Grow Your Business:
Website Security And PCI Compliance
Friends of mine are often surprised when I tell them they need social media for their small business, or to promote themselves as the artsy types they are. They’re surprised because the game only recently changed, and people who don’t work in online marketing, like yours truly, are often totally blind to it. Publishing houses now expect authors to promote themselves via social media and blogs, and are much more likely to take an author who already has a large Twitter following. Seriously? Yep. The last journalism job I applied for required a minimum of 2,000 Twitter followers AND high emotional intelligence which is also totally a thing now. The truth is, without social media and marketing knowledge it’s not likely that your Etsy store, eCommerce biz, or blog will get off the ground or that you’ll be able to compete effectively on the interweb of MEGA COMPETITION.
Everyone who works in marketing, new media, or eCommerce has read a thousand times how important it is to use social media to promote your business or organization online. But if you have a new business or blog, or are new to the concept of using social media for eCommerce, figuring out which of the 100+ social media networks to use and how to best use them can be tricky.
As the largest social media network (by a lot), Facebook is both the best place to start and the most important social media network to master. Facebook currently has more than 1.23 billion active users worldwide. The number of active users who log onto Facebook every single day is 757 million, and more than 128 million of those daily active users are in the United States. This truly massive group of potential customers is on Facebook every day, ready and waiting for you to reach them with your great content and target them with your advertising.
But where to begin? Many guides on using Facebook for business focus on either inbound marketing or outbound marketing strategies, with little attention to analytics. In this article I will cover what I consider to be the most essential aspects of all three elements of marketing for Facebook.
1) Inbound Marketing for Facebook
It is vitally important to use inbound marketing strategies to make sure that the content you produce (rather than merely paid advertising) is drawing people to your website and allowing for organic growth. This principle of inbound marketing doesn’t just apply to your company’s website, however; it also applies to how you manage your company’s Facebook page. You want to have a Facebook page that builds trust and credibility for your brand, allowing for organic growth and an increase in sales. Here are 5 essential steps to successfully use inbound marketing for Facebook:
1. Set Up and Manage Your Facebook Business Page Well
The way that you initially set up your business’s Facebook page matters. If you are just starting to use Facebook for your business, make sure that you set up a new page specifically for your business. Do not try to use your personal Facebook page as your business page or set your business Facebook page up as a group that people have to join.
You should also thoroughly fill out the profile of your business page. This will build trust and credibility with your target customers. Select the images you use for your profile picture and header carefully and create images that are the specific dimensions of each image location, rather than having to stretch or crop something in to make it fit the space. Your images should include the logo and name of your business and be bright, bold, and visually dynamic.
The last strategy for managing your profile to increase trust, loyalty, and sales is to make sure that you are posting quality content to your Facebook page at least every other day, and preferably every single day. Frequent posting shows your potential customers that you are on top of your marketing, which will inspire confidence that you are on top of other aspects of your business (like production, shipping, and management) as well.
2. Create Reliable, Customer-Focused Content
So you know you should be posting content every day to establish trust and credibility with your potential customers. But what kind of content should you post?
The goal with inbound marketing is to have the answer to your customer’s question already there waiting for them when they start looking. This allows them to find their way to your business organically, without you having to interrupt something they were doing with your ad. In keeping with this principle, you want to make sure that your content focuses on your customers and what will be interesting or relevant to them, rather than constant promotion of your company, products, or sales.
This will require you to think carefully about exactly who your target audience is and what the best ways to grab their attention will be once they start looking for information. You’re going to use different phrasing, images, etc. if you’re selling bed sheets than you are if you’re selling cosmetics or fishing poles or gluten-free birthday cakes.
Posts with images are significantly more likely to be liked and shared on Facebook, so everything you post should include an image. Better yet, your post should include a graphic that has both an image and words arranged together in a dynamic way.
3. Effectively Promote Your Best Content
Once you have created customer-focused content that you are proud of, make sure that you are effectively promoting that content. There are a couple of ways you can accomplish this.
First, make sure that you call your readers to action by asking them to like, share, and comment on each post. You don’t always have to ask for all three actions, but your content is more likely to be liked and shared if you ask people to like and share it. Why is this important? Because Facebook, unlike Twitter, does not automatically place your posts in the newsfeed of every person that likes your business page. So how do they decide which posts get shown to more people? Based on the number of likes, shares, and comments a post has. As Facebook sees that your post is popular, it will share your post with more of your followers (and friends of any followers who like or share you post).
The second way to increase the number of people who see your posts is by “boosting” your posts. This is a paid promotional strategy in which you pay for Facebook to place your post in the newsfeed of more people (more of your followers, as well as friends of your followers, and other similar people) regardless of how many likes, shares, and comments your post has. You can also designate a certain amount of money to be spent on boosting posts per month, and Facebook will automatically allot more of your budget toward the content that is performing the best.
4. Demonstrate Your Excellent Customer Service
One of the most effective ways to increase brand trust and loyalty is to make sure you respond authentically to any critical feedback you receive on Facebook. Be prompt in your response and make sure that you adequately make amends with the customer, whether that requires an apology, a refund, or a gift (like a coupon, discount, or replacement). This display of good customer service will go a long way toward inspiring loyalty for your company when potential customers see how well you have addressed the concerns and complaints of other customers.
5. Use “Facebook Connect” and Promote Your Facebook Page in Other Places
Don’t forget to make sure you have “Facebook Connect” buttons on your business website that will allow people who find your website to easily “like” your business Facebook page from other sites. If someone finds your website while looking for an answer or a product, you want them to “like” your Facebook page while they’re there.
You can also suggest that people “like” your business on Facebook when you send emails or mailers, run ads, tweet, etc. Every person you can get to like your business on Facebook is a person that you will be able to reach much more easily again in the future.
Outbound Marketing for Facebook
Inbound marketing is all the craze these days, but it’s important to remember that outbound marketing can be an effective use of resources too, if done well, especially for your products, services, and sales. Here are the two most effective ways to use outbound marketing for Facebook:
6. Run Paid Ads on Facebook
Paid advertising with Facebook can be purchased at all price points, organized in different ways (including daily budgets and lifetime-of-the-ad budgets), placed in different locations (next to the newsfeed or directly in the newsfeed), and purchased on a per-1000-impressions or pay-per-click basis.
The advantage with these types of ads, rather than just paying to boost your posts, is that you can directly promote your business website and products, rather than just your Facebook page and posts. These sorts of ads are the better place to advertise actual products, services, and sales you are offering, because they are not also posted to your Facebook page. That means that when someone visits your Facebook page, they are not seeing lots of business-focused outbound marketing ads, but rather your customer-focused inbound marketing posts. This will help to preserve the trust and credibility of your brand.
7. Target Your Ads Well
Facebook conveniently offers extensive targeting options, including gender, location, relationship status, education, career, “liking” things similar to your business or products, etc. that are very quick and easy to use. You can also target different groups of people with different ads, so that you’re reaching the right people for each individual product or message.
Analytics for Facebook
8. Use “Facebook Insights” to Analyze Which Content is Best
Facebook business pages come automatically equipped with the Facebook analytics feature, which is called “Facebook Insights.” This feature will tell you exactly how many people have viewed each post or ad, clicked on each post or ad, and how much money was spent on each boost or ad, so that you can easily determine which type of content is performing the best among which types of customers and potential customers. Then you can use this valuable information to create and promote more of the right content to the right people.
If you use these 8 strategies to achieve a balance of inbound marketing, outbound marketing, and analytics, you will have a thriving Facebook business page and increased trust, brand loyalty, and sales before you know it!
If you haven’t heard about it yet, let me introduce you to the encryption flaw, HeartBleed, the largest vulnerability the internet has ever seen. It’s that big (big enough that Canada has temporarily shut down their government sites), and it’s here to make all of our lives difficult. If you’re like me, you probably have dozens of passwords, for dozens of sites that all hold a varying degree of personal information. I personally spent the past five hours changing passwords. Bank accounts, airlines, hotels, social media sites, my dog walker, they all have my personal information. About 66% of the internet was vulnerable to HeartBleed so chances are most of the sites that hold my information were vulnerable too. Pretty much everyone was vulnerable, including but not limited to Google, YouTube, Facebook, and Instagram. The bug affects web servers running Apache and Nginx software. Potentially, the bug could expose otherwise “secure” information like passwords, credit card numbers, etc., that users enter into websites, applications, web email and even instant messages.
So, what exactly is HeartBleed and why is it so dangerous?
HeartBleed is an encryption flaw that affects OpenSSL. The idea of encryption is to conceal information from point A to point B, or your computer and a website. What happens if during this “secret conversion” someone else is listening? This is exactly what makes HeartBleed so scary. When encryption is flawed, anyone can be peaking in without anyone else even noticing.Watch This Comprehensive Video By Mashable For More Info
What Can You Do To Protect Yourself From HeartBleed?
Unfortunately the HeartBleed bug is tricky and technical so you just have to wait for companies to resolve the issue. It’s safe to assume that any sites with an SSL certificate, that “secure” connection that shows the little lock at the top of your browser bar with the “https” instead of an “http” were at risk.
1. Ask all of the websites you use if they are trying to secure themselves against HeartBleed. Do these companies have vulnerability scanning?
2. Change all of your passwords immediately.
What Should Businesses Be Doing To Protect Their Customers?
1. Patch the flaw. It’s the responsibility of internet companies to fix the HeartBleed bug by installing the updated version of Open SSL.
2. Alert customers to change their passwords. Changing passwords before the flaw is patched won’t solve any problems.
3. Get vulnerability scanning with a company that scans for the HeartBleed bug, like Trust Guard, among others.
How To FIX HeartBleed
1. Upgrade OpenSSL
2. Revoke ALL SSL certificates
3. Regenerate all SSL private keys
4. Get new certifications from SSL vendors
1. “5 Things Entrepreneurs Need to Know About the Changing Workplace” – One of the best ways to make sure you are staying connected to your customers and employees is to constantly monitor trends and changes in the workplace. In this piece, Vivian Giang expertly outlines five things you should do in the current workplace environment: hire candidates with in-demand skills of the future, hire for “soft” skills (including critical thinking and problem-solving skills), provide learning opportunities for young employees, learn to criticize constructively, and start a blog. To read more about these strategies, visit the full article here http://www.businessinsider.com/5-things-entrepreneurs-need-to-know-about-the-changing-workplace-2013-9?utm_source=buffer&utm_campaign=Buffer&utm_content=buffer23ab9&utm_medium=twitter
2. “5 Things Super Successful People Do Before 8AM” – Did you know that the world’s most successful people are frequently very early risers? Many CEOs and influential government officials wake before 5AM and they have many early-morning habits in common. In this helpful Forbes article, Jennifer Cohen outlines 5 pre-workday activities that successful people have in common, including: eating breakfast, exercising, mapping out your day, visualizing, and more. To learn about these activities in more detail, read the full article here http://www.forbes.com/sites/jennifercohen/2013/10/02/5-things-super-successful-people-do-before-8-am/?utm_source=buffer&utm_campaign=Buffer&utm_content=bufferf5729&utm_medium=twitter
1. Providing facts instead of a “vision.” When you’re negotiating, or trying to make a sale, facts will only take you so far. “We have a money back offer! We offer 24/7 support!” These are just facts and they’ll limit your potential. Give the other side the real information, give them what their life could look like with your product or service.
2. Not having a decent defense for your cost or fees. If you’re providing something valuable you’d better have a good reason as to why you’re charging a certain amount. You’re worth it, convince the other guy, and tie it to your vision.
3. Every moment is a moment wasted. Any time that you spend with any potential clients could be time spend negotiating to some extent. This doesn’t mean that you should hard sell your t-shirt business to your father-in-law during Sunday brunch but you could sell him a vision during brunch. After-all, that waitress wouldn’t be calling him “Grandpa” if he was wearing a more modern, outfit, similar to what your brand offers.
4. Waiting. If you’re waiting for good things to happen to your business, you’ll be waiting a long time. Take initiative, get in there, and drive your team.
5. Taking employees for granted. A company is only as good as their employees. If you value your employees, show them, and listen to their suggestions. You’d be surprised by how many employees of today are multi-million entrepreneurs tomorrow.
6. Don’t put all of your ducks in one basket. Or eggs. How does that go again? The point is this: Don’t put all of your marketing efforts into FB and Twitter. Many entrepreneurs put all of their hope in social media stuff, they SPAM the world with their stuff, and they are disappointed with the poor results. The best way to run a business account is the same way you’d run a personal account. You wouldn’t SPAM your friends so don’t SPAM potential clients. Make friends, care what others are saying and doing, and post things of value without trying to push your products constantly. Bam! Winning.
“eCommerce Blogging: How to Drive Conversions with Content” – Have you been wondering how to get started with Inbound marketing strategies, which draw potential customers to your site using interesting content rather than paid advertising? Try blogging! In this article, Shannon Good thoroughly explains four simple best practices for eCommerce blogging: blog to drive traffic to your site, promote your products without pushing a sale, give readers a reason to come back (by consistently having fresh and relevant content), and make your blog social media share-friendly. To read the full article, go here http://savvypanda.com/blog/beginner-level/ecommerce-blogging-how-to-drive-conversions-with-content.html
“Top Marketing Sites for Social Media Tips and Trends” – To be successful in today’s business climate, companies of all sizes should have a person who is dedicated to social media management. Social media can be a challenging and grueling task for the person who undertakes the venture, so it is important to stay up-to-date with the best social media marketing tips and trends. This article by Tony Corsini includes a comprehensive list of the best and most relevant social media marketing advice websites, including Social Media Examiner, Social Media Today, iMediaConnection, Simply Zesty, and many more. For the complete list, go here http://www.examiner.com/article/top-marketing-sites-for-social-media-marketing-trends-and-tips
“6 Effective but Ignored Social Media Marketing Sites” – When we consider which social media sites to use to promote our businesses, the “Big 3” often come to mind: Facebook, Twitter, and LinkedIn. But there are several other established social media sites with large and growing user bases that deserve to be considered and used. Krista Neher lists and analyzes 6 oft-forgotten social media options in this article, including Pinterest, which is currently the fastest-growing social media site with the most referrals generated, SlideShare, Tumblr, and more. For the full article, go here http://www.clickz.com/clickz/column/2157848/effective-ignored-social-media-marketing-sites
“4 Free Social Media Marketing Sites for Local Small Businesses” – Are you running a local small business and wondering how you can best utilize social media to bring in new conversions and customers? There are several social media options that are well-suited specifically to local small businesses. In this article Eric Folgate walks readers through four of the best marketing resources for local businesses: Facebook Places Deals, Foursquare Specials, Google Local, and Yelp Offers. To get more information on how these local marketing options can best help you, read the full article here http://www.moneycrashers.com/social-media-marketing-sites-local-small-business/
- “5 Most Common Mistakes in Social Media” – Has your social media growth or efficacy been stagnating or declining lately? Are you wondering what you may be doing wrong? In this enlightening article by Drew Neisser, he outlines the 5 most common mistakes that companies make with social media: using the wrong metrics, having too many handles or channels, talking and focusing on yourself too much, isolating social media presence to one department, and not having a clear road map for social media marketing strategy. To read more about these common mistakes, read the full article here http://socialmediatoday.com/dneisser/1327841/5-most-common-mistakes-social-media
This is a very, very basic article. If you understand the concept alluded to in the title, feel free to move on. But for those who are just venturing into the wonderful world of E-Commerce, there are so many temptations to skimp on site design that someone needs to explain the reasons why it should never happen. So here goes:
Studies show that you have seconds to convince an online shopper your business is not only legitimate, but secure. Let me emphasize that: SECONDS. If anything about your site makes them feel insecure, they will leave and likely never return.
A good example of people following this gut reaction in the non-digital world could be the different types of ice cream trucks that drive down our streets. Imagine for a moment that the two ice cream vans below sold the exact same type of ice cream. If both of these vans drove through your neighborhood, which one would you buy your ice cream from?
The answer is pretty clear, and it took you seconds to decide. Even if you know it’s the same ice cream being sold by both, you will always go for the nicer van. Your customers follow that same instinct when it comes to your website. They assume that if it looks trustworthy, then it is trustworthy.
Your customers’ perception then becomes your financial reality–whether you deserve the judgment they hand down or not.
I’ve been in this industry for years now and I’m always amazed at how many online business owners don’t really understand how crucial a well-designed website really is. They believe that if they have a quality product to sell, the customer will put up with a poor site layout.
Perhaps a quick allegory will illustrate the problem with this line of thinking.
Suppose you’re shopping for a bicycle. At the end of your street, you see two clearly marked bike shops. One is a little closer to you, so you decide to visit that one first.
Upon entering the store, your ears are assaulted by loud, obnoxious music. Annoyed, but determined to buy that bicycle, you continue into the showroom… or at least you would, if you could get to it. As you move forward, a movie screen suddenly drops from the ceiling in front of you, blocking the doorway to the actual shop. To your horror, you realize that anybody wishing to view the merchandise must first endure both the music and a video advertisement–for the store you are already shopping at.
It’s tough to imagine a store like this ever gaining a single customer. It’s as though the business owners went out of their way to make the experience as unpleasant as possible. Unfortunately, countless business owners create a similar experience for their online customers without even realizing it.
Keep your site’s design clean, focused, and easily understood. Skip the autoplay option. Don’t add music to your site unless it’s your product–and again, it should never play automatically. Make your menu intuitive, not flashy, and keep your graphics clear, professional, and related to your business. The addition of social reviews, if used correctly, and third party verification, such as news articles or trust seals, will also help to put your visitors’ minds at ease.
In short, follow the same principles when designing your website as you would a brick and mortar store: keep it simple, professional, comfortable, and well organized. Ask your friends, family, or, perhaps most importantly, total strangers for their honest opinions of a planned site well before you launch. Watch them try to use it and take notes on what they have issues with. With practice and experience, you’ll learn to see your site in the most important way possible: as your customers see it.
This Article Was Brought To You By, Andrew Brandley
As with many aspects of the Internet, conducting business is a continuous series of determining what works best and what does not. Following the unveiling of electronic payment technology, an enormous surge of identity theft cases emerged. Given that the card issuers had the best view of these issues, they inherited the responsibility to secure the identities of those customers.
However, following data breach legislation, being PCI compliant and maintaining a high-level of website security are critical aspects of being an online merchant. These attributes help keep the business and sensitive consumer data safe.
Data Breach Legislation
Since 2002, the majority of U.S. states have implemented security breach notification laws due to an increasing amount of breaches in consumer databases whereby hackers had access to critical client information.
The first law was implemented in California that requires “a state agency, person or business that conducts business in California who owns computerized data…to disclose in specific ways, any breach of the security of that data, to any resident of California whose unencrypted personal information was acquired by an unauthorized person.” Also, the law allows a delayed notification if it is determined to impede in a criminal investigation.
After this law was enacted and enforced, the majority of U.S. states followed-suit. In each state’s clause is a line that requires companies to immediately disclose a data breach to consumers in writing. Since the implementation of this law, California has added sections that include the breach of medical and health insurance information.
Currently, the National Conference of State Legislatures manages the list of all state-enacted as well as proposed security breach laws. Many bills have been presented to create a national standard for data security breaches but none have passed.
In the European Union, breach notification laws regarding the Directive on Privacy and Electronic Communications (E-Privacy Directive) were implemented in 2009 as a national law among all countries.
“At least 19 states have introduced or are considering security breach legislation in 2014. Most of the bills would amend existing security breach laws. Kentucky’s legislation, however, would create requirements for notification of breaches in that state. Only four states–Alabama, Kentucky, New Mexico and South Dakota–do not currently have a law requiring notification of security breaches involving personal information.” For Full List: http://www.ncsl.org/research/telecommunications-and-information-technology/2014-security-breach-legislation.aspx
Recent Security Breaches
Since 2010, some of the worst data breaches in history occurred including:
- Massive American Business Attack (2011)
- Heartland (2008)
- Sony PlayStation Network (2011)
- Target (2013)
Massive American Business Attack
In 2011, a huge cyber-attack that resulted in the vulnerability of RSA SecurID tags targeted over 760 organizations including Google, Facebook, Microsoft, Cisco, Yahoo, Intel, IBM, the European Space Agency, the IRS and a fifth of Fortune 100 companies. The cyber-attack implanted malware into RSA’s systems allow them to gain full access to their consumer’s networks.
Affecting almost 134 million credit cards in 2008, the Heartland data breach occurred because of a vulnerability to SQL injection. Security analysts were well aware of this hole and warned retailers to patch it for several years. Unfortunately, many retailers ignored the warning resulting in the most common form of attack against websites at the time.
Sony PlayStation Network
Impacting 77 million PlayStation Network accounts, this hack is said to have lost Sony millions of dollars while the site was down for almost a month. This has been labeled as the worst gaming consumer data breach in history. The attackers gained access to entire names, passwords, emails, home address, credit card numbers and other critical information.
Most recently, attackers hacked the Target system which revealed millions of Target customers’ credit and debit card numbers during the holiday shopping season. Within hours of finding out about the breach, tens of thousands of worried Target consumers jammed the phone line that was setup to manage those concerns.
Merchant Responsibility to be PCI Compliant
As a result of these data breach laws and the brutal attacks on businesses, gaming networks and retailers, merchants have a responsibility to be PCI compliant. The size of the business will determine the compliance requirements that must be enacted. The enforcement of merchant compliance is conducted by individual payment brands. Companies who are not PCI Compliant and experience a data breach will be held accountable by credit card companies.
The PCI Data Security Standard (DSS) are a set of requirements for security management, network architecture, proper software design, policies and procedures to ensure protective measures are met. To be compliant, merchants must follow the 12 requirements within the standard. Since PCI DSS is a continuous process, it is important to constantly assess the operations, identify any vulnerability and fix them immediately.
What is PCI DSS Security?
PCI DSS stands for Payment Card Industry Data Security Standard. It is the collection of standards that merchants who accept credit cards must adhere to in order to ensure that the private information that is contained on the cards remains private. The current version that is available for the collection of standards is 3.0. All companies that are still adhering to the 2.0 standards much switch to 3.0 by December 31 2014.
What is Included in the PCI DSS Security System?
There are several different categories of guidelines that govern how secure different aspects of the card acceptance system need to be. The first category regards building and maintaining a secure network that will be able to accept cards without divulging the private financial information to those with nefarious purposes. In order for all of the requirements to be met, a retailer needs to install a strong firewall to keep out intruders and change all of the passwords from the default passwords that are supplied from the vendor.