A company called AdKeeper is taking a gamble on the idea that people like online advertisements so much that they will want to mark them and save them in one place. Advertisers who partner with AdKeeper will feature a small icon on the ad that viewers can click. The ad will then be saved on AdKeeper.com. READ MORE
There’s no one right way to run a virtual small business. There’s only the right way for your particular business. That’s the consensus of executives who own, run or are employed by virtual small and mid-sized companies, all businesses that exist on paper but don’t necessarily have a headquarters, or in some cases, even employees. People who run them believe that while virtual companies don’t have all the characteristics of a conventional business, they can be as successful if owners and managers are committed to: Maintaining a strong corporate culture Using technology to get work done and promote communications internally as well as with customers and suppliers Getting staff together periodically for strategizing, team building and having fun Here are some observations and lessons learned from owners or managers at two virtual companies: Automattic — Keeping it small for a reason Matt Mullenweg started a free blogging website called WordPress.com That has become one of the biggest names in the blogging business. Five years and three million users later, Mullenweg, head of the blogging website’s parent company, Automattic, still works at home. Over five years, Automattic’s staff has grown from a handful to the purposely small number of 20. Employees live around the United States, Australia, and Europe. Since blogging is the company’s business, employees keep track of each other through their blogs. Automattic also holds regular in-person powwows to strategize and have fun, according to Mullenweg. Earlier this year, Automattic picked up $29.5 million in funding from Silicon Valley venture firms and The New York Times, which uses WordPress to host blogs for the paper and About.com, which it also owns. But even that hasn’t convinced Mullenweg to open an office. “I live about a block away from the offices of one of our investors, so if we have meetings we go there,” Mullenweg says. Mullenweg reasons that the lower the company’s operating costs, the more money he can sink into research and development. “With the new funding we’re hoping to be as efficient as we were with” the initial $1 million the company raised, which never left the bank. “It’ll allow us to take some small action and invest in more long term” projects, he says. Cheetah Training — Outsource everything About 100 people work for Cheetah Trainingbut only a handful of them are employees. The $10 million Carson City, Nev., training firm has a core staff of 13 who run the show, but trainers for the project management courses it offers are independent contractors. The balance of the business is outsourced to third parties that handle functions such as accounting, IT, marketing and advertising. “I used to have an office but I got rid of it because it wasn’t adding value, just cost,” says Cheetah Learning founder Michelle LaBrosse, who commutes between offices in Carson City and Haines, Alaska. Communications between employees, outsourcers, and contractors “is a well-oiled machine,” LaBrosse says. People use e-mail, weekly phone check-ins, and IM to stay in touch on daily business and projects. The company also uses wikis hosted by Joomla to collaborate on new initiatives, LaBroose says. “My corporate culture is strong even though people rarely see each other. Everyone prides themselves on being a Cheetah and I don’t need a specific location to make that come alive. I just need a really good information management system.” “We don’t really care when people work. We manage based on deliverables,” adds LaBrosse. “People who aren’t responsive don’t last.” People who do need face time are “extremely annoying,” she says. “If they can’t work independently why am I hiring them?” By using independent contractor trainers who live all over the place, Cheetah can offer classes in the United States, Europe, and around the world, a distinction that’s earned it training industry honors. SIDEBAR: Learn More about Running a Virtual Company Read more about virtual companies here: This ‘Virtual’ Company is for Real — An article from Fast Company magazine’s December 2007 issue of about a Marietta, Ga., virtual company start up that makes lightweight PCs. Gigaom — This article on the Gigaom technology blog examines a law the state of Vermont passed in June 2008 that revamps requirements for establishing a corporation by allowing for online board meetings, among other things. The Handbook of High Performance Virtual Teams — A guidebook to managing virtual teams, published in March 2008 by John Wiley & Sons.
My husband, who owns a one-year-old retail website, describes credit cards as both the cornerstone of his company’s payment systems and the potential crack in the foundation that could bring the whole business tumbling down. While his company is geared largely to technophiles whom you’d expect to order with a guaranteed third-party payment service like PayPal, fully 90 percent of his customers buy their gifts with American Express, MasterCard or Visa. So far he’s been lucky; out of the hundreds of credit-card transactions he processed last year, not one was bogus. But like other online merchants, he worries about what will happen if somebody does make a fraudulent charge, starting a chain of events that typically doesn’t end well for the seller. The biggest such threat: “chargebacks” or credit-card charges that buyers dispute. Buyers typically win those disputes. If someone successfully uses a lost or stolen credit card in person, the issuing bank is usually liable for the amount. But in online transactions, also known as “card-not-present” sales, the merchant typically takes the loss. (And even if a bank does agree to assume responsibility for a disputed charge, the incident can return to haunt the seller later. Some merchant service providers — that is, the companies that process the transactions for the banks — assess fees against merchants with too many chargebacks or even threaten to terminate their services.) E-commerce merchants have recently gotten savvier about handling card-not-present transactions, according to the Merchant Risk Council (MRC), a Seattle-based retail-industry association that focuses on fraud prevention. Before 2005, fraud occurred five times more often online than it did in “card-present” sales, according to the MRC’s annual survey. But 2006 MRC research indicates that fraud now occurs at about the same rate online and in person. While that’s positive news, it certainly doesn’t mean that online merchants can relax their vigilance about potential credit-card rip-offs. The following technologies and best practices can go a long way toward keeping any e-commerce business safer from fraud: Use Address Verification Service (AVS). These systems run during the credit-card authorization process, matching the billing address provided for the sale against the billing address on file for that account . The method is useful, but far from foolproof: One industry study indicated that AVS technology identified up to 40 percent of transactions as problematic — many times the number of actual fraud cases. That can be frustrating for e-merchants, who sometimes have to turn the AVS off to enable legitimate transactions. Request Card Verification Codes. If you’ve ordered merchandise online or over the phone in past few years, you’ve probably had to provide not only your credit-card account number, but a short security code as well. If you’re not requesting the same information from your own customers, this is the time to start. Card Verification Codes appear only on the actual credit cards, not on statements, receipts or other documents. So when customers give you correct three- or four-digit verification codes, that means they’re probably holding the actual credit cards, not just stolen account numbers. Again, it’s not perfect protection. Providing the right code doesn’t, of course, guarantee that the person using the card is authorized to do so — only that the card itself is valid. But it’s still another layer of security that can thwart some fraudsters. Watch for red flags, especially in first-time orders. Among them: Billing and shipping addresses don’t match (although if the item is being sent as a gift, the shipping address may well be different). Mail goes to a post-office box rather than standard business or residence address. Customer can’t be reached by phone; number is missing or incorrect. E-mail goes to a free Web account rather than one connected with an Internet service provider. Order total is surprisingly large for your business. Order is being shipped overseas (when most of your business is domestic). Of course, none of those circumstances necessarily means that somebody’s trying to rip off your website. But if you find several of them associated with a single order, it’s probably a good idea to investigate further before accepting the charge and shipping off your merchandise. Anne Stuart, a former Inc. senior writer, is a Boston-based journalist who specializes in covering business and technology. For More Information: Authorize.Net Fraud Prevention Center, online security white papers; useful fraud FAQ and glossary. http://www.authorize.net/resources/fraudprevention “Five Tools You Can Use to Prevent Fraud,” article, About.com Retail Industry Guide. http://retailindustry.about.com/library/uc/02/uc_fraud1.htm “Preventing Credit-Card Chargeback: Anti-Fraud Strategies,” article, Taming the Beast e-commerce resource site. http://www.tamingthebeast.net/articles2/card-fraud-strategies.htm Fraud Prevention Techniques: Credit Card Fraud, by David Montague (Trafford Publishing, 2006)
Note: This is the first in a series of technology updates by former Inc. senior writer Anne Stuart. Future columns will explore topics such as “spam,” videoconferencing, cell phone messaging, and smart business use of online auctions. Slammer. Klez. Bugbear. Bubbleboy. Lirva. Those sound like names for characters in kids’ cartoons, but they’re neither funny nor harmless. They’re computer viruses. And they’re increasingly common. Over the past decade, virus-writers worldwide have created and released about 80,000 viruses, worms, Trojan horses and other “malware” programs, according to Graham Cluley, senior technology consultant for antivirus software vendor Sophos Inc. (www.sophos.com) And about 600 to 800 new variations crop up every month, although, typically, only a few cause widespread or serious headaches. What exactly is a virus? It’s tiny, malicious software program designed purely to disrupt or damage computers. What exactly do viruses do? Some simply display odd messages or images. Many — including the famous Melissa virus — perpetuate themselves by sending infected messages to everyone in a user’s e-mail address book. Others gobble memory or storage space, making systems sluggish. Some corrupt files — for instance, changing spreadsheets or chewing up text documents — or erase them entirely. Some alter Web pages. Some reformat hard drives, block user access, or cause systems to freeze. A few disable security measures or open secret “holes” into computer networks, providing hackers with easy access. Like their biological counterparts, computer viruses can spread fast, attack systems silently, and cause a great deal of pain. In January 2003, the SQL Slammer worm circled the globe in less than an hour, infecting 75,000 computers in 10 minutes. Slammer, which paralyzed computers running Microsoft SQL Server 2000, temporarily shut down South Korea’s telephone system, knocked out thousands of Bank of America automatic-teller machines, and slowed credit-card transactions worldwide. How much financial damage can viruses cause? It’s tough to find reliable numbers about the costs of virus attacks because some effects — for instance, decreased productivity and unrealized business opportunity — are tough to quantify. In addition, many companies simply won’t share information about security-related losses. Following are several ways you can prevent or minimize the impact of virus attacks in your business: Install antivirus software on every computer. That includes laptops and PCs in remote offices. Encourage employees to use antivirus programs at home as well, especially if they use their own computers to connect to your network. In addition, consider protecting e-mail gateways with software that automatically blocks all incoming messages carrying executable code — but keep in mind that those filters may also capture legitimate business communications with harmless attachments as well. Keep antivirus programs current. With new viruses popping up regularly, it’s critical to make sure you’ve got the latest protection. Most leading solutions can be set to periodically update themselves online; you can also do the job manually to respond to new threats. Launch a company-wide prevention campaign. State-of-the-art security measures won’t protect your company unless everyone uses them. A single employee can unintentionally infect the entire network by opening a booby-trapped e-mail attachment or installing contaminated software. Make sure everybody knows and follows these basic virus-prevention procedures: Always delete junk e-mail messages — ads, jokes, chain letters — without opening them. More than 85 % of viruses infect businesses via e-mail, according to the International Computer Security Association’s (www.icsa.net) annual Virus Prevalence Survey released in March 2003. Never open e-mail attachments from strangers. And even those from people you know should be scanned with software that might spot viruses forwarded unintentionally. Be selective about downloading and installing software. Know the source and scan the files before running any new program. Get knowledgeable about pranks and hoaxes. Phony virus alerts waste almost as much time as the real thing. When you get a forwarded e-mail message breathlessly proclaiming some new threat, check it out at Vmyths (www.vmyths.com) or on other virus information sites before responding. Regularly update Microsoft products. Many viruses attempt to exploit vulnerabilities in Windows, Outlook, Internet Explorer, and other products by the giant software empire. Microsoft’s security page (www.microsoft.com/security/) provides alerts, “patches,” and advice for both home and business users. Back up. Back up. Back up. At work, store files on both PC and network hard drives. At home and on the road, copy important files to CDs or floppies. Begin backing up entire systems nightly or weekly, perhaps storing an extra copy of critical information offsite. Look into Web-based storage services such as Connected Corp. (www.connected.com), Easyspace’s Easyarchive (www.easyspace.com/services/easyarchive.html), and Elephant Backup (www.elephantbackup.com). The computer-virus universe changes constantly, with, according to some estimates, about 20 new viruses surfacing every day. You can’t vaccinate your computers against all of them. But with vigilance and commonsense caution, you can strengthen your company’s electronic immune system, making it much more likely to survive an attack. Glossary Antivirus Program: Software that detects and removes viruses from computer hard drives. Such programs must be updated regularly to add profiles for the thousands of new viruses that appear every year; updating can often be handled quickly online. Trojan (or Trojan Horse): A malicious program in disguise, named for the giant wooden gift horse the Greeks used to conquer their Trojan enemies. Trojans appear benign, entertaining, or even useful, but actually conceal viruses that can harm systems. Backdoor.BO (also called Back Orifice) is among the best-known examples. Virus: A malicious software program used to deliberately infect a computer system. Typically, viruses are concealed in existing programs and activated when those programs are executed. Viruses often cause damage by replicating themselves, causing systems to crash, or by attacking or attaching themselves to other programs. Stealth viruses remain hidden or change themselves after executing so that they can’t be detected. Well-known viruses include Melissa and Bubbleboy. Worm: A type of virus that replicates itself and gobbles up computer memory but cannot attach itself to other programs. Well-known worms include Klez.H, LoveLetter (sometimes called “IloveYou”), Bugbear, and Lovgate. Further Reading The following books, all available from Amazon (www.amazon.com) and other booksellers, offer generally easy-to-understand information about computer viruses: Securing the Network from Malicious Code: A Complete Guide to Defending Against Viruses, Worms, and Trojans, by Douglas Schweitzer (John Wiley & Sons, 2002). Offers sound, practical, comprehensive advice from a security expert. Updates provided on a companion Web site. Malicious Mobile Code: Virus Protection for Windows, by Roger A. Grimes (O’Reilly & Associates, 2001). Focuses on defensive strategies. Viruses Revealed, by David Harley, Robert Slade, and Urs E. Gattiker (McGraw-Hill/ Osborne Media, 2001). Explains what viruses are, how they work, where they come from, how to prevent them, and how to deal with them. Includes case studies. Also available as a downloadable, searchable e-book. Resources The following Web sites provide comprehensive information about viruses, worms, and similar threats: About.com Antivirus Software Guide antivirus.about.com/index.htm?terms=computer+virus News, glossary, encyclopedia of hoaxes, links to vendors and other resources. CERT Coordination Center, Carnegie Mellon University www.cert.org/ A wealth of information on all aspects of computer security at work and at home. CNET Virus Alert Center www.cnet.com/software/0-7760531-8-6319437-1.html News on current threats, advice on PC protection, links to free resources, and antivirus software vendors. Computer Security Institute www.gocsi.com Major membership organization for technology-security professionals; Web site contains articles, reports, and links to additional resources about viruses and other security issues. International Computer Security Association (ICSA) Labs www.icsa.net Independent arm of security vendor TruSecure Corp. (www.trusecure.com) offers “vendor-agnostic” testing and research. Web site contains constantly updated virus alerts, white papers, studies, an annual Virus Prevalence Survey, and more. National Institutes of Standards and TechnologyComputer Security Resource Center Virus Page csrc.nist.gov/virus/ Information, links to other resources and antivirus software vendors. Sophos Inc. www.sophos.com/safecomputing Safe-computing advice for both network administrators and individual users. Virus Bulletin www.virusbtn.com Independent antivirus advice, news, profiles, and resources. Vmyths http://www.vmyths.com Supersite for information on virus myths and hoaxes. Vendors Following is a sampling of major antivirus software vendors whose offerings include products, services, and information targeted to small and growing companies: Command Software Systems Inc. www.commandsoftware.com Founded 1984; now part of Authentium Inc. Offers antivirus software for home users, large companies, and small businesses. Web site’s Virus Center includes news, alerts, a glossary, research, e-mail newsletters, and other information. Computer Associates International Inc. www.ca.com Founded 1976. Offers antivirus software for businesses. Web site’s Virus Information Center contains alerts, encyclopedia, and an extensive glossary. McAfee Security www.mcafee.com/ Founded 1989. Offers antivirus and security solutions for home users, large companies, and small and growing businesses. Network Associates Inc., McAfee’s parent company, provides free virus alerts, updates, update on hoaxes, and other information. Panda Software Inc. www.pandasoftware.com Founded 1990. Offers antivirus software for home users, large companies, and small and growing businesses. Web site includes Virus Information Center with virus encyclopedia (including “Top 5″ current threats), hoax updates, tips, and other resources. Sophos Inc. www.sophos.com Founded 1986. Offers antivirus software for companies of all sizes. Web site includes a rich collection of analyses, articles, updates on hoaxes, and alerts, including monthly “Top 10″ virus list. Symantec Corp. www.symantec.com Founded 1982. Offers firewalls, antivirus software, and other security solutions for home users, large companies, and small and growing businesses. Web site provides free virus alerts, library of virus information. Customers can download anti-virus updates from home page. Provides updates on hoaxes. Trend Micro Inc. www.trendmicro.com Founded 1988. Offers network antivirus software and other security products and services. Web site includes virus advisories, encyclopedia, prevention tips, and additional information. Also offers a free online cost-analysis calculator for determining potential financial impact of virus attacks. Send feedback, column ideas, and tech tips to annestuartinc@yahoo.com.
Note: This is the first in a series of technology updates by former Inc. senior writer Anne Stuart. Future columns will explore topics such as “spam,” videoconferencing, cell phone messaging, and smart business use of online auctions. Slammer. Klez. Bugbear. Bubbleboy. Lirva. Those sound like names for characters in kids’ cartoons, but they’re neither funny nor harmless. They’re computer viruses. And they’re increasingly common. Over the past decade, virus-writers worldwide have created and released about 80,000 viruses, worms, Trojan horses and other “malware” programs, according to Graham Cluley, senior technology consultant for antivirus software vendor Sophos Inc. (www.sophos.com) And about 600 to 800 new variations crop up every month, although, typically, only a few cause widespread or serious headaches. What exactly is a virus? It’s tiny, malicious software program designed purely to disrupt or damage computers. What exactly do viruses do? Some simply display odd messages or images. Many — including the famous Melissa virus — perpetuate themselves by sending infected messages to everyone in a user’s e-mail address book. Others gobble memory or storage space, making systems sluggish. Some corrupt files — for instance, changing spreadsheets or chewing up text documents — or erase them entirely. Some alter Web pages. Some reformat hard drives, block user access, or cause systems to freeze. A few disable security measures or open secret “holes” into computer networks, providing hackers with easy access. Like their biological counterparts, computer viruses can spread fast, attack systems silently, and cause a great deal of pain. In January 2003, the SQL Slammer worm circled the globe in less than an hour, infecting 75,000 computers in 10 minutes. Slammer, which paralyzed computers running Microsoft SQL Server 2000, temporarily shut down South Korea’s telephone system, knocked out thousands of Bank of America automatic-teller machines, and slowed credit-card transactions worldwide. How much financial damage can viruses cause? It’s tough to find reliable numbers about the costs of virus attacks because some effects — for instance, decreased productivity and unrealized business opportunity — are tough to quantify. In addition, many companies simply won’t share information about security-related losses. Following are several ways you can prevent or minimize the impact of virus attacks in your business: Install antivirus software on every computer. That includes laptops and PCs in remote offices. Encourage employees to use antivirus programs at home as well, especially if they use their own computers to connect to your network. In addition, consider protecting e-mail gateways with software that automatically blocks all incoming messages carrying executable code — but keep in mind that those filters may also capture legitimate business communications with harmless attachments as well. Keep antivirus programs current. With new viruses popping up regularly, it’s critical to make sure you’ve got the latest protection. Most leading solutions can be set to periodically update themselves online; you can also do the job manually to respond to new threats. Launch a company-wide prevention campaign. State-of-the-art security measures won’t protect your company unless everyone uses them. A single employee can unintentionally infect the entire network by opening a booby-trapped e-mail attachment or installing contaminated software. Make sure everybody knows and follows these basic virus-prevention procedures: Always delete junk e-mail messages — ads, jokes, chain letters — without opening them. More than 85 % of viruses infect businesses via e-mail, according to the International Computer Security Association’s (www.icsa.net) annual Virus Prevalence Survey released in March 2003. Never open e-mail attachments from strangers. And even those from people you know should be scanned with software that might spot viruses forwarded unintentionally. Be selective about downloading and installing software. Know the source and scan the files before running any new program. Get knowledgeable about pranks and hoaxes. Phony virus alerts waste almost as much time as the real thing. When you get a forwarded e-mail message breathlessly proclaiming some new threat, check it out at Vmyths (www.vmyths.com) or on other virus information sites before responding. Regularly update Microsoft products. Many viruses attempt to exploit vulnerabilities in Windows, Outlook, Internet Explorer, and other products by the giant software empire. Microsoft’s security page (www.microsoft.com/security/) provides alerts, “patches,” and advice for both home and business users. Back up. Back up. Back up. At work, store files on both PC and network hard drives. At home and on the road, copy important files to CDs or floppies. Begin backing up entire systems nightly or weekly, perhaps storing an extra copy of critical information offsite. Look into Web-based storage services such as Connected Corp. (www.connected.com), Easyspace’s Easyarchive (www.easyspace.com/services/easyarchive.html), and Elephant Backup (www.elephantbackup.com). The computer-virus universe changes constantly, with, according to some estimates, about 20 new viruses surfacing every day. You can’t vaccinate your computers against all of them. But with vigilance and commonsense caution, you can strengthen your company’s electronic immune system, making it much more likely to survive an attack. Glossary Antivirus Program: Software that detects and removes viruses from computer hard drives. Such programs must be updated regularly to add profiles for the thousands of new viruses that appear every year; updating can often be handled quickly online. Trojan (or Trojan Horse): A malicious program in disguise, named for the giant wooden gift horse the Greeks used to conquer their Trojan enemies. Trojans appear benign, entertaining, or even useful, but actually conceal viruses that can harm systems. Backdoor.BO (also called Back Orifice) is among the best-known examples. Virus: A malicious software program used to deliberately infect a computer system. Typically, viruses are concealed in existing programs and activated when those programs are executed. Viruses often cause damage by replicating themselves, causing systems to crash, or by attacking or attaching themselves to other programs. Stealth viruses remain hidden or change themselves after executing so that they can’t be detected. Well-known viruses include Melissa and Bubbleboy. Worm: A type of virus that replicates itself and gobbles up computer memory but cannot attach itself to other programs. Well-known worms include Klez.H, LoveLetter (sometimes called “IloveYou”), Bugbear, and Lovgate. Further Reading The following books, all available from Amazon (www.amazon.com) and other booksellers, offer generally easy-to-understand information about computer viruses: Securing the Network from Malicious Code: A Complete Guide to Defending Against Viruses, Worms, and Trojans, by Douglas Schweitzer (John Wiley & Sons, 2002). Offers sound, practical, comprehensive advice from a security expert. Updates provided on a companion Web site. Malicious Mobile Code: Virus Protection for Windows, by Roger A. Grimes (O’Reilly & Associates, 2001). Focuses on defensive strategies. Viruses Revealed, by David Harley, Robert Slade, and Urs E. Gattiker (McGraw-Hill/ Osborne Media, 2001). Explains what viruses are, how they work, where they come from, how to prevent them, and how to deal with them. Includes case studies. Also available as a downloadable, searchable e-book. Resources The following Web sites provide comprehensive information about viruses, worms, and similar threats: About.com Antivirus Software Guide antivirus.about.com/index.htm?terms=computer+virus News, glossary, encyclopedia of hoaxes, links to vendors and other resources. CERT Coordination Center, Carnegie Mellon University www.cert.org/ A wealth of information on all aspects of computer security at work and at home. CNET Virus Alert Center www.cnet.com/software/0-7760531-8-6319437-1.html News on current threats, advice on PC protection, links to free resources, and antivirus software vendors. Computer Security Institute www.gocsi.com Major membership organization for technology-security professionals; Web site contains articles, reports, and links to additional resources about viruses and other security issues. International Computer Security Association (ICSA) Labs www.icsa.net Independent arm of security vendor TruSecure Corp. (www.trusecure.com) offers “vendor-agnostic” testing and research. Web site contains constantly updated virus alerts, white papers, studies, an annual Virus Prevalence Survey, and more. National Institutes of Standards and TechnologyComputer Security Resource Center Virus Page csrc.nist.gov/virus/ Information, links to other resources and antivirus software vendors. Sophos Inc. www.sophos.com/safecomputing Safe-computing advice for both network administrators and individual users. Virus Bulletin www.virusbtn.com Independent antivirus advice, news, profiles, and resources. Vmyths http://www.vmyths.com Supersite for information on virus myths and hoaxes. Vendors Following is a sampling of major antivirus software vendors whose offerings include products, services, and information targeted to small and growing companies: Command Software Systems Inc. www.commandsoftware.com Founded 1984; now part of Authentium Inc. Offers antivirus software for home users, large companies, and small businesses. Web site’s Virus Center includes news, alerts, a glossary, research, e-mail newsletters, and other information. Computer Associates International Inc. www.ca.com Founded 1976. Offers antivirus software for businesses. Web site’s Virus Information Center contains alerts, encyclopedia, and an extensive glossary. McAfee Security www.mcafee.com/ Founded 1989. Offers antivirus and security solutions for home users, large companies, and small and growing businesses. Network Associates Inc., McAfee’s parent company, provides free virus alerts, updates, update on hoaxes, and other information. Panda Software Inc. www.pandasoftware.com Founded 1990. Offers antivirus software for home users, large companies, and small and growing businesses. Web site includes Virus Information Center with virus encyclopedia (including “Top 5″ current threats), hoax updates, tips, and other resources. Sophos Inc. www.sophos.com Founded 1986. Offers antivirus software for companies of all sizes. Web site includes a rich collection of analyses, articles, updates on hoaxes, and alerts, including monthly “Top 10″ virus list. Symantec Corp. www.symantec.com Founded 1982. Offers firewalls, antivirus software, and other security solutions for home users, large companies, and small and growing businesses. Web site provides free virus alerts, library of virus information. Customers can download anti-virus updates from home page. Provides updates on hoaxes. Trend Micro Inc. www.trendmicro.com Founded 1988. Offers network antivirus software and other security products and services. Web site includes virus advisories, encyclopedia, prevention tips, and additional information. Also offers a free online cost-analysis calculator for determining potential financial impact of virus attacks. Send feedback, column ideas, and tech tips to annestuartinc@yahoo.com.
Safeguarding your Web site — especially sensitive site areas such as shopping cart software — against hackers need not be an expensive and time-consuming affair. With a few basic precautions, you can make your Web site extremely difficult and unrewarding to hack. Your Web site is most susceptible to hacking through your shopping cart, so choose wisely. Here are three guidelines to help you choose the best one for your business: Shop around. Use newsgroups such as AOL.com’s Search Newsgroups and online reports such as About.com’s Web Store Software Selector to verify the products you want to purchase are safe to use. Avoid free software. Although it might seem an attractive option, downloading free shopping carts is extremely risky for three reasons: the source of the software is indeterminate; you can’t check the creator’s credentials; you have no one to hold responsible for hacking incidents. Buy smart. Several ready-to-use shopping carts on the market today, including EasyCart, Monstercart.com, and MerchandiZer, have been designed specifically for the small, online business owner. These are often available at little or no cost. But be aware: No software comes with a no-hacking guarantee. There’s always a chance that a hidden access password, or backdoor, might be lurking. In 90 percent of all hacking cases, the most vital data had been provided from within the organization. Here are three rules to follow religiously: Change the default password immediately. Whenever you purchase a ready-to-use shopping cart, your first step should be to change the default password that comes built into the software. Although this might seem an obvious precaution, it’s one many people overlook. Change your shopping cart password frequently and guard it zealously. Change passwords often. Frequently change passwords. Tell relevant passwords only to those who truly need to use them. Use passwords that include letters and numbers, and don’t use a password that’s easy to guess. Never write your passwords on sticky notes and paste them to your desk or monitor. Restrict access to passwords. Never allow more than one person the use of your server access password. For example, the person in charge of packaging doesn’t need to know your file upload password. If an outside agency designed your Web site, ask for all access passwords and change them immediately. If any changes need to be made on your site, you provide the password and control access to your server at all times. Many small, online business owners maintain their central work database and their Web server on the same computer. While this seems convenient — and necessary for storing such information as product descriptions, prices and images — any machine connected to the Web is dangerously vulnerable to attack. Here are two ways you can thwart would-be hackers: Delete sensitive data from the Web server. Sensitive customer data, such as addresses and credit card information, should never remain on the Web server itself. Even if the server is protected by a password, this data is only a few keystrokes from a talented hacker. Instead, devise an automated system to periodically copy any data stored on your Web server to a machine located on your premises and then delete the data on the Web server. After the data has been copied to your off-line system, restrict access to that system as well. Send sensitive data securely. Although the chances of a hacker intercepting data while it’s being transmitted are very low, you can protect your customer’s most sensitive information by providing a secure connection between your customer’s browser and your server. If you host your Web site on your own server, two companies, VeriSign and Thawte Consulting, offer this security using technology called Secure Sockets Layer (SSL). These companies provide a downloadable device called a digital certificate to verify to your customers that your company is a bona fide business. If you don’t host your own site, ask your Web host to provide a secure connection. Your host probably has a relationship with an SSL provider. It will cost you only a little more and it’s worth it; SSL protects your data from hacking and serves as reassurance to your customers. Regularly and consistently tracking activity on your Web site will help identify hack attacks. Here are three ways to do it: Monitor server access. Ask your network administrator to install a remote access mechanism that lets you shut down your server remotely as soon as you find evidence of suspicious activity. This will stop any hacking activity in its tracks. Your network administrator should be able to install a real-time alert, such as a beeper alarm or an automatic e-mail message, to inform you of any unauthorized attempts to access your Web server. Monitor site traffic. Changes in site traffic patterns sometimes indicate a hacker at work. A noticeable dip in traffic could mean something’s wrong with your Web site and would require immediate attention. Be sure to monitor site traffic on a regular basis. Run extensive sitewide checks if you notice any inexplicable changes. Run “preflight” checks. Make it a point for you or one of your employees to check the functionality of the entire site, especially the shopping cart area, every day. Here’s a checklist: Check whether the site is accessible on the Web. Check whether the home page displays the correct data. Perform random price checks within the Web site. Check the help function to see whether any data has been altered. Click links in the site to make sure they link to the right pages. Test the results of your search functions. Add random products to your shopping cart and proceed to checkout. What if you still fall victim to a hacker’s attack? Develop an action plan to minimize further damage to your system and to avoid inadvertent destruction of evidence. Your plan should include: Clear delegation of tasks to specific employees in the case of a security breach. A contact list of your Internet service provider (ISP) and/or Web host, Web site designer, network administrators or any Web security contractors you might want to use to recover from an attack. A contact list of local and national authorities to inform of the incident, including the FBI’s 24-hour service for immediate guidance after the attack. Periodic tests of your emergency procedures. And remember: Firewalls and fancy measures notwithstanding, the big break for a hacker will most likely be one little, vulnerable password. Copyright © 1995-2000 Pinnacle WebWorkz Inc. All rights reserved. Do notduplicate or redistribute in any form.
Traffic – - it’s what every site wants. Traffic equals eyeballs, and advertisers and partners will pay for exposure to those eyeballs. But how do sites build traffic when there are so many sites out there soaking up that eyeball time? One potential answer is signing up online partners. And one of the best strategies we’ve seen thus far is coming from About.com Inc. About.com already has hundreds of core sites built by its Web masters, who make money according to how much traffic their sites pull in. Through its Luna Network strategy, About.com is also signing up independent sites in a number of areas and aggregating traffic to sell to advertisers. About.com makes money. The partners make money. And the traffic just keeps rolling in. About.com CEO Scott Kurnit explains how Luna works for his company. Maybe a similar strategy can work for yours. Finding the Best Affiliates The idea of signing up affiliate sites is nothing new. For years both large and small sites have been pulling together complementary site partners, whether they identify themselves as a “network” like About.com or ChickClick, or just carry a link exchange. Affiliate sites can pull more traffic to their partners, resulting in an improved bottom line for all the partners. About.com calls its affiliate program the Luna Network, and it’s essential to About.com’s growth. But sites can’t just sign up any affiliate. A bad affiliate may bring you traffic, but it may also bring down your whole network. As soon as customers have a bad experience with a site on your network, they’re likely to discard your URL. That’s why About.com relies on its own Web masters to find good affiliates. “Our guides are telling us the best five or ten sites in their particular area. We then cut a business development deal with those sites. These are small-to-medium high-quality sites,” Kurnit says. About.com also allows potential partners to apply for Luna membership. But it relies primarily on its Web masters, who are looking for sites that complement About.com and know what’s out there. Next Step: Making the Deal When About.com finds the right site, it sets about cutting a deal. About.com surrounds one of its own core sites with four or five Luna sites. “We go to the Luna sites and say, ‘You own your site. We want you to throw us traffic for which we will pay you. While we’ re at it, we’ ll sell your ads because we sell targeted ads very well, better than you’ re going to find from any of the conventional ad networks, and we will pay you for that inventory. We’ ll do business development for you. We will find new opportunities for you that you’ ll want to put on your site. We’ ll list you on our specific guide sites so that you get traffic from us, and we’ ll do that for free.” The affiliate site then has time to concentrate on its core business – - creating a wonderful site. “We get an exponentially growing service with our multitude of deep partnerships,” Kurnit says. “We get traffic efficiently thrown to our core property. We develop relationships with sites that we may at some point choose to purchase. At its foundation, Luna is using the core of what the Internet is, working with others and sharing opportunity with others to grow a much bigger business.” Can an affiliate network help your business grow? It’s possible if you find the right affiliates and give them a good enough deal to keep them close. And best of all, it doesn’t involve many out-of-pocket costs. About.com’s Luna Network strategy may work for your company if building traffic is the name of your game – - why not give the idea a spin? Copyright © 2000 Strategy Week
Traffic – - it’s what every site wants. Traffic equals eyeballs, and advertisers and partners will pay for exposure to those eyeballs. But how do sites build traffic when there are so many sites out there soaking up that eyeball time? One potential answer is signing up online partners. And one of the best strategies we’ve seen thus far is coming from About.com Inc. About.com already has hundreds of core sites built by its Web masters, who make money according to how much traffic their sites pull in. Through its Luna Network strategy, About.com is also signing up independent sites in a number of areas and aggregating traffic to sell to advertisers. About.com makes money. The partners make money. And the traffic just keeps rolling in. About.com CEO Scott Kurnit explains how Luna works for his company. Maybe a similar strategy can work for yours. Finding the Best Affiliates The idea of signing up affiliate sites is nothing new. For years both large and small sites have been pulling together complementary site partners, whether they identify themselves as a “network” like About.com or ChickClick, or just carry a link exchange. Affiliate sites can pull more traffic to their partners, resulting in an improved bottom line for all the partners. About.com calls its affiliate program the Luna Network, and it’s essential to About.com’s growth. But sites can’t just sign up any affiliate. A bad affiliate may bring you traffic, but it may also bring down your whole network. As soon as customers have a bad experience with a site on your network, they’re likely to discard your URL. That’s why About.com relies on its own Web masters to find good affiliates. “Our guides are telling us the best five or ten sites in their particular area. We then cut a business development deal with those sites. These are small-to-medium high-quality sites,” Kurnit says. About.com also allows potential partners to apply for Luna membership. But it relies primarily on its Web masters, who are looking for sites that complement About.com and know what’s out there. Next Step: Making the Deal When About.com finds the right site, it sets about cutting a deal. About.com surrounds one of its own core sites with four or five Luna sites. “We go to the Luna sites and say, ‘You own your site. We want you to throw us traffic for which we will pay you. While we’ re at it, we’ ll sell your ads because we sell targeted ads very well, better than you’ re going to find from any of the conventional ad networks, and we will pay you for that inventory. We’ ll do business development for you. We will find new opportunities for you that you’ ll want to put on your site. We’ ll list you on our specific guide sites so that you get traffic from us, and we’ ll do that for free.” The affiliate site then has time to concentrate on its core business – - creating a wonderful site. “We get an exponentially growing service with our multitude of deep partnerships,” Kurnit says. “We get traffic efficiently thrown to our core property. We develop relationships with sites that we may at some point choose to purchase. At its foundation, Luna is using the core of what the Internet is, working with others and sharing opportunity with others to grow a much bigger business.” Can an affiliate network help your business grow? It’s possible if you find the right affiliates and give them a good enough deal to keep them close. And best of all, it doesn’t involve many out-of-pocket costs. About.com’s Luna Network strategy may work for your company if building traffic is the name of your game – - why not give the idea a spin? Copyright © 2000 Strategy Week
Content is the primary reason that people visit your site. You’re writing content to attract and keep visitors on your site (a concept known as “stickiness”), to get them to return again and again, and to sell your products. Your content can generate page views; the more page views your site serves up (and the more traffic it generates), the more money you can charge advertisers to place banner ads on your site. Attract Visitors to Your Site Think back to the motivating factors that led you to create your Web site. Most likely, you created your Web site to let your current and prospective customers know about your products and your expertise. A site can also be a handy reference tool for people who may wish to invest in, or work for, your company. That’s why it’s important for you not only to have a visually attractive presentation, but also to make sure that your content is current, accurate, and well written. That means that your site mustn’t refer to products you don’t sell anymore or jobs with your company that have been filled, and it mustn’t have embarrassing typographical errors or erroneous information. Before you post, double-check everything. Is the price on that part current? Is it in stock? Is the serial number correct? Web visitors can feel neglected when you don’t take the time to polish your Web content. Keep Visitors on Your Site A term currently in vogue in the online world is “stickiness,” meaning the ability of a Web site to attract repeat visitors and to keep visitors on the site for as long as possible. Most commonly, stickiness refers to sites that keep visitors for a reasonable length of time. The stickiest sites provide more than just information; they provide a community environment, where people can shop, chat, and entertain or educate themselves. In his About.com article ” Sticky Web Sites,” Jason Zien points to several things you can do to make your site sticky. Here are a few examples: Provide online discussion forums in which customers can talk about their experiences with your products. Enable your site to create customizable Web pages for each visitor, based on his or her preferences or interests. Include tutorials that show people how to use your products and provide a way for them to ask questions specific to each lesson. Lead online chats in which you talk to customers in real time. Provide streaming audio or video files on your site, case histories told by satisfied customers, maybe even a virtual tour of your plant or office. Give Visitors a Reason to Return to Your Site If your site’s visitors or customers perceive that they’ve obtained all the answers they will need on their first visit to your site, they won’t have a compelling reason to come back. Think of a parallel to the offline world — if no one came back a second time to a store, that establishment would soon go out of business. Keep your content fresh. The best way to keep visitors coming back is to give them a sense of anticipation that the content and offerings will change. Adding some new products next month? Put a “Coming soon” banner or hot products section on your site. Post product updates and refresh company news on an ongoing basis. You could add news and interesting articles to pique your visitors’ interest. Place new features in a prominent place, so your format clearly indicates that your site is designed to add new items regularly. Each time you make a noticeable change to your Web site, you may want to add a “New” graphic to draw attention to new features and advertise that your site is regularly updated. Create a sense of community. Visit cWWorkz’s checklist to find a way to create a sense of community through Web-based, e-mail-based, and chat forums. Develop an e-mail list that your customers can voluntarily sign up for on your site. Send them e-mail to let them know about new features on your site, and then put a link in that e-mail message to the new pages on your site that you’d like them to visit. Create interesting events. Other techniques for bringing visitors back include running contests, games, or sweepstakes; giving away products; creating interesting content such as product comparisons; launching a new site or redesigning all or part of an existing one; making announcements about your company; planning offline events such as speeches, conferences, and seminars; and featuring season-specific content. The type of site and audience you have will determine which ideas will work for you. Sell Your Products E-commerce sites that provide a clear pathway between product information and a way for customers to buy are more successful. Make it easy for your customers to buy the products you’re writing about by putting a “Buy now” or “Buy here” link on each of your product information pages. This approach means your customers won’t have to spend time finding out where and how to buy your products. Web shoppers quickly leave a site that fails to make it easy for them to find what they’re looking for. Since your customers presumably visit the product information pages because they are interested in your company’s product(s), they are likely to buy, so make it easy for them to do so. This is part of good customer service, which also includes providing detailed product information to help customers make informed purchasing decisions. Copyright © 1995-2000 Pinnacle WebWorkz Inc. All rightsreserved. Do not duplicate or redistribute in any form.
