Last Chance to Get Free Publicity and Win a $500 Prize Package

The Brother “Back to Business” Contest offers you a chance to win a $500 prize package from Brother, plus valuable visibility for your business.

And the contest is coming down the home stretch.  There’s just one week to go.  The contest runs through March 19, 2014. And we encourage you to take advantage of it â€" while there’s still time!

Here’s what you have the potential to get:

  • Use of a free tool filled with templates for creating awesome marketing materials such as business cards, flyers, calendars,etc. for your business.
  • EVERY entry will be given visibility on BizSugar â€" and as an added bonus we will be featuring all the companies that have entered, here on Small Business Trends!
  • $500+ prize packages will go to 3 winners with the best marketing material. Each package consists of a beautiful Brother inkjet all-in-one printer / scanner /fax along with a label maker and lots of ink supplies. 

Now who wouldn’t want a chance at all of those?

It all takes place at our sister site, BizSugar.com.  It’s easy to get involved.  Go over and read the contest details, and learn more about the fabulous Brother prize package.  And get started.

What are you waiting for?

GET STARTED â€" SUBMIT YOUR ENTRY NOW!



If Your Business Were Failing Who Would You Want To Advise You? Vote: Seth Godin or Simon Sinek #ICON14

If your business were failing who would you want to rescue it? Who would you want to advise you?

Seth Godin? Peter Shankman? J J Ramberg? Jay Baer? Clate Mask? Who?

In this list below are 23 of the most amazing speakers, thought leaders, thinkers and small business growth experts in this galaxy - all who are speaking at #ICON14, in Phoenix, April 24 - 25 (and this is not the entire list).

Vote which one you would like to fix your business if it were failing and express why.


I’ll enter each submission into a drawing to receive a copy of the best seller, “Facebook Guide to Small Business Marketing“, Jab, Jab, Jab, Right Hook (Gary Vaynerchuk) and a one hour small business growth consultation with Ramon Ray.

#ICON14 is the ultimate event for small business success, where 3,000 or more small business owners will be at, including small business leaders like Seth Godin, Simon Sinek, Clate Mask, Aliza Sherman, Heather Dopson, Jermaine Griggs (just typing his names makes me tingle) and so many more. #ICON14 is all about marketing and sales for small business growth.

Which one of these small business growth experts would you want to help save your business - and why? Enter your submission in the discussion section below the post to enter to win!



  1. Clate Mask, CEO of Infusionsoft is one of the most level headed, smartest and passionate small business focused entrepreneurs around. His opening keynote will inspire, ignite and excite you to more growth.
  2. Simon SinekSimon Sinek is the ultimate go to go for leadership and business strategy. Best known for “Start with Why”, he’ll rock Infusionsoft with another thought provoking session to get your brain working to take your business to the next level.
  3. The “Date Your Leads, Marry Your Customers with Lifecycle Marketing” breakout session will stimulate you to grow sales and boost your marketing fresh new ways. This guy is giving that session.
  4. Why spend a ton of money on getting a new customer, when you can spend a LITTLE bit of money getting a new lead and converting them to become a customer. Paul Tobey is going to help you get LOW COST LEADS and convert them to customers.
  5. Jay Baer opened my eyes to moving away from fancy and slick and just providing people ta TOOL “Youtitlity” that they can use and that leverages your brand. Make someone to HELP your customers and they’ll be your customers for life!
  6. Lunch time - is more than just eating. But you can talk with your mouth full - and laugh and cry with your peers all about the journey of small business success.
  7. Rachel RodgersStop trying to get new customers - put all your focus on getting the right leads - or attracting traffic! Bobby Edelman is going to help you understand how to do this better and better.
  8. Would you like to WORK LESS AND MAKE MORE MONEY! Yes indeed. Well Rachel Rodgers Esq will help you MINE the intellectual property in your business and monetize it!
  9. Small Business ICON - the small business ICON is that ONE person who best showcases the ULTIMATE of best practices, strategies and results in small business marketing. This session will have the FINALISTS present - you will learn so much from them!
  10. Peter Shankman is the ultimate media guy - who has built a business sold it and done so much more. He’ll tell you the practical ways to build your brand and so much more.
  11. Casey Graham of the Rocket Company will share his inside secrets, tips and best practices in what it takes to MARKET your business. To get a boat load of leads and a barrel full of new customers.
  12. Dennis YuIf  I was on a desert island and I could only bring one marketer with me, I’d probably bring Seth Godin (and have Gary Vaynerchuk on a cell phone and Daymond John on Skype). Seth is giving the Thursday keynote at #ICON14 and will knock your socks off and dentures out with inspiration and ideas to be a better marketer.
  13. John Acuff has worked with some BIG, BIG brands, including my favorite Dave Ramsey - he’s coming to #ICON14 to share his knowledge with how small business owners can leverage what big brands do, for small businesses.
  14. Facebook is a POWERFUL advertising and engagement tool. Dennis Yu will tell you what you need to know about it.
  15. Heather Dopson is the ultimate lady of social media. She’ll give you the real low down in how to use social media as a business tool to drive deeper engagement and loyalty to your customers.
  16. Chicken, Taxis and Sesame Street. Learn how to turn your customers into SUBSCRIBERS with Andrew Davis
  17. Everyone can write but few of us can drive sales with our writing and deliver great COPY. Danny Ivy, in one hour, will educate you how to write copy that gets the reader to do what you want.
  18. Do you wish all of your prospects would ONLY buy from you and nobody else? Sounds hard to believe right? Well comedian and Infusionite Dave Sherman is going to spill the beans on HOW To do this!
  19. Are your kids getting in the way of your business. Is your business topping your marriage from being fulfilled? Aliza Sherman is going to moderate warm panel of experts in how to balance WORK and family.
  20. As small business owners we spend too much time begging for folks to buy from us and not enough time NURTURING our prospects and getting them to know, like and trust us. Michael Goodman will share his best tips in how to warm up your prospects for the purchase.
  21. Wouldn’t it be great if all your executives (and you) had more character and more values? Ann Rhoads will share how to create a winning A team that’s built to last.
  22. So the customer bought from you. YEAHHHHH! But now what do you do, how do you delight them so their toes tingle and their teeth glisten in a smile? Scott Martineau, co-founder of Infusionsoft,  is going to give you the formula you need for ultimate customer success.
  23. America’s small business TV host, J J Ramberg, whose more than just a pretty face but has an entrepreneurial streak in her, will wow you with lessons learned from her show “MSNBC Your Business”.




Drew Thorne-Thomsen on Pay Per Call and 2014 Opportunities #AMDays

Meet Drew Thorne-Thomsen, Vice President of Business Development & Partnerships at Invoca, a company that powers pay-per-call campaigns on Rakuten LinkShare, CJ Affiliate by Conversant, ShareASale and multiple other network, SaaS and in-house-based affiliate marketing platforms. At the upcoming Affiliate Management Days SF 2014 conference (March 19-20) Drew will participate on a “How to Improve the Advertiser-Affiliate Relationship” panel.

* * * * *

Drew Thorne-ThomsenQuestion: What do you see as the main areas of opportunity for affiliate marketing and affiliate marketers in 2014?

Drew Thorne-Thomsen: I think we are going to see a continuation of what we’re already experiencing - multichannel cooperation. To evolve as a marketer you have to expand your understanding between channels. If you’re an SEO expert you also need to have a firm grasp on social media. If your focus is on content, it’s vital that you also understand how content fits in with your email efforts.

As a marketer, you need to understand how the different avenues can work together effectively.

Question: Tell us more about Pay Per Call, how it works and why merchants with or without affiliate programs should care?

Drew Thorne-Thomsen: If you’re a merchant and phone calls are an important part of your business, unless you’re leveraging Pay Per Call, you’re leaving money and opportunities on the table. Pay Per Call provides merchants visibility and accountability within your marketing channels.

When a consumer chooses to engage with your product, brand or service over the phone, how are you measuring attribution and closing the loop with your marketing spend?

Pay Per Call helps accomplish this and acts as the connective tissue between your online and offline marketing efforts.

Question: In your experience, how do Pay Per Call programs compare to purely online affiliate programs? Discuss such KPIs as CTR, conversion rate, AOV, etc.

Drew Thorne-Thomsen: Pay Per Call dovetails perfectly into the performance space and was founded and  predicated on the same principles of transparency and accountability. To that end, the same metrics that you use in affiliate marketing are also relevant to your  Pay Per Call campaign efforts.

For example, conversion rates, which in Pay Per Call range on average between 10-15% compared to 2-3% online conversions. Other more Pay Per Call specific metrics include average call duration, key presses and aggregating call data. All provide in order to score the quality of the call.

Question: In your AM Days SF 2014 session you will look into the types of advertiser campaigns that work best from an affiliate perspective. For a sneak peek, can you give us the top 3?

Drew Thorne-Thomsen: When we are talking about the types of campaigns that perform well in a Pay Per Call, we are really talking about what I call the 5 pillars of Pay Per Call, which include:

  • Insurance (home, auto, medical etc.)
  • Financial services (mortgage, credit cards, Refi, Payday loans)
  • Home Services (homes security, satellite TV, custom furnishings, roofing, plumbing etc.)
  • Travel (car rentals, hotels, vacation packages, etc.)
  • EDU

Question: If you were to leave online advertisers/merchants and affiliate managers with one piece of advice for 2014, what would it be?

Drew Thorne-Thomsen: Don’t be afraid to take risks in testing the boundaries of your business model. Test, optimize, grow, parlay and repeat.

* * * * *

The upcoming Affiliate Management Days conference takes place March 19-20, 2014 in San Francisco, CA. Follow @AMDays or #AMDays on Twitter as well as Facebook.com/AMDays.

When registering, make sure to use the code SMBTRENDS to receive $500.00 off your two-day and all-access passes. See the rest of the interview series here.

More in:

Here is Why Ad Rates on Twitter Are Falling

Twitter ad rates are at an all time low and those ad rates may continue to fall. In fact, ad rates on Twitter have dropped 81 percent since the beginning of 2012. Rates dropped 13 percent just in the last three months of last year, according to a report from Quartz.

As the prices have fallen, ad revenues coming into Twitter have increased. That means more and more users - including small businesses - are buying ads on the social media site. In its annual report, Twitter even notes that its lower and lower ad rates are appealing to a lot of small businesses and international advertisers.

If these ads have worked for your business in the past, getting more for less is typically a good thing. In that annual earnings report, Twitter said advertisers can probably expect ads to drop even more:

“As we continue to optimize for advertiser value and the overall user experience, the cost per ad engagement may continue to decline over time, and we expect the cost per ad engagement to decline in the near term.”

But why are ads getting cheaper on Twitter? And should it set off alarm bells about the possible worth of ads on the network in the future? Well, there are several theories behind the drop.

One theory involves the increased amount of inventory. As content and traffic increase, there are more places for Twitter to put advertisements. That amount of space could actually increase if proposed changes to Twitter’s layout are implemented, too.

Another theory behind the drop in ad rates is that Twitter just hasn’t found prices that appeal to its target audience, which includes many small businesses. Twitter ads continue to be sold and bought mostly through online auctions and users continue to buy them. Twitter announced in company earnings that it raised $220 million in advertising revenue over the last three months of 2013. That’s according to another Quartz report.

Twitter offers two types of ads for its users, according to the company’s website. Sponsored Accounts and Sponsored Posts. With a Sponsored Account, your business pays Twitter when new Followers are added. Sponsored Posts charge you when another user engages with that post. That could include clicks on the tweet, retweets, replies, favorites and follows generated by that paid post.

Two notes of caution, however.

First, Twitter’s growth seems to have stalled particularly in the U.S. This may or may not matter to you depending on your target audience. But it could mean a limit to the reach of your messages. Quartz notes in its report that Twitter added 9 million new users in the last quarter of 2013. But only 1 million were in the U.S.

And second, Twitter’s users seem to be less engaged in the site. Quartz notes that Twitter users refreshed their feeds 7 percent less in the final three months of 2013 than they did the previous quarter.

So while you’re getting a bargain to reach your audience, the question is - how much are they listening to you?

Money Photo via Shutterstock

More in:

These 7 Tips Will Supercharge Your Social Media Marketing

For several years running, Americans have chosen to spend more time in social media than anywhere else on the Web. Marketers recognize the opportunity; 86% indicate that social media is important for their business. Yet 88% still want to know more about the most effective social tactics and how to engage their social audience.

In fact, only 37% of marketers think their Facebook marketing efforts are effective and almost nine in ten marketers still believe the top benefit of social media marketing is exposure.

Social media marketing done right reaches far beyond broadcasting messages about your brand and getting exposure. Use these tips to expand your social presence and realize the potential for direct sales, converting prospects, driving relevant traffic to your website and nurturing client relationships.

Supercharge Your Social Media Strategies

Plan to Succeed

Of course you don’t want to fail. But you will if you don’t have a solid social media marketing plan in place.

Gather competitive and market information to determine your audience’s interests and which platforms will be most effective for reaching them. Social media content creation must be informed and thoughtful. Craft content and compile it in an editorial calendar. Google Docs Spreadsheets are a good starter tool for this.

Get your company social policies down and determine the roles each member of your team will play. Establish the workflow and approval process for posting new content and monitoring interactions. Empower your social team members to respond and engage your social followers.

Tie Social Efforts to Real Business Outcomes

Benchmarking and goal setting are critical to your social success.  What do you want to accomplish with your social efforts and how will you know if you’re reaching your goals?

Many social marketers are tracking activity, but few are managing to tie the gathered insights back to real business outcomes.

supercharge your social media strategies

Recent research from Altimeter shows that 53% of companies have formulated metrics that show the positive outcomes of social activity on marketing optimization. Less than half have achieved this in measuring the effects on brand health and customer experience and just 24% are effectively demonstrating the effect of social activity on revenue.

Big brands now have social media staff across an average of 13 departments, yet only 52% of companies say their executives are aligned with their social strategy. Benchmarking, goal setting, accurate measurement and a more holistic, cross-enterprise approach to social are all necessary for taking your social strategy to the next level.

Understand Your Cross-Channel Audiences and Tailor Content Accordingly

People typically aren’t looking for the same volume, format or tone in content on Twitter as they are on LinkedIn. You can make certain assumptions like this when you’re just getting started, then use your social analytics data to fine tune your content strategy.

Cater to the visual nature of Instagram and Pinterest with high quality graphics and photos. Use Twitter to participate in relevant conversations and broadcast short and sweet messages or links to longer form content. LinkedIn and Facebook can be great for sharing in-depth or multimedia content and starting conversations.

Increasingly, social networks offer ways to target various segments of your audience by geography or other parameters, so take advantage of this when you can. You might have some overlap across channels, with customers and prospects choosing to follow your company on more than one platform.

Broadcasting the same information across channels simply doesn’t deliver the unique experience they’re looking for on each network.

Get Comfortable with Social Customer Service

It doesn’t matter whether you intended for your social channels to be used for customer service or not. Social audiences now expect it. In fact, 42% of customers with a complaint voiced via social media expect a response in 60 minutes or less.

Companies face a number of obstacles and challenges in social media customer service, not the least of which are that you may be dealing with potentially sensitive information or confusing customers with a mix of marketing and customer service messages. Corey Eridon shares some great insight at HubSpot on combating these problematic situations and more through good planning, solid policy and setting realistic expectations.

Positive and negative mentions alike deserve a prompt response. If you plan on having a serious social presence, assign a first responder to monitor each channel and give them access to a troubleshooting library that addresses common questions and issues. Establish a brand voice and ensure proper training so your messaging is creative, but consistent across all channels and team members.

Finally, never, ever ignore a comment posted to your social channels. Each one is an opportunity to resolve a problem, showcase your customer service skills, build brand advocates and more.

Own Your Mistakes

Everyone goofs on occasion, even the biggest brands. While an ounce of prevention is worth a pound of cure, all is not lost if an employee goes rogue or your social automation software posts a scheduled tweet at an inopportune time.

Take a page from Pamela Vaughan’s book.  HubSpot’s lead blog strategist accidentally posted a picture of her baby bump meant for her personal Twitter account to the company account back in December.  We’ve seen this happen before with varying levels of impropriety, such as an errant Red Cross tweet about drinking alcohol (getting slizzered, to be exact).

supercharge your social media strategies

Pamela, like the Red Cross before her, responded with humor and grace that would be hard for a Twitter follower not to forgive. She deleted the tweet after checking to make sure there were no replies to it (in which case she would have responded). She then wrote this apologetic blog post explaining how the mishap happened and what measures were in place to prevent a repeat.

Everyone was able to have a laugh and move on. This is how you want to handle a social goof.

Listen Up!

Social listening is a science. The greater your audience and the volume of conversation around the brand, the more difficult it can be to find the nuggets of insight in the noise.

Listening at any level of scale requires social monitoring software. Ideally, your social listening will integrate seamlessly with your customer database, allowing you to reap the most personalized and valuable insights from online interactions.

Setting up alerts on specific keywords brings peace of mind, allowing you to respond to select issues immediately. Listening also points to opportunities for your company to insert itself in relevant conversations, engaging influencers and establishing thought leadership.

The data gathered by your social listening software also informs your social media marketing strategy going forward. If you haven’t found the right social listening software, get on it. This is a must-have for companies serious about social.

Get Up to Speed in Search & Google Authorship

Recent Google changes mean companies need to understand how team members, brand advocates and influencers all creating and amplifying content can impact search visibility.

Even if you’ve been less than impressed with the size of your potential audience on Google+, it’s worth incorporating into your social strategy. Not only has it become increasingly important for local marketers, each profile on Google’s social network acts as a publisher’s identity when Google is ranking content in search.

google-authorship

Google Authorship helps Google understand who is behind a piece of content and what influence they have in their industry or topic area. Connecting your blog and other content to your Google+ profile allows Google Search to consider your entire body of content, the popularity and authority of the site it’s published on, social relationships and more.

This is a fantastic opportunity for marketers investing in authority building and social media to positively influence the search visibility of branded content.

Supercharge!

The last few years have been a whirlwind of new social tools, features and the explosion of niche networks like Snapchat and Pinterest. At first, it was about reaching out to our target market, getting in front of an audience and trying to decipher some type of business intelligence from those interactions.

Understanding that data is becoming simpler, thanks to evolving social analytics tools. Acting on it is becoming less cumbersome, with cross-enterprise strategies and a trend towards social as an integrated part of the overall marketing strategy.

Social media marketing is growing up and marketers are growing with it. As social continues to mature, we find ourselves ever more able to tie real business outcomes to a single tweet, or Facebook conversation.

If you’re not quite there yet, don’t delay - your competitors are implementing some of these tips already. As it becomes more reliable and measurable, social is sure to become more competitive, as well.

Supercharge Photo via Shutterstock



Web inventor calls for Internet Bill of Rights

"Are we going to continue on the road and just allow the governments to do more and more and more control - more and more surveillance?" - Sir Tim Berners-Lee

It's been almost ten months since Edward Snowden, a former CIA and NSA contractor started releasing classified files on how governments on both sides of the Atlantic are surveilling Internet users. And now, on the 25th anniversary of the graphical Internet we now call the World Wide Web, the `inventor' of the web has called for an Internet Bill of Rights.

Berners-Lee is the computer scientist who conceived and implemented an information management system called HTTP - the Hypertext Transfer Protocol - in a client-server configuration back in 1989.

Berners-Lee - who has been involved in the Internet since 1980, when CERN was working on the development of the TCP/IP standard - has been watching the unfolding revelations from Snowden with understandable, and publicly-voiced, concern.

He chose today, the 25th anniversary of when the first Mosaic browser client was released, to call for a `Magna Carta' Internet Bill of Rights to protect users.

Interviewed on BBC TV Breakfast Show today, he drew parallels between his proposed Bill and compared this to similar legislation surrounding human rights. As with human rights, he says the best course of action is for Internet users to take action and protest against surveillance by state entities.

"It's time for us to make a big communal decision. In front of us are two roads - which way are we going to go? "Are we going to continue on the road and just allow the governments to do more and more and more control - more and more surveillance?," he told the programme,

Since Snowden started releasing his files in May last year, Berners-Lee has said that state surveillance threatens the democratic nature of the Web, although he has spoken out in defence of Snowden himself, noting his actions have been in the public interest - something he reiterated during Snowden's talk at SXSW this week.

Industry reaction to Berners-Lee's call to Internet arms has been positive. Professor Peter Sommer - a fellow Internet veteran of the 1980s and visiting professor at de Montfort University, told SCMagazineUK.com that security on the Internet is not just about protecting users against terrorism and paedophiles - as some elements of the media have suggested - but more about protecting one's own Internet presence.

"It's actually about defending your own space on the net. Several people have called for something similar to what Sir Tim has asked for, but perhaps the industry - and government - will this time listen to the web's founder," he said.

Fellow veteran Peter Wood, CEO of First Base Technologies, a pen testing specialist, said that, whilst the actions of Snowden against the establishment in the US are valid, it is important to understand that UK surveillance of the Internet is - by and large - within its legal remit,

"We have been very fortunate in the UK that, whilst the US has clearly overstepped the mark, the UK government has been pragmatic in its approach," he said, adding that, despite this - and because of the global nature of the Internet - there is a clear need for an international agreement on the rights of Internet users.

Steve Smith, managing director of security consultancy Pentura, said Sir Tim Berners-Lee is right to raise this issue.

"However, in practice, the only way that organisations can keep their data and IP is safe from all types of prying and surveillance - whether from criminals or governments - is to audit what information is critical, and apply appropriate protection to it so it's safeguarded at rest and in transit.  The Web can't be trusted, so companies and individuals have to put their own protection measures in place," he said.

Clive Longbottom, founder and senior analyst with Quocirca, was equally cautious, saying, at a theoretical level, he agrees with Sir Tim.

"However, at a practical level, a Bill of Rights does not tackle the issue of the darker side of the Internet. You are also not going to get commercial monitoring groups to sign up to a Bill of Rights. Neither are you going to get the really bad Black Hats either," he said.

"And what about the likes of Anonymous and Lulzsec? These are monitoring things happening and watching over peoples' shoulders - would they be launch signatories to such a Charter? I doubt it," he added.

The problem, says Longbottom, is that the Internet genie is now well and truly out of the bottle, as large numbers of people are on the Web, with the result that it is being used for a great many things, not all of which are for the greater good. As a result, he adds, surveillance is going to be a challenging issue.



162,000 reasons to tighten up WordPress security

"Cyber-criminals continue to innovate and find vulnerabilities to exploit for their criminal activity" says Lancope CTO Tim Keanini.

WordPress may be one of the most popular website systems used to publish on the Internet, but its open source nature - and consequent security challenges - have been highlighted this week after around 160,000 WordPress sites have apparently been used as DDoS zombies.

Security research firm Securi reports that the WordPress pingback option - which allows WordPress sites to cross-reference blog posts - has been misused in recent times by unknown hackers to launch large-scale, distributed denial-of-service (DDoS) attacks. 

The attack vector used is not unknown as, back in the summer of last year, Incapsula reported that one of its clients was targeted in a pingback DDoS attack involving 1,000 page hits a second.

Securi says it has been monitoring a swarm attack involving more than 162,000 WordPress sites and collectively generating many hundreds of IP requests to a single WordPress site.

Whilst Daniel Cid, Securi's CTO, has declined to identify the site, this suggests the attack may have been a proof-of-concept trial. 

On a technical level, the attack vector exploits an issue with the XML-RPC (XML Remote Procedure Call) code within WordPress and which is used for pingbacks, trackbacks and remote access from mobile Web browsers.

SCMagazineUK.com notes that WordPress has known about the issue for several years, but the problem is that it a key structural issue with WordPress's kernel architecture.

Despite this, WordPress development teams have changed the default setting of sites to operate with a Web cache, meaning there is less load placed on the hosting server concerned.

The hackers, however, have generated fake website addresses within their IP calls, so bypassing the web cache.

Securi's CTO says he been talking to WordPress developer teams about the issue, who are reportedly investigating a workaround.

Tim Keanini, CTO of Lancope, said that the structural natures of the issue mean that it is not something that will ever go away.

“Think of it as a supply chain and these criminals need compromised connected computers for their botnets - if you are connected for whatever reason to the Internet, you are a part of this supply chain," he said, adding that cyber-criminals continue to innovate and find vulnerabilities to exploit for their criminal activity.

To add to this, he explained, we - as Internet users - continue to put insecure devices on the Internet and with the Internet of Things ramping up, he warns there is just no end to the supply of targets.

"What we need to do is to focus on the precision, timeliness, and leadership through these crisis - not the fact that they will just go away. They are here to stay and a part of doing business in the Internet age. When these events happen, what does leadership look like that provides business continuity and restores customer confidence? That is the question we need to be asking because hanging your head in shame does no one any good," he said. 

Sean Power, security operations manager with DDoS security vendor DOSarrest, said that the vulnerabilities in old versions of WordPress mean that hackers can exploit them to be used for DDoS attacks.

"This is nothing new - in fact, it was first recognised back in 2007. Attackers exploited a vulnerability in the core WordPress application and therefore it could be used for malicious purposes in DDoS attacks," he said. 

"The fix for this feature was actually released in the 3.5.1 version of WordPress in January 2013 and would be picked up by most good vulnerability scanners," he added.

Power went on to say that this a prime example of how users aren't regularly performing updates to their websites - "because if they were, we wouldn't still be seeing DDoS attacks being carried out by websites taking advantage of this old flaw.”



Power Up Your Gmail: 9 Gmail Extensions and Plugins For Greater Organization and Productivity

If you are one of the millions of people using Gmail as your email client and are looking for ways to better organize your mail and clear out all the distractions, then you are in luck! There is an endless stream of plugins and browser extensions that integrate with Gmail to help with everything from organization to archiving to better connecting to contacts. Here are 9 of my favorite Gmail extensions and plugins that keep me organized and save me TONS of time each day.

1. Gmail Offline:  This add-on syncs your emails and allows you to access them while offline, which can be extremely helpful in allowing you to read and respond to emails without being interrupted by new emails flooding into your inbox. It’s also useful if you are a frequent traveler with lots of time available to catch up on email but you don’t have an internet connection. You can read and respond to emails and once you reconnect, everything is synced and sent.
2. Boomerang: Having a simple system to schedule and easily follow-up emails is a necessity. Boomerang is the perfect tool! Not only does it allow you to schedule emails for future delivery, it also helps you track important emails that you send and need a response to within a specified time. Boomerang sends you a reminderif you don’t receive response emails, which allows you to quickly and easily follow-up. Boomerang also allows you to remove messages from your inbox until you are ready to read them and then pulls them out of the archive folder and sends them back to your inbox at the time you designate.

3. Canned Responses: If you frequently send emails that have the same messaging to different people at different times, then the Google Lab feature ‘Canned Responses’ is a great time saver. Whether it’s an email directing people to your newsletter and website or one that offers instructions on how to download your newest eBook, this feature allows you to create and save the email for use over and over again without having to copy and paste.

4. Smartr Inbox for Gmail: This free extension for Gmail automatically creates rich profiles for all of your contacts and tracks communication history. It searches your email history and Facebook and Twitter connections to create dynamic profiles for all of your contacts including their image, phone, social updates and a full relationship history, which includes when you met, how many messages you’ve exchanged and more. When composing or reviewing email, the contact information appears in a column to the right along with other contacts that are typically associated with the contact you’ve chosen for easy addition to the email.

5. Powerbot for Gmail: Evernote is one of the ‘must-have’ tools in my tech tool bag for productivity. I recently shared 9 Ways to Use Evernote to Increase Productivity and Powerbot for Gmail is an absolute necessity for quickly clipping messages or email threads, as well as attachments, to my Evernote notebooks for later follow up and sharing. This tool also allows you to clip messages and attachments to Dropbox.

6. KeyRocket for Gmail: If you’re like me, then you want to find the fastest way to get something done and keyboard shortcuts can save a significant amount of time.  KeyRocket for Gmail recommends keyboard shortcuts while you work to help you speed up the process of creating and sending emails.

7. Use Gmail Filters: If you are pulling multiple email accounts into Gmail through either POP3 or IMAP, you can use Gmail filtering to easily separate and apply labels to these emails for organizing and easier viewing. You can choose filter features such as ‘To’ and ‘From’ to quickly designate which emails you want filtered and then apply rules that allow you to apply labels for grouping, marking as important or priority and directly archiving and skipping the inbox. This is also a great way to filter out newsletters and eZines that you receive on a weekly basis to save in a specified folder until you have time to read.

8. Grammarly Lite - Smart Spellchecker: Never send out another email with spelling or grammar errors! Grammarly Lite checks the spelling, grammar and punctuation in your email and even offers synonyms for any word you select and a smart dictionary look up for one-click definitions.

It has been noted time and time again that email is by far the biggest cause of loss of productivity in the average business. Studies have shown that the average employee spends 40% of their working week dealing with emails that add no value to the business. Essentially that means that you are losing almost two full days of work just dealing with email. I say ‘Stop the Insanity’ and get your email under control! By removing distracting emails and creating better connections to the tools you use throughout the day, you can quickly tame the email beast and reclaim the time needed to GROW your business!


Apple\'s iOS 7.1 fixes 41 bugs, including Webkit flaws

US-CERT advises WinXP users to dump Internet Explorer

Users who are unable to stop using embedded versions of WinXP should at least stop using Internet explorer and even then may have invalidated any cyber insurance that requires patch ...

Major privacy flaw found on WhatsApp

Popular messaging service WhatsApp is facing up to another PR disaster after a security researcher found that others could access private chats through downloaded Android apps.

Security tech budgets rising, says new study

Information security budgets will increase in 2014, with 45 per cent of organisations planning to spend more this year and only 11 per cent cutting back, according to the latest ...



US-CERT advises WinXP users to dump Internet Explorer

Users who are unable to stop using embedded versions of WinXP should at least stop using Internet explorer and even then may have invalidated any cyber insurance that requires patch updates.

The US-CERT agency has added its weight to the rising tide of warnings about Windows XP going EOL (End-of-Life) on April 8, noting that Windows XP and Internet Explorer is a bad mix.

Interestingly, however, the US Computer Emergency Readiness Team has acknowledged the fact that some business - notably those that use embedded versions of XP - may have to remain with the ageing Windows operating system, saying that if you must use WinXP, then you should be using a more secure Web browser client.

US-CERT's warning comes as a raft of organisations are advising PC users to migrate to a more recent version of Windows as a matter or urgency - but many business users may have embedded versions of WinXP on the systems they (and their clients) use on a regular basis.

According to Sarb Sembhi, an analyst and director of consulting with Incoming Thought users of systems such as ATMs and CCTV platforms are quite likely to be using an embedded version of WinXP - with no real economic alternative open to them.

"It is going to be difficult for them to migrate away from these systems, but the good news here is that most embedded Windows XP users won't be using a browser interface, so they have nothing to fear from this announcement," he said.

Sembhi - who is a leading light in ISACA [www.isaca.org ], the not-for-profit IT security association - also warned, however, that businesses using any type of embedded WinXP system should check their cybersecurity insurance cover conditions, as most insurance of this type, he says, has a primary condition of software being fully patched and up to date.

"This could create problems after 8 April when Windows XP will no longer be patched by Microsoft," he explained.

On top of this, the Incoming Thought analyst cautioned that any organisation that is subject to security audit requirements - such as that mandated by PCI DSS - is unlikely to pass muster on its WinXP system when the operating system goes EOL next month.

"Normally I would say that, if a business conducts a regular risk analysis process in connection with its IT systems, then they should be okay to use an embedded WinXP system, but the insurance and audit issues may be a problem. And since Windows XP is so old, I doubt that many businesses are using a desktop version of the operating system at this late stage," he said.

Back at US-CERT, the US government security agency has also warned against combining WinXP and MS-Office 2003 for similar security reasons.

“All software products have a lifecycle. End of support refers to the date when Microsoft no longer provides automatic fixes, updates, or online technical assistance,” says the agency in its advisory.

Bob Tarzey, an Analyst and Director of Quocirca echoed fellow analyst Sarb Sembhi's note of caution, saying that all security IT has an element of `belt and braces' in it.

"US CERT is right to advise against staying with XP, but if there is no short term choice, the advice to consider a non-Microsoft browser makes sense," he said, adding that this is especially pertinent given the fact that most Web browser clients are free to use.

"Using Internet Explorer with unsupported WinXP is like removing both the belt and braces," he concluded.



Major privacy flaw found on WhatsApp

Popular messaging service WhatsApp is facing up to another PR disaster after a security researcher found that others could access private chats through downloaded Android apps.

Security consultant Bas Bosschert picked up on the flaw in a blog post on Tuesday, where he detailed how WhatsApp - which was acquired by Facebook for US$16 billion last month - saves private messages onto the phone or tablet's Secure Digital (SD) card, which could be intercepted if the developer of another Android application asks the user to permission to access the SD card when downloading the app.

This is a common practice for most mobile applications, across Android, iOS and Windows, with permissions often including access to SMS messages, the phone's contact book or to cellular data.

Bosschert, CTO at DoubleThink and a technical consultant with more than 10 years' experience working with Linux and Unix, suggested that user permissions are a weakness in the users' armour and added that developers could well take these personal messages, decrypt them - using some Python script and even OpenSSL - and send them to their own web servers.

“The WhatsApp database is saved on the SD card which can be read by any Android application if the user allows it to access the SD card. And since the majority of people allow everything on their Android device, this is not much of a problem.”

“…We can conclude that every application can read the WhatsApp database and it is also possible to read the chats from the encrypted databases. Facebook didn't need to buy WhatsApp to read your chats.”

Bosschert urges users to verify the app source and read application permissions before installing, in order to avoid a loss of personal information. He added that the flaw was still present despite the fact that WhatsApp had updated the Android app on 11 March.

In response to the news, Paco Hope - principal consultant at Cigital - said that this latest issue is proof that mobile developers need to catch up with the latest security features.

“The fundamental problem with the WhatsApp database, which is virtually identical to the problem with the RSA Security Conference App [which was also reported leaky earlier this month], is that data on a mobile device is not protected in any way more sophisticated than if it was on garden variety PC,” Hope told SCMagazineUK.com.

“Many technologies are being developed first on the mobile, or exclusively on mobile devices and it is mistakenly assumed that the mobile device or its application store add some layer of security. We know how to build secure software. Banks and independent software vendors have pioneered techniques like architecture risk analysis (which would have found this flaw), static code analysis, and penetration testing (the most belated and expensive way to find this flaw),” he added.

“Mobile developers need to apply and evolve the security techniques we have learned over the last three decades.”

WhatsApp may be one of the up-and-coming private messaging apps right now - along with Viber and Snapchat, but its ascent has been in part tainted by privacy and security fears. 

Thijs Alkemade, a computer science and mathematics student at Utrecht University in the Netherlands, claimed last October that WhatsApp's ingoing and outgoing messages are encrypted with the same key - meaning attackers could potentially intercept and recover messages - while in late January it was revealed that the app breached privacy laws by asking subscribers for access to their contacts, and by storing every phone number. 

Such action has seen two privacy groups in the US - the Electronic Privacy Information Center and the Center for Digital Democracy - working to invalidate Facebook's acquisition on grounds that WhatsApp's privacy policy is incompatible with that of the social networking giant.



How to Make Your Spring Retail Sales Sing

spring retail sale ideas

There’s gloomy news for retailers this season. Winter weather in much of the country meant retail shopping essentially leveled off after the December holidays. The National Retail Federation reports that January sales were flat as customers holed up to avoid the Polar Vortex.

So how can your retail business make up for slow winter sales?

Get ready now to market your store for Spring season holidays. Although they’re not as big a deal as back-to-school or Christmas, Spring holidays, including Easter, Mother’s Day and Father’s Day, are nonetheless key shopping periods for retailers.

Last year, U.S. consumers spent an estimated $17.2 billion for Easter, $20.7 billion on Mother’s Day, and $13.3 billion on Father’s Day. Below are some upcoming Spring holidays, and ideas for taking advantage of them.

St. Patrick’s Day (March 17)

Depending on your location and your target market, St. Patrick’s Day can be a day when your customers celebrate their Irish heritage, start drinking green beer at noon or cook Irish meals like corned beef and cabbage. St. Patrick’s Day also appeals to schoolchildren who may dress in green or exchange little gifts and treats in the classroom.

Hold a St. Patrick’s Day sale or contest (so customers can test the “luck of the Irish”). Put impulse buys like pint glasses or shot glasses, green T-shirts, hair ribbons or socks or Irish recipe books in your prominent displays.

First Day of Spring (March 21)

Celebrate Spring with an outdoor event (weather permitting), since customers will be itching to get outside.

Get local retailers in your area together and organize a sidewalk sale. Sweeten the pot (and attract more foot traffic) by asking local restaurants to sell samples of their menu items for a few dollars. Come up with themed contests for your customers. For instance, a toy store could have children decorate paper flowers and display them in the store, or a women’s apparel store could have a hat contest.

Tax Day (April 15)

While you many not consider this a “holiday,” the National Retail Federation reports two-thirds of Americans are expecting a refund this year, and pent-up demand for products could tempt them to spend some of that money in your store.

At a time when customers have taxes on the brain, a “sales-tax free day” is a great promotion. (Remember, you still have to remit the tax even though the customer doesn’t pay it). Get your store on customers’ minds before they get their refunds with ads, marketing emails and social media messages asking them how they’re planning to spend their refund and tempting them with big-ticket items.

Keep in mind, customers who know they’re getting refunds often file way before Tax Day so they can get their cash faster.

Easter (April 20)

Easter marketing seems to start earlier every year. In my area, Easter baskets went on display the day after Valentine’s Day. Clothing and candy are big spending areas for Easter, as moms outfit the family for church and fill the Easter baskets.

However, in recent years Easter baskets have become more and more like mini-Christmas trees, packed with not just candy but also gifts and toys. Appeal to moms’ desire to treat their kids by marketing everything from toys, games and accessories to books, electronics and gift cards as perfect basket-stuffers.

Mother’s Day (May 11)

In addition to the traditional gifts like flowers, candy, perfume and clothing, moms love experiences that give them time with their families. To capture even more of the dollars Dad is spending on Mom, think about how your business can create an experience around Mother’s Day.

For instance, a children’s bookstore could hold a Mother’s Day tea. A crafts store could feature a crafting session. A cooking store could hold a gourmet cooking class. Also remember that Mother’s Day celebrations include multiple generations, so don’t forget Grandma and even Great-Grandma. Make sure your gifts and your store are senior-friendly.

Finally, don’t forget that Dad buys most of the Mother’s Day gifts, and in most cases, he doesn’t like to shop. Marketing messages that focus on simplicity and ease (getting in and getting out of the store quickly) will resonate with him. Create window displays that group products together in packages he can grab and go. Offer gift-wrapping in-store and be prepared with lots of advice from the sales staff.

Father’s Day (June 15)

Go beyond the traditional Dad gifts with themes like golf, fishing, sports and power tools to target non-traditional dads with hobbies like music, craft-beer brewing or gourmet cooking. Gift cards are also a great option to appeal to dads who want to pick their own gifts.

Also remember, since Mom is buying Dad’s gift, you need to appeal to her desire to find the “perfect” item while still getting a deal. Offer buy-one-get-one-free deals or package products together so mom can feel like she’s saving more by buying more.

Finally, keep an eye on the weather since it’s what has stymied winter retail sales. Check out Weather.com’s average temperatures for your city, or its monthly forecasts, which may be slightly more useful.

This way, you can have a better idea if your sidewalk sale is going to get rained out - or whether ordering umbrellas or bathing suits is a smarter idea.

Spring Sale Photo via Shutterstock



Online Invoicing Activity Grows, Tradeshift Funding the Latest Example

tradeshift

There’s a lot happening with online invoicing, and funding recently raised for Tradeshift is the latest example.

Tradeshift, the business-to-business digital invoicing startup, has just raised $75 million in venture funding for expansion. The software is already being used in businesses in the U.S. and Europe. Tradeshift received that funding from VC firm Scentan Ventures, based in Singapore. The new capital will fuel expansion including more marketing of the software overseas.

But the company is only one of a long list of online invoicing options out there.

Many are simple applications that enable you to generate and email an invoice and get paid electronically via credit card or through PayPal. But other solutions are tied to additional apps and offer more functionality, including workflow.

For example, Handshake, is an app that allows buyers and sellers to write and receive orders for a wide variety of products including on iPad, iPhone and the Web. Those products include gifts, homeware, fashion, toys and more.

Another business-to-business ecommerce solution, Insight Software specializes in companies in the manufacturing, distribution and retail industries. Meanwhile, software solutions JOOR and NuOrder focus specifically on the apparel industry.

Nearly four years ago we started following the online invoicing space, and eventually the list of applications went up to 50 invoicing apps.

But this is a dynamic area showing that invoicing, or more specifically getting paid, seems to be a pain point that needs solving for many small businesses. For instance, Sage just launched a subscription online invoicing solution. Called Sage One, it costs $9 per month and directly targets the small business user.

In releasing the software, Sage claimed it was responding to a specific need in the small business community. The company said its data shows 57 percent of small businesses struggle to get paid quickly. And presumably this is due to lack of efficient invoicing tools.

Of those businesses, Sage claimed 71 percent said they created invoices on Word or Excel. About 47 percent said they sent their invoices by mail.

Last year, in an effort to refocus its own brand as a one-stop-shop for small business owners, domain registrar and Web hosting company GoDaddy acquired Ronin. The Mountain View, California company says its invoicing software is designed specifically with small businesses in mind.

Image: Tradeshift