CONTENTS
Home Page
Articles of interest to small business
Small business books for sale
Glossary of small business terms
Business to business services
Tax hints and advice
Doing business with the U.S. Government
Small business information for each U.S. State
Small business FAQ's
Checklists
Book Reviews
Stock Quotes
Small business related newsgroups
Links: Small Biz/Favorites/Searching
Advertising information for this site
Website design services
Who we are
How to contact us

Newsletter Archive

We hope you find this arcthve useful. A subscription to The Small Business Advisor Newsletter is free. Subscribe now - it's easy!

The Small Business Advisor Newsletter for September, 2004

========================
CONTENTS
Notes, tips, etc
Technology Corner
Get your Company in the News
Don’t forget the U.S. Post Office!
Defenses In Depth and Your Small Business

========================
NOTES/TIPS/etc
---------------
Don't forget SCORE as a major source of small business information and free counseling. http://www.score.org.
---------------
SELL MORE WITH A WELL-CRAFTED RETURN POLICY. Many potential customers make their final buying decision based on the return policy. Simpler is best - "Our return policy is unconditional - if you don't like it, return it." Things like "restocking charges" are a major turn-off for customers. Don't do it. If your store is online the return policy is even more critical because online buyers can easily search for the vendor with the best policy.
---------------

========================
TECHNOLOGY CORNER
by Greg Welsh

Recent press accounts are connecting the dots between computing attacks and organized crime. Got a virus? A worm? Has someone been phishing on your web site or in your email? Chances are it’s not just a happy-go-lucky teenager in Milwaukee, but a hacker with links to organized crime. And don’t just think of it as the New York mob; it’s as global as the internet.

Read the entire article at: http://www.isquare.com/technology16.cfm

========================
6 Overlooked Ways To Get Your Company’s Name In The News
by Sandra Beckwith

It’s easier than most business owners think to get their names in the news regularly.

The trick is to stop waiting for the press to discover you. Instead, start telling them what you’re doing that’s newsworthy. It will help you generate the media exposure that gives companies credibility and increased awareness.

Here are some tips for becoming more newsworthy:

1. Contact the press immediately when you can offer a local angle on a national news story. News outlets love to localize a national story. Fax your one-page narrative biography (not a resume) and a cover letter explaining your position on the breaking news to the appropriate media contact (for example, TV news assignment editors) or copy the information and paste it into an e-mail message.

2. Add the media to your e-newsletter distribution list. The same useful advice or information you offer in your electronic newsletter could be of interest to reporters covering that topic. Include both local and national media outlets read, watched or listened to by your target audience.

3. Capitalize on holidays and special weeks or months by distributing a press release with useful, newsworthy information related to the topic. For example, a cardiologist interested in attracting female patients can distribute a release with the warning signs of heart disease in women during National Heart Month in February. A financial planner can offer advice in a release distributed to commemorate January as Financial Wellness Month.

4. Conduct a newsworthy and relevant survey and announce the interesting results in a press release. A restaurant might survey the general public about whether they plan to dine out more or less this year; a health club might do a survey on the top reasons why people hate to exercise. The survey results have news value.

5. Partner with the public relations department of your industry’s trade association by offering to make yourself available for media interviews. Association public relations people are often contacted by writers looking for members with a particular expertise to interview. Make sure your association knows about you, what makes your business interesting, and the topics you can comment on, and you’ll get referral calls.

6. Sponsor an attention-getting contest. A hardware store can sponsor a “Most Innovative Use of a Tool” competition while a bridal salon can initiate a “Worst Wedding Horror Story” contest. Send out a press release that announces the contest and solicits entries, send another release to announce the event at which you’ll name and honor the winner, and send a third release announcing the winner. Invite the press to the announcement event, too.

Use ideas like these to help you put together a year-long publicity plan that will get your business the media exposure it deserves.

Sandra Beckwith is the author of Streetwise Complete Publicity Plans (www.sandrabeckwith.com/streetwisepublicity.htm).

========================
Don’t Forget the U. S. Post Office for Shipping Options!

Don't forget the United States Postal Service when providing options for shipping. They have some great new options for small business customers;

ClickNShip and PC Postage (are just two). With ClickNShip customers can print a label with Priority or Express Mail postage from their home or office computer - no special equipment required and their carrier can pick it up. Delivery confirmation is free when you print an electronic label (savings of 45 cent). PC Postage options eliminate the need for a meter. You can print postage labels for all classes of mail - First Class, Standard, Priority, Express or media mail (special low rate for shipping CDs, tapes, Videos). Priority supplies are free. Check it out at www.usps.com.

Some new options also include a prepaid priority flat rate envelope - Flat rate of $3.85 regardless of weight or zone. In the near future, a Flat Rate Priority Mail Box, 2 shapes will be available. The Postal Service imposes no extra charges such as Fuel Surcharges - Residential Surcharges or Address change (just to mention a few).

If you would like additional information or USPS product information sent to you contact Patricia Stewart, USPS Small Business Specialist at patricia.a.stewart@usps.gov or at 205 510 0729. You can also request a free cost comparison projected over a year. Neat service.

========================
Defenses In Depth and Your Small Business
by George Sluz, Symantec

Even the smallest of businesses are not immune to Internet threats. Just a single security breach could bring your business operations to a halt, decreasing productivity, and potentially compromising data integrity, customer confidence, and revenue flow. And today s threats can come from anywhere wired or wireless networks, internally or externally. Gone are the good old days when identifying the network perimeter was easy, and securing it was just as straightforward applying some simple security devices would do the trick. The introduction of new technologies, along with the increasing sophistication of Internet threats, calls for a defense in depth solution.

The downside of new technology Along with increasing reliance on the Internet and email, today s small businesses are also embracing wireless mobility, instant messaging, and business-to-business applications. This makes good business sense these technologies can dramatically enhance business operations but at the same time you also need to be aware they are accompanied by a certain element of risk. Every new technology or device presents a new entry into your infrastructure, and could also be taken advantage of by an attacker and used as a conduit for attack if steps are not taken to secure the technology as it is introduced.

Complex Internet threats

Today s malicious code employs multiple methods to discover and exploit network vulnerabilities, and then are able to self-replicate and self-propagate and it can happen unbeknownst to the computer user. Threats like CodeRed and Nimda took the worst characteristics of viruses, worms, and Trojan horses, and combined them with server and Internet vulnerabilities in order to initiate, transmit, and spread. These types of threats are designed to exploit the vulnerabilities of security technologies working independently from one another, and that is why defense in depth is so crucial to protection of today s business. Speed of distribution of Internet threats has gone from weeks to days, days to hours. And with wireless connectivity, there is the potential for threats to spread in minutes, or even seconds.

Defense in depth components "Defense-in-depth" means exactly what you might think: creating multiple layers of protection around your computers and valuable data. Multiple layers of security help keep the compromise of one level from causing a general compromise of the entire network. This layered defense is necessitated by the advent of blended threats and the blurred network perimeter.

No business can afford to put itself at risk. To stay secured in today s highly connected world, you need to employ defense in depth. Let s look at some important elements of defense in depth:

Antivirus software provides protection from files that come into the network via email, Internet downloads, floppy disks, etc. Antivirus software should automatically check for newly discovered threats, periodically scan systems for those threats, and also watch in real time while new files are downloaded from the Internet or detached from email messages to make sure nothing unsafe gets through. Antivirus software should not only protect your workstations and servers, but also your firewalls and important applications like Web and email servers so that you can stop many problems where they before they can spread.

Firewalls provide an important line of defense in protecting your network and all of its data by screening the information entering and leaving a network to help ensure that no unauthorized access occurs. Firewalls also help protect your computer against DoS attack, and also against unwittingly participating in one. Intrusion Detection software constantly monitors the network for suspicious activity or head-on attacks, alerting you or your IT staff so you can take immediate action. Intrusion detection is especially useful when coupled with a firewall. Virtual Private Networks (VPNs) are vital if you or your employees are connecting to the office network remotely. VPNs secure remote connections beyond the perimeter, allowing for safe communication across the Internet.

Disk Imaging

Even with the right mix of security safeguards, some extremely determined or imaginative hackers or tools may work their way around your defenses and into some of your systems. Sometimes it's hard to be certain of the extent of the compromise, and it might be more prudent to go back, and start from a safe point. A disk imaging solution can back up, and restore data to a previous and trusted state, so you can be confident in the integrity of the data.

More you can do Outside of security technology, there are other things you can do to bolster your small business defense in depth:

Stay up to date on patching Be vigilant about checking for software updates to take advantage of security fixes and patches for holes that might leave you vulnerable to attack. Create a security policy Outline your information assets, and all access rights to that information. Remote access rules should be outlined here also. Security awareness training - Educate employees so they know their role in maintaining the security of your business. Restrict and control network access If you have any temporary or contract workers who need access to your network, be sure to give them only the access necessary to perform their job and don t forget to revoke their access entirely once their job is done. Enforce password management Ensure that users change passwords regularly, and are careful to not post their user names and passwords out in the open.

Today s threats are becoming more prevalent and more advanced in both their methods of spreading and the damage they cause. The threats complexity in both attack and propagation, paralleled by the growing complexity of the small business network, mean that single security measures are no longer adequate. You must implement security measures on all vulnerable points on your system, including your servers and desktops, and establish a multi-layered, comprehensive line of defense, or defense in depth.

George Sluz is group product manager for the Symantec Gateway Security Series at Symantec Corporation. (www.symantec.com)

Return to top of page - Back to Home Page - Back to Archive Index