Hackers Are Getting Better: How to Make Sure Your Company is Secure
The headlines are loaded with corporate security breaches. While most large companies have proper security systems in place, it still keeps happening with alarming frequency. These are not mom-and-pop companies, either; these are multimillion dollars corporations that should have known better. From 2009 to 2010, for example, the social media giant Twitter had eight of the worst hacks in social media history. The company has gone a long way to improve their security strategy, yet it is still having problems. Here are three of the largest corporate social media hacks in history that never should have happened and what you can do to make sure it doesn’t happen to you: LinkedIn LinkedIn is one company that should never be on the end of a devastating hack. Yet in June of 2012, it had the biggest hack in its company history. Easily penetrated encrypted passwords enabled a hacker to leak about six million of them. When the breach was discovered, the company disabled the profiles that were thought to be compromised. Within two days, the hacker got over 150,000 more. The company apologized, promised an investigation, advised customers to change their profile information, and that was about the last we heard of it. The problem and solution: Those six million passwords were stolen because they weren’t encrypted well. The solution seems obvious — bump up your encryption level, and make it impossible for users to access their profile with an easy password. The top three passwords hacked were: link, 1234, and work, reports Mashable. Bottom line: Look for encryption software put out by several vendors to fit your needs and take steps to ensure that customers cannot create weak passwords. Note: The LinkedIn hacker was found to be a Russian forum user; after the LinkedIn hack, he turned around and did the same thing to eHarmony. He hinted he had user names as well as passwords for both hacks. Burger King In February of 2013, Burger King Twitter followers found out the chain had been sold to McDonald’s – or so they read. An advertisement for Fish McBites was tweeted and the Burger King logo disappeared and was replaced by the McDonald’s logo. For a little over an hour (until Twitter suspended the account), massively inappropriate and obscene tweets were posted, including tweets about “employees” doing drugs (with photos); too much drug use was cited as the reason why Burger King was sold. The company apologized for the incident later in the day, reports Time. The problem and solution: Not protecting its Twitter account with a solid password and not monitoring the activity turned Burger King into a victim. Heavy security system monitoring, along with strong password implementation would have gone a long way towards barring the breach. Bottom line: Change the main Twitter account password often and make sure it is known to as few people as possible; ensure the password is strong. In addition, there are security monitoring companies that will watch all activity on all accounts 24/7 in your company; shop for one that fits what your company needs. Home Depot On September 8, 2014, Home Depot issued a statement to the public regarding a “payment breach.” The company reported that basically anyone in the U. S. or Canada who had used “a payment card” from April...
read moreOutrageous Success: How Small Tweaks Can Produce Big Results.
Join Susan in a city near you for an exclusive small business knowledge session hosted by AT&T. You’ll learn how to: * Create incremental enhancements at every level to break away from the competition. * Identify collaborative opportunities or new markets for growth. * Understand the importance of both people and technology for operational efficiency. Your local AT&T account team will be on hand to facilitate the discussion and show you how we can help meet your business needs. * Great savings on business solutions. * 25% discount on select accessories* * Prizes, refreshments, light fare and giveaways including Susan’s New York Times bestseller, “It’s Your Biz” book (available to registered seminar attendees while supplies last). The event is free, but it’s best to register in advance. Hope to see you in your hometown. Follow us on Twitter #OutrageousSuccess and join us on Facebook....
read moreHow Saying ‘No’ Can Be Good For Business
If you watch any of the reality televisions shows – stick with me here – that involve the creative process, Project Runway comes to mine, you’ll notice that when contestants do poorly usually it’s due to a lack of editing. We tend to have the attitude that “more is better” and when we’re faced with making difficult choices, we would rather not choose at all. Or when we don’t know exactly what to do, we throw the “whole kitchen sink” at the issue. Let me toss a great Steve Jobs quote your way: “People think focus means saying ‘yes’ to the thing you’ve got to focus on. But that’s not what it means at all. It means saying ‘no’ to the hundred other good ideas that there are. You have to pick carefully. I’m actually as proud of the things we haven’t done as the things I have done. Innovation is saying no to 1,000 things.” When Project Runway contestants go overboard on design ideas they just get scorned by the judges and perhaps lose their chance at the grand prize. In any case, the “punishment” is over quickly. When small business owners are unable to “edit” their ideas and say no to projects or commitments, they usually have to live with the consequences for a long time. Consider some of the possible situations and their consequences. You expand too quickly. In retail this often means that the business’ first location suddenly ends up playing “second fiddle.” Quality and customer service drop. Pretty soon the owner discovers that he or she has a problem store or restaurant that needs rehabilitation. Before you open a second location, be sure the first can operate without your care and feeding. By the way, this can also happen when merely physically enlarging a facility. Supervising a large crew is far different than looking after a handful of original employees. The expansion could be in the product catalog. This happens in retail and in business-to-business enterprises. Consider the amount of revenue that each new item should bring in. How much added staff will you need to support that? Will the added revenue be sufficient to cover the added overhead or are you just diluting your overall margins? You chase rabbits. One day you become enchanted by the potential of a somewhat unrelated business area and open another business or department to specialize in it. This is what Jobs was talking about. For example, rumors of an Apple television set have been going around for as long as I can remember. Consider the number of TV sets that are sold each year, this could be a profitable and appealing market – if Apple could maintain its margins. However, jumping into making TVs would significantly change the focus of the company and so far, the risk hasn’t been worth the gamble. When you go on a rabbit chase, your original prey – your core business and its customers – leave your field of vision. Presented with tempting new business offers and ideas, you need to consider them carefully and learn that often the best response is to “just say no.” However, don’t stop there: use that “no” as a signal to go back and renew your efforts on your core business. Image: Just Say No, ©...
read moreSimplify, Declutter and Cash In
I love it when major social currents come together and that’s just what has happened to me recently: I’m simplifying and decluttering my personal life and getting a taste of a “work from home” business many others are pursuing full time. I live in a big house that has afforded me the space to keep a rather large number of “sentimental items” – I even have all my childhood dance costumes. However, I’ve realized that it’s time to thin the herd a little and instead of just bagging stuff up and giving it away, I’ve started selling on eBay. In my own small way, I’m able to join the legions of people who are carving out home-based businesses for themselves – or adding another dimension to their legacy businesses – as eBay sellers. If you’re surrounded by things that you would like to convert into cash, let me cover a few essentials and share a couple of tips. There are two things you absolutely need: a PayPal account and stuff to sell. But once you have those things ready, you need to know if your items have value. Let me show you the best way to find out. Find your value To get a realistic assessment of value, use the eBay “advanced” search to find the same item as you are selling. Be certain to check the “Completed listings” button. Then you will see what prices buyers actually paid for the items being auctioned and which ones went unsold. Otherwise you just see what people are asking or the current level of bids. Also, when you compare the prices that items actually fetched, be sure to note condition and shipping. For success, eBay auctions need to be competitive and shipping plays an important role in that calculation. Set up your auction Once you have a value range in mind, you need to set up your auction. Provide pictures and an honest description of condition. (Your eBay reputation is critically important, so point out any flaws. You don’t want disappointed buyers.) Studies always indicate that low starting prices, say 99 cents, generate the most interest and ultimately the best sale prices. You can set a reserve if you’re nervous, but again, no-reserve auctions typically get the most action. You can name a “Buy it Now” price if you want to move your item more quickly and would be satisfied with a certain price. You can select how long your auctions will last. Make it one week. That way you will be certain to have a weekend within your auction. Also, statistically the best time to start your auction is between 6-9 p.m. Pacific Time. That’s when the most people are on eBay. Provide excellent customer service Respond to bidder questions promptly and ship your items immediately, if possible. Establishing and maintaining a high seller rating is invaluable on eBay. Make your customers delighted by how quickly they receive their items and by how accurately you described their condition. There are, of course, other nuances to selling on eBay, but these will get you going in the right direction. And by clearing out some items around your house, you can see if becoming a serious eBay merchant is something you’d like to do. Image: Ebay Explained 2006 (KLCC), © 2006 Cheon Fong Liew, used...
read moreGo Where the Money Is: Be Ready for Universal Payments
When asked why he robbed banks, underworld mythology says Willie Sutton answered, “Because that’s where the money is.” The veracity of that quote is certainly in doubt. However, there’s no doubt that your business should be diving into the world of universal payments. Not long ago on these pages, I touched on this issue with regards to Bitcoins. I want to take a little step back this time out and look at the broader issue of “universal payments,” which for my purposes will be mobile card readers and mobile wallets. Mobile card readers Because they are often advertised on television, most of us are probably somewhat familiar with mobile card readers. For some reason, the marketing folks behind these think their shape is important, so PayPal’s mobile card reader is triangular and the Square Card Reader is, well, square. If your business makes any “away from home base” sales, you should probably be using a mobile card reader. If you don’t do any business away from your main location, you should brainstorm opportunities; the technology affords you a low-cost way to explore new markets. Head to flea markets, farmer’s markets, inside complementary stores or other large public events to find new customers. Also, I know that some retail businesses – even today – are reluctant to accept credit cards. After all, who wants to give away a chunk of their profit on a sale? But 40 percent of all consumers are carrying less than $20 in cash and two thirds carry $50 or less, so you really need to have a way to accept credit cards. A mobile card reader is a low-cost way to see how accepting credit cards will benefit your business. If you don’t like the results, just tuck away your little smartphone attachment in the back of your sock drawer. Mobile wallets Somewhat less known are mobile wallets, although Google created its mobile wallet back in 2011. There is no doubt that credit card security is becoming a major issue with both consumers and businesses. It seems like there’s a new high-profile hacking incidents every two or three months.. Mobile digital wallet technology is designed, at least in part, to provide additional security to transactions; it also enables a wide range of add-on features that can be leveraged for marketing purposes, such as loyalty programs and promotions. The most simple digital wallet could be thought of as a pre-loaded credit card accessible through your smart phone. However, its tentacles can stretch much further, as I said above it could be tracking loyalty accounts, be used in lieu of event tickets, pay parking fees, enable “social shopping” and much more. In a store setting, mobile wallet systems generally use near field communication or quick response (QR) codes to communicate with a vendor’s point of sale hardware. They eliminate the need for consumers to carry around a wallet full of cards and can be used just as easily online as in a store. However, so far they haven’t been a big hit with consumers. Nonetheless, accepting payments via mobile digital wallets can be an effective marketing tool for your business. If your customers are tech-savvy, adopting any “forward looking” technology – mobile wallets or Bitcoins, for example – can help you convert prospects. Apple Pay I recently...
read moreProtect Yourself and Your Business with Background Checks
A friend once hired a guy who she thought was well qualified to be the COO or her rapidly growing company. Two years later a visit from the IRS revealed that her COO had been embezzling from her and not paying taxes. As are many business owners, my friend was crazy busy and hadn’t taken the time to do a real background check on her new COO. It was a very costly mistake. Here are some tips and resources to get your background checking system up and running. 1. Know local law. States and counties vary on what is permissible with background checks. I’m going to offer advice that covers all situations as best I can, but before you implement a system for background checks do a quick consult with a local lawyer who specializes in this area. If you don’t want to pay a lawyer or bother reading the rest of this, skip to tip number seven. 2. Be consistent. When you have a system in place, apply it consistently for each job title. You may have different standards and processes for entry-level employees versus management, but within each job description use the same background check process. 3. Know how you can use public information. Social media profiles, bankruptcies and workers’ compensation appeals are public information. You may gain a glimpse into a candidate’s personality and lifestyle through social media, with the caveat offered in number six. You can use candidates’ workers’ compensation histories to judge their suitability if the previous cases indicate they wouldn’t be able to do the work. Bankruptcies, while they are public records, cannot be held against a candidate. 4. Criminal past rules vary. There is a trend against using the famous question, “Have you ever been convicted of a crime” on job applications. Court records are public records. Current federal law allows employers to consider convictions, but after seven years arrests cannot be considered. Note that your state may have different restrictions. California, for example, disallows arrest information unless it was followed by a conviction. You can get information on FBI services and checks on these two webpages: Criminal History Summary Checks Checks on Bank Employees 5. General recommended checks. Credit checks, past employers, driving records, professional licenses, education, and references are the most common checks. Credit checks are used by about 60 percent of all employers. You need the candidate’s permission for a credit check and some states ban its use. Checking past employers will generally be limited to the basic facts surrounding employment. 6. Be wary of online searches. There’s a lot of information available on the Internet, but it is not consistent for every candidate – and it’s not always true, either. Finding negative information on one candidate and nothing on another, may just mean that the second candidate has managed to avoid the virtual world. 7. Consider using a professional service. Using a reputable service that has experience in your community can greatly simplify the process. You’ll get the consistency you need as well as conformance to current law. It spares you the chore of keeping up with federal, state and local changes in the law. If you want to go it yourself, keep tabs on this “Small Business Owner Background Check Guide” from the Privacy Rights Clearinghouse. So...
read more