How to Prevent a Hack Attack

In my last post, I shared the account of my recent email and Facebook hack attack. Now, it’s time to get to the nitty gritty—the relevant details that might help you and me prevent future digital identity theft and account invasions.

The most common question I’ve gotten since the hack attack is “how did this happen?.”  That one simple inquiry has a hundred potential answers.  The reality is I will likely never know how this happened to me with any certainty, especially since my online activity is extensive, my travels have taken me far and wide, and I’ve been lax on security issues for some time.

Of course, everyone who’s asked how this happened is ultimately looking for real answers about how to avoid it ever happening to them.  Though I can’t pinpoint the answer, I can share with you some possible, plausible scenarios that carry very useful lessons for all of us.

Change your passwords regularly. Dare I admit that I hadn’t changed my password in—um, well, er, uh—YEARS?!?  It’s so “Online Security 101.”   I’ve traveled internationally, logged onto countless wireless connections—even unsecured free Wi-Fi, been on public and borrowed computers, you name it.  Yet I never changed my password in all those years.

(Hey—don’t judge; you know you hadn’t changed yours for years either until you saw all my post-hacking status updates imploring you to change your password!  Just sayin’.)

Use difficult passwords with no reference to anything logical or personal. Though the email password I had in place for years wasn’t woefully obvious, it was ultimately quite crackable, as it incorporated some words relating to things about my life.  A tour around my Facebook profile (before I changed my privacy settings) could have revealed a series of testable guess-phrases.  With advanced ‘dictionary attack’ methods, hackers can input potential elements of passwords and autogenerate thousands of combinations until the right one strikes.

The rule of thumb:  Use a nonsensical combination of letters, numbers and special characters (if the system allows), including random use of capital letters in the mix. Go at least 9 characters long for maximum security.  Studies have proven longer passwords exponentially decrease the likelihood of deciphering.

Since I’ve purveyed this tidbit post-hack, I’ve had so many friends respond with lamentations about not wanting to create something “too hard to remember.”  To those friends I say, nothing motivates one to lock and load a crazy-hard password into the memory bank than living through the upheaval of a hack attack.

Vary your password usage. If you’re using the same password on all your major accounts—email, Facebook, Twitter, LinkedIn, etc.—you’re making it really easy for hackers to trounce all over your online identity.  Over the years, I’ve relied on a pretty steady collection of emails, intermingling the same few amidst my various accounts.

Variations on a theme are not safe enough.  After the hack attack, I went into all my online accounts and changed every password to something totally disjointed, individual and difficult.  There’s now no theme or thread of similarity to any of my passwords.

Be VERY careful about what you ‘click.’ I fancy myself cautious about click throughs.  Those inspirational PowerPoints and video clips that you got from your friend who got it from her cousin who got it from her husband’s former boss’ secretary?  I don’t open them.  That flashy ad with the bug-eyed cartoon on the sidebar of that blog I visited last month and that “guess how many jelly beans” brain teaser that loads when I refresh my free email account?  I resist clicking every time.

Still, I do click things on occasion, including some videos through Facebook or links to articles from people I don’t know on Twitter.  Though I usually use a Mac which is less susceptible to spyware, viruses and the like, I have clicked through on my unprotected little, Windows-running Netbook.  One bad click could’ve led to hackers tracking my password inputs with ease.

PC users are more likely to succumb to viruses, spyware and malware.  Proper scanning programs are musts for anyone who regularly searches the Internet.

Don’t be phishable. Phishing is the illegal process of obtaining sensitive information (logins, passwords, account numbers) through electronic communications presented as trustworthy.  Rack my brain as I might, I can’t recall ever falling for the bait of a phisher.  I have identified and deleted probably hundreds of phishing emails over the years, and if I ever fell victim to such a scam, the phishers were so effective I still have no knowledge of the scam.

The moral of this point is fundamental.  Don’t divulge  your details outside the confines of a known, fully identified entity with built-in security and privacy settings that provide the utmost assurance of trustworthiness.  Stay vigilant lest you fall for a scam hook, line and sinker.

Rely on a trustworthy email service provider. My email is hosted entirely in the clouds through Yahoo!.  While all emails that are sent and received must travel to and through ‘the clouds’ at some point, I could find an alternative service that hosts more securely, with layers of additional protection, firewalls and such.  There’s no denying that services such as Hotmail, Yahoo! and Gmail are just more vulnerable to hackers.  Long term, I will be finding more secure solutions for my email hosting needs.

For anyone who’s dismissed my saga as one that was bound to happen because of my extreme online activity and visibility, I implore you to think otherwise.  Sure, it could well be that the hackers pinpointed me based on what was abundantly findable through my digital breadcrumb trail.  Yet, as the above points make plain, there are any number of ways any of us could be hacked regardless of the amount or frequency of online activity.

Also, being visible doesn’t have to equate with being vulnerable.  By heeding the aforementioned key points (as well as more to come in my next blog post), I can maintain my online profile and still protect myself.

Have you survived a hack attack?  Please share your stories with other Small Biz Big Time readers.  Post your two cents’ worth over on the Facebook group.

My next post will feature some eye-opening information and wonderfully practical tips from Identity Theft Expert and Speaker John Sileo.  It’s seriously good stuff, so stay tuned…

Thanks for reading!

Advertisements
Posted in Big Biz Tip, Biz Communications Tips, Identity Protection, Tech tips, Technology | Tagged , , , , , , , , , , , | 3 Comments

Your Business: Who’s Driving?

Show of hands:   Who finds this quote highly relevant…and slightly convicting?  I had to put my hand down to continue typing this blog post, but suffice to say this thought by Ben Franklin hits the mark with me today.

My business—and probably yours, too—is all about client (or customer) service.  Daily, we strive to balance being responsive to clients and honing our business models to position for growth and profitability.  At what point does responsiveness become submissiveness?  At what point do we acquiesce the driver’s seat of our own businesses?  For anyone who’s  accommodating by nature (I just raised my hand again), the balancing act is a constant challenge.

Recently, my friend Billy Smith shared a story of leadership that is a real-life example of “Drive thy business” that really inspired me.   Read and learn from this wisdom…

As  former owner of one of the largest and most profitable salons in the Southeast, Billy knows lots about leading people and relating to customers.  Once, the husband of a frequent salon customer purchased a $500 gift card to give to his wife on their anniversary, which was a few weeks away.  Before the husband had a chance to present the gift, his wife became ill with a rare condition that led her to have a severe reaction to being touched.  Massages, pedicures, facials—so many of the services the gift card would be good for could no longer be of benefit to the wife.

When the husband sought a refund for the gift card, every staff member he interfaced with quoted him the strict company policy:  no refunds or exchanges on gift card purchases, period.  As the husband worked his way up the totem pole of the salon, he became increasingly incensed that his request was declined.  Eventually, his complaints reached Billy, and by then, he was livid.

Billy, aware of the entire scenario, made the difficult phone call to the customer.  He began his conversation with a clear, concise statement—that kept him in the driver’s seat of his business from the get-go.  “Mike, before we begin this conversation, you need to know two things.  First, the thing you’re asking for is the one thing I can not do.  Secondly, before this conversation is done, we will reach a resolution that leaves you 100% satisfied yet does not compromise our policy.”

Billy then began an open discourse with the husband, and ultimately, they agreed on a way for that $500 gift card to be put to good use.  Billy and his team offered to open the spa to the couple after business hours, and they provided a special meal, a massage for the husband and non-invasive services for the wife (a carefully given manicure, etc.).  They even surprised the couple with a personalized dessert and gift items from the salon.  By the end of the evening, the husband and wife were in tears thanking Billy and his staff for such a wonderful experience.

By remaining in the driver’s seat, Billy never broke his own policy yet converted an infuriated, frustrated customer into a weeping, grateful friend of the business.

There’s so much to learn from that story.

– Don’t cave to avoid conflict.

– Manage interactions from the start.

– Clearly state—and respect—your own policies.

– Exceed expectations.

– Drive thy business.

We don’t have to appease to please our customers.  What a great lesson!  What’ve you learned behind the wheel of your business?  What drives you to succeed?  Please—share your thoughts over on the Facebook group page.  We’d LOVE to hear from you!

Thanks for reading…always!

Posted in Biz Communications Tips, Business Ethics, Business Operations, Crisis Management, General Small Biz Buzz | Tagged , , , , , , | Leave a comment

5 Ways Small Biz Can Use Technology to Save Money (from Stamps.com)

Hello all!

Stamps.com sent me a courtesy post featuring 5 ways small businesses can use technology to save money.  I thought the list was pretty handy, so here it is for your reference.  Are you already using any of these cost-savers for your biz?

Read on, and share your own ideas at the Facebook group!

THANKS,

5 Ways to Use Technology to Save Money

courtesy of Stamps.com

VoIP

Many consumers are aware of VoIP services and are starting to use them for residential local and long distance calling. However, small business owners aren’t taking advantage of these cost savings that work with your existing network – no upgrades needed. VoIP carriers like Comcast, Skype and Vonage all provide calling services and other products like magic Jack are available with additional features that can be added fairly inexpensively.

Make use of social media

While larger companies are making their social presence known, many small businesses have yet to take advantage of the marketing opportunities available via social networking sites like Facebook, LinkedIn and Twitter. Businesses can create their own pages/profiles on these sites and broadcast promotions, keep in touch with customers and attract new business…for free.

Online Postage

Postage meter companies charge small businesses for a monthly lease, maintenance fees, and other hidden charges so it’s hard to keep track of exactly what you’re being charged for each month. Online postage services use an advanced postage printing system that doesn’t rely on expensive postage meters. All you need are your existing computer, printer and Internet connection. It’s easy, reliable and at least 50 percent cheaper than traditional postage meters.

Make your office mobile

As smartphones proliferate, business owners are finding that employees, customers and clients are all accessible at their fingertips – no matter where they are. For many businesses, this has eliminated the need for a traditional office or at the very least allows for cost savings by limiting time spent in the office. By equipping employees with a laptop and smartphone, they have created a mobile workforce that is more efficient and more importantly, cheaper!

Use Online Productivity Tools

There are a host of online tools available to the tech-savvy worker that don’t just save money but make a business run more smoothly and efficiently. For small business owners, it is perhaps even more important to be able to access documents from a variety of computers or devices as they are often working at home or out in the field. Online and cloud-based services like Remember the Milk, DocStoc.com, FreeConference.com and Google Notebook can provide everything from to-do lists to calendars and forms…either for free or at a very low cost.

Posted in Business Operations, Tech tips, Technology | Tagged , , , , , , | Leave a comment

Have We Managed to Misinterpret Management?

I recently saw a post on Facebook  by a friend who stated that, though he has an MBA, he was going to have to learn to manage people through good ol’ life experience.

In that moment it struck me.  Maybe the trouble with the whole idea of management is that we think it’s people that need managing.  Instead we should focus on managing circumstances.

Think about.  If we focus on managing circumstances, we create environments and situations that are more conducive for people to perform their best.  By managing circumstances, we’d be more likely to

– provide employees enough time to get work done

– think in terms of work flow, which would naturally translate into making better choices about work assignments and distribution of responsibilities

– guide customer expectations in the context of staff capabilities and workloads

– turn away opportunities that aren’t good fits

– effectively anticipate challenges and identify areas of improvement—and have responses on the ready

– provide the necessary tools, supplies and training in advance of an urgency

– structure teams to work efficiently and effectively

– place attention on the betterment of the entire work environment, even when issues relating to an individual employee must be addressed.

That last point is pivotal to me.

I think back to times when I was in management roles with direct reports, and I immediately remember the burden I felt.  I was so focused on “managing people” that I felt very responsible for their moods, motivations and their every-little-moves.  If I’d seen my role as a manager of circumstances, I would have been able to make decisions more quickly and easily.

I’m definitely going to revisit this angle on management as I run my own business.  Yes, I’m a sole proprietor, but ‘management’ still applies when I realize it’s the circumstances that require my supervision.

OK… there’s my 2-cents’ worth.  Where are yours?  Please share over with us on Facebook!

Thanks for reading,

Posted in Biz Communications Tips, Business Administration, Business Ethics | Tagged , , , | Leave a comment

Hey Small Biz: The Holly Daze is Coming! Time to Prep for Holiday Sales

Did you know that 28% of inactive email subscribers will become active during the holidays?*

Suffice to say, if you’re in the business of selling stuff that people want to buy come Christmastime, ’tis the season to prepare for increased seasonal sales opportunities.  What are you doing to get ready?   Here are some thought starters to help you stock up on stocking stuffers.

Holiday promotions:  Determine featured products, arrange for appropriate supply and assess pricing to make the most of market demand. Hopefully you’re already on trend-watch and in tune with what’s anticipated to be hot this season of selling.  If you snag the right inventory mix and prep the promos, you’ll potentially ‘sleigh’ the competition.  Marketers will start Black Friday promos even earlier this year to maximize the holiday season; are you primed and ready?

Holiday communications:  Map out your messaging, from direct holiday greetings and seasonal advertising to unique content for blogs, websites and Facebook pages.  Create your ‘hook’ and key selling points now.  (It’s not too early to get that customer Christmas card designed and ready!)  In creating core messaging, think of ways to spark urgency and excitement.  Just like kids love to count down to Christmas, consumers are sparked by shopping deadlines as well.

Think Digital-Social-Mobile: Determine how to incorporate all channels of connectivity to make shopping quick and easy for customers.  Mobile and social marketing can be real game-changers for you.  Many e-commerce providers now offer Facebook page integration; look at adding live purchase links to your page.  Is your e-commerce site mobile-friendly?  If not, you may have time to mobilize your marketing efforts.

Want more ideas?  This Experian Holiday Marketer report has tons of great stats and practical tips and is free to download.  It’ll help get you in the holiday spirit.

Thanks for reading!

* – Experian 2010 Holiday Marketer report

Posted in Biz Communications Tips, Business trends | Tagged , , , , , , , , , , , , | Leave a comment

America: Land of the Free(lancer), Home of the Brave

Ah, we Americans…  Here we go asserting our independence again!  Our national economic woes have led many of us…me included!…to do the ol’ bootstrap, become-our-own business thing.

Thanks to the capabilities of technology, an evolution of what the market needs in terms of services and goods, and other economic factors too chewy to explain here, the road to recovery isn’t one big paved highway, it’s many humbly-carved paths converging intermittently.

Just look at recent poll results and commentary from SmartBrief’s Entrepreneur newsletter to illuminate the new era we’ve entered.  Click on the image to see it in full and read more easily.

Where do you fit in this new era?  I must admit, I’m proud to be in the Land of the Free(lancer), the Home of the Brave!

Thanks for reading…

Posted in Business trends | Tagged , , , , , | Leave a comment