Posts

Business Trade Shows Part I: Before the Event

Image
​ Going to a tradeshow for the first time? Don't make the mistake of viewing this as a 1-2 day discreet marketing event. Instead, view your exhibit at a tradeshow as the central feature of a much longer and holistic marketing plan that builds to the event, and then culminates in the successful post­show follow up that signs on new customers. In the next few posts, we are going to break down the tradeshow marketing plan into three bite size pieces. Today, the pre-show build up. The goal of your pre­show marketing is to attract visitors to your booth at the show. You want them to know about all about you before they take that first walk around the exhibit hall. Take advantage of all the marketing opportunities that the show planner offers. This may include access to an attendees list. If so, use this to send out a few introductory emails prior to the show including your booth number. Send one the day of the show reminding the reader where you are.Sponsorships are also an opportunity, i…

Is Your Website Mobile Optimized?

Image
Smaller firms often struggle just to keep up with maintaining a website. Worrying about a scaled­ down version for mobile users seems like just too much trouble. Today's blog is all about why this matters to you and why should you bother with a mobile version. A bit of background: Mobile sites are versions of your website that can be easily read and used on a small mobile screen. What is readable on a laptop of desktop monitor can be too tiny to use on a small screen. Also, the buttons and fields on your forms become impossible to use. Why does this matter? Three reasons Showing up in search rankings. If you want to be found in a search and appear high in the ranking, you need to have a "mobile optimized" site. Google has now included the failure to have a mobile optimized site as a specific reason to lower a website in its search rankings. If you don't have a mobile optimized site, you slip lower in the ranking. Slip lower in the rankings and fewer people ever find you…

Password Basics That Are Still Ignored

Image
You can have all the locks on your data center and have all the network security available, but nothing will keep your data safe if your employees are sloppy with passwords. There are many ways data can be breached, and opening some link they shouldn't is one of the most serious security sins employees can commit, but today we’ll just talk about passwords. Here are some basic practices that you should require your employees to follow. These are basic tips. System administrators should implement other policies, such as those that forbid using passwords previously used and locking accounts after a few failed attempts to login. But just for you as a manager, here are a few tips. Change Passwords - Most security experts recommend that companies change out all passwords every 30 to 90 days.Password Requirements - Should include a of mix upper and lowercase, number, and a symbol.Teach employees NOT to use standard dictionary words (any language), or personal data that can be known, or coul…

You're Fired! Now Give Me Your Password

Image
"You're FIRED!" ( now give me your password)Losing an employee is not usually a good experience. If they leave voluntarily, you lose a valuable asset. If they have to be fired, you have the arduous task of the progressive discipline process and the final termination meeting. But there are other concerns that arise when an employee leaves. Those concerns are security and their access to company data. Here are some considerations regarding passwords and voluntary termination (A.K.A. resigned) or involuntary termination (A.K.A. fired.) It is important you have a process in place so that whenever a termination occurs, nothing slips through the cracks regarding corporate data security. When you dismiss an employee, you should immediately change out all passwords for anything the employee had access to. Because almost all terminations should be planned, you should also define the process for canceling access. It is unwise to cancel prior to the termination meeting. If you do tha…

IT Defense in Depth Part II

Image
Defense in Depth Part IIIn our last blog we started talking about the different layers of security necessary to fully defend your data and business integrity. Today we will look at the human aspect of it, and network defenses. The human layer refers to the activities that your employees perform. 95% of security incidences involve human error. Ashley Schwartau of The Security Awareness Company says the two biggest mistakes a company can make are "assuming their employees know internal security policies: and "assuming their employees care enough to follow policy". Here are some ways Hackers exploit human foibles: Guessing or brute-force solving passwordsTricking employees to open compromised emails or visit compromised websitesTricking employees to divulge sensitive information For the human layer, you need to:Enforce mandatory password changes every 30 to 60 days, or after you lose an employeeTrain your employees on best practices every 6 monthsProvide incentives for securi…

IT Defense In Depth Part I

Image
In the 1930s, France built a trench network called the Maginot Line to rebuff any invasion. The philosophy was simple: if you map out all the places an enemy can attack, and lay down a lot of men and fortifications at those places, you can rebuff any attack. The problem is, you can't map every possible avenue for attack. What does this have to do with IT security? Today many business owners install an antivirus program as their Maginot Line and call it a day. However there are many ways to get into a network that circumvent antivirus software. Hackers are creating viruses faster than antivirus programs can recognise them (about 100,000 new virus types are released daily), and professional cybercriminals will often test their creations against all commercially available platforms before releasing them onto the net. Even if you had a perfect anti­virus program that could detect and stop every single threat, there are many attacks that circumvent anti­virus programs entirely. For exampl…

Data Security: A People Problem

Image
Phishing Scams – A People ProblemThere are some things that only people can fix. There are many security risks to which your data is susceptible, but there is one method that remains a wonderfully effective hacking tool. That is the phishing scam. This is a legitimate looking email that asks the reader to click on a link. If clicked, the link can infect the user’s computer with malicious software that can steal passwords, logins, and other critical data. Alternatively, the email appears to be from a legitimate source, perhaps even duplicating a legitimate webpage. The distinction is that the phishing email asks the user to enter personal information, including passcodes. In either case, that is how hackers easily get into your systems. What's the best defense against this one? The single biggest defense is education. Training your people to be constantly wary of all the emails they receive. One way some firms are educating their people is by sending out their own "fake" p…