerce as a sales channel.



The Biggest Problem Small Businesses Still Have With Their Employees

employee problem

What’s the biggest problem you have with your employees? Is it retaining them, motivating them or keeping them from wasting half the day on Facebook? None of the above. If you’re like most small business owners, the biggest employee problem you have is finding good ones in the first place.

In a recent survey by Robert Half, 60 percent of small business owners report the biggest challenge they face in hiring or managing staff is simply finding skilled workers to do the job. (The second-biggest concernâ€"maintaining employee morale and productivityâ€"was far behind, cited by only 19 percent of respondents.)

It’s hard to believe finding staff is still a problem in a marketplace where so many people are still unemployed, underemployed or looking to switch jobs. What gives? Some workers have been out of the work force so long that their skills have atrophied. Others, even those with jobs, haven’t kept up with the rapid pace of workplace change.

But for many small businesses, the problem is not the kind of workers that are out there, but the way they approach hiring. Big companies have huge HR divisions, established brands and clear-cut pathways for employee advancement. For small companies, the brand recognition is likely not there, the recruiting staff probably isn’t in place, and the advantages of working at an entrepreneurial business may not be readily apparent.

How can you get around these hurdles?

Emphasize the Benefits of Working at Your Business

You may not have all the perks of a big corporation, but focus on what you do offer. Promote your company culture on your business website, in your want ads and in interviews. Is your company a fun, casual place to work? Is there lots of room to “wear different hats” and work with many different departments?

Job seekers value the ability to gain new skills without having to jump through corporate hoopsâ€"so focus on how employees at your company have the chance to really make a difference, even at the entry level.

Don’t be shy about “selling” your companyâ€"that’s what it takes to make your business stand out as a potential employer.

Recruit in the Right Places

Don’t just place want ads on mass job boards like Monster.com. Small businesses will generally get better results from more targeted recruiting efforts, such as industry-specific or local job boards.

Use social media outlets such as Twitter and Facebook to announce your job openings and drive interested parties to your website to get more information and apply. Use LinkedIn to advertise, tap into your connections to uncover leads on qualified candidates, and check out industry groups to find people who display leadership and experience in the fields where you’re looking to hire.  Even if they’re not actively seeking jobs, they might be interested in your opportunity.

Last, but not least, spread the word among informal networks like friends, family and people at your church or temple.

Bring in the Pros

If you’re hiring for a key position or need to bring someone on board quickly, hiring a recruiting firm could be worth your time. Make sure to look for a recruiter who is familiar with your industry and also works with lots of small companies. Get referrals and opinions from other business owners who have used the recruiter, and always weigh the benefits against the cost.

Another option: Look into temporary staffing agencies.

These days, staffing services aren’t only for assistantsâ€"you can hire a CMO, CFO or other C-level employee through a staffing agency. This gives you the option to “test drive” a candidate whose skills have been vetted by the agency. If you like what you see, you can offer them a permanent position.

Try these tactics and you’ll boost your chances of finally finding the perfect employeeâ€"one with the skills and experience you need.

Employee Problems Photo via Shutterstock




Ransomware victims told NSA\'s Prism program caught them with child pornography

Dealers of ransomware are now attempting to frighten victims into paying up by tricking them into believing they've committed illegal online actions that were uncovered by the National Security Agency's Prism surveillance program.

According to a Sunday post on the 'Malware don't need Coffee' blog, the scam functions similarly to other ransomware attacks. If users surf to a compromised site or ad hosting the attack, their screen becomes locked, and a message is displayed. In this case, the messages are customised to appear like they come from the NSA's Prism mass data collection program, whose existence was exposed in documents leaked by whistleblower Edward Snowden.

Victims of the ransomware are told that are under investigation for "illegal content downloading and distribution", specifically child pornography. To avoid prosecution and have their computers unlocked, targets are told they must pay $100 through a Green Dot MoneyPak by purchasing a prepaid card and transferring the value to the fraudsters.

A researcher known as Kafeine who studied the threat believes its purveyors are also responsible for the 'Kovter' ransomware, which began spreading earlier this year.

The crooks' command-and-control server is based in Russia, Kafeine said.



Anonymous turncoat Sabu\'s sentencing delayed, again

For the second time this year, the sentencing for Anonymous informant Hector 'Sabu' Monsegur has been delayed.

He faces up to 124 years in prison, but is expected to receive a much lighter sentence considering he cooperated with federal agents over the past 18 months to help them arrest at least five other members of the Anonymous and LulzSec hacktivist collectives.

Sabu, the LulzSec leader-turned-FBI-informant, is now scheduled to be sentenced on 25th October, a spokeswoman at the US attorney's office in New York told SCMagazine.com on Friday morning.

She said she had "no guidance at the moment" about why the sentencing date was moved again.

It appears federal authorities are still relying on Monsegur's cooperation.

Meanwhile, one of the people he reportedly informed on, Jeremy Hammond, released a statement on Thursday accusing the US government of asking Monsegur to encourage fellow hacktivists to infiltrate foreign government entities.

"It is widely known that Sabu was used to build cases against a number of hackers, including myself," Hammond reportedly wrote from prison in New York. "What many do not know is that Sabu was also used by his handlers to facilitate the hacking of targets of the government's choosing - including numerous websites belonging to foreign governments. What the United States could not accomplish legally, it used Sabu, and by extension, me and my co-defendants, to accomplish illegally."

Hammond pleaded guilty in May to hacking private intelligence firm Stratfor to expose millions of revelatory emails. The Illinois native faces up to 10 years in prison when he is sentenced, scheduled for 15th November.

As part of his plea deal, Hammond accepted responsibility for infiltrating a number of other sites, including including equipment suppliers and police agencies.

When he is sentenced, Hammond will have been imprisoned more than 550 days. He has been denied bail.



Anonymous turncoat Sabu\'s sentencing delayed, again

For the second time this year, the sentencing for Anonymous informant Hector 'Sabu' Monsegur has been delayed.

He faces up to 124 years in prison, but is expected to receive a much lighter sentence considering he cooperated with federal agents over the past 18 months to help them arrest at least five other members of the Anonymous and LulzSec hacktivist collectives.

Sabu, the LulzSec leader-turned-FBI-informant, is now scheduled to be sentenced on 25th October, a spokeswoman at the US attorney's office in New York told SCMagazine.com on Friday morning.

She said she had "no guidance at the moment" about why the sentencing date was moved again.

It appears federal authorities are still relying on Monsegur's cooperation.

Meanwhile, one of the people he reportedly informed on, Jeremy Hammond, released a statement on Thursday accusing the US government of asking Monsegur to encourage fellow hacktivists to infiltrate foreign government entities.

"It is widely known that Sabu was used to build cases against a number of hackers, including myself," Hammond reportedly wrote from prison in New York. "What many do not know is that Sabu was also used by his handlers to facilitate the hacking of targets of the government's choosing - including numerous websites belonging to foreign governments. What the United States could not accomplish legally, it used Sabu, and by extension, me and my co-defendants, to accomplish illegally."

Hammond pleaded guilty in May to hacking private intelligence firm Stratfor to expose millions of revelatory emails. The Illinois native faces up to 10 years in prison when he is sentenced, scheduled for 15th November.

As part of his plea deal, Hammond accepted responsibility for infiltrating a number of other sites, including including equipment suppliers and police agencies.

When he is sentenced, Hammond will have been imprisoned more than 550 days. He has been denied bail.



Ransomware victims told NSA\'s Prism program caught them with child pornography

Dealers of ransomware are now attempting to frighten victims into paying up by tricking them into believing they've committed illegal online actions that were uncovered by the National Security Agency's Prism surveillance program.

According to a Sunday post on the 'Malware don't need Coffee' blog, the scam functions similarly to other ransomware attacks. If users surf to a compromised site or ad hosting the attack, their screen becomes locked, and a message is displayed. In this case, the messages are customised to appear like they come from the NSA's Prism mass data collection program, whose existence was exposed in documents leaked by whistleblower Edward Snowden.

Victims of the ransomware are told that are under investigation for "illegal content downloading and distribution", specifically child pornography. To avoid prosecution and have their computers unlocked, targets are told they must pay $100 through a Green Dot MoneyPak by purchasing a prepaid card and transferring the value to the fraudsters.

A researcher known as Kafeine who studied the threat believes its purveyors are also responsible for the 'Kovter' ransomware, which began spreading earlier this year.

The crooks' command-and-control server is based in Russia, Kafeine said.



Orbit Downloader found capable of malicious activity

Researchers at security company Eset have discovered the popular file-downloading utility Orbit Downloader contains a remotely-updating distributed denial-of-service attack (DDoS) capability.

Orbit Downloader is a program that allows users to download files more quickly over the internet and also allows them to install videos and music not typically meant for download, such as streaming videos from YouTube or Vimeo. 

"The program does these functions," Eset researcher Aryeh Goretsky told SCMagazine.com on Monday, "but also has an undesirable hidden feature that, when it's running, it can take over a computer's network connection and use it to send blasts of data over the network connection to other computers that it's been told to target."

When a single computer is performing this type of attack, it is referred to as a denial-of-service (DoS). When thousands or millions of Orbit Downloader users are - unknowingly, in this case - performing the attack, then it is referred to as a distributed denial-of-service (DDoS).

According to the Eset post, two types of attacks have been observed. One is a kind of DDoS attack known as a SYN flood, which sends a high number of SYN requests to a target to make its system unresponsive, and another where TCP packets are sent containing HTTP connection requests.

Users will recognise the attack is happening because their network connection will be reduced to a sluggish crawl, Goretsky explained, adding the DDoS behaviour does not occur every time the program is run.

He added that the program updated at one point to be more selective about the number of computers performing the attack, but without knowing any motivations behind the findings, the researcher could only speculate that it was an attempt to be more covert.

Who has been on the receiving end of the attack has varied, but Goretsky and his research team have observed attacks on Vietnamese websites, as well as the targeting of the Ku Klux Klan website.

"As far as I know, this is unprecedented," Goretsky said. "We've seen programs get affected before unintentionally. We've seen programs used maliciously. We don't typically see software come from a developer with attack code built into it and getting updated."

Goretsky said that when the program is downloaded it initially does not contain the DDoS functionality until it checks for an update that, when run, downloads the module that performs the attack from the author's website,  which in turn allows for surreptitious updates and changes of behaviour.

What makes this particularly dangerous is that the program could theoretically be customised to do anything a piece of malware could, including stealing information, displaying advertisements or locking the system with ransomware, Goretsky said.

Orbit Downloader was created in 2006, but Goretsky said the malicious behaviour was not seen until earlier this year. He said the Eset researchers will continue to monitor if the module is being used to attack computers, and they will also look into other programs and software produced by Orbit Downloader developer Innoshock. 

Innoshock has not responded to Eset following the post, according to Goretsky, and the software developer did not immediately respond to a query from SCMagazine.com.

Goretsky said Eset researchers began looking into the program in May for fairly routine inspection purposes. Quickly noting that the program was executing unwanted malicious behaviour, the researchers began recommending that users uninstall the utility and replace it with another program.



Orbit Downloader found capable of malicious activity

Researchers at security company Eset have discovered the popular file-downloading utility Orbit Downloader contains a remotely-updating distributed denial-of-service attack (DDoS) capability.

Orbit Downloader is a program that allows users to download files more quickly over the internet and also allows them to install videos and music not typically meant for download, such as streaming videos from YouTube or Vimeo. 

"The program does these functions," Eset researcher Aryeh Goretsky told SCMagazine.com on Monday, "but also has an undesirable hidden feature that, when it's running, it can take over a computer's network connection and use it to send blasts of data over the network connection to other computers that it's been told to target."

When a single computer is performing this type of attack, it is referred to as a denial-of-service (DoS). When thousands or millions of Orbit Downloader users are - unknowingly, in this case - performing the attack, then it is referred to as a distributed denial-of-service (DDoS).

According to the Eset post, two types of attacks have been observed. One is a kind of DDoS attack known as a SYN flood, which sends a high number of SYN requests to a target to make its system unresponsive, and another where TCP packets are sent containing HTTP connection requests.

Users will recognise the attack is happening because their network connection will be reduced to a sluggish crawl, Goretsky explained, adding the DDoS behaviour does not occur every time the program is run.

He added that the program updated at one point to be more selective about the number of computers performing the attack, but without knowing any motivations behind the findings, the researcher could only speculate that it was an attempt to be more covert.

Who has been on the receiving end of the attack has varied, but Goretsky and his research team have observed attacks on Vietnamese websites, as well as the targeting of the Ku Klux Klan website.

"As far as I know, this is unprecedented," Goretsky said. "We've seen programs get affected before unintentionally. We've seen programs used maliciously. We don't typically see software come from a developer with attack code built into it and getting updated."

Goretsky said that when the program is downloaded it initially does not contain the DDoS functionality until it checks for an update that, when run, downloads the module that performs the attack from the author's website,  which in turn allows for surreptitious updates and changes of behaviour.

What makes this particularly dangerous is that the program could theoretically be customised to do anything a piece of malware could, including stealing information, displaying advertisements or locking the system with ransomware, Goretsky said.

Orbit Downloader was created in 2006, but Goretsky said the malicious behaviour was not seen until earlier this year. He said the Eset researchers will continue to monitor if the module is being used to attack computers, and they will also look into other programs and software produced by Orbit Downloader developer Innoshock. 

Innoshock has not responded to Eset following the post, according to Goretsky, and the software developer did not immediately respond to a query from SCMagazine.com.

Goretsky said Eset researchers began looking into the program in May for fairly routine inspection purposes. Quickly noting that the program was executing unwanted malicious behaviour, the researchers began recommending that users uninstall the utility and replace it with another program.