Skip navigation
SBC Team

Play It Safe

Posted by SBC Team Sep 30, 2008
How to Protect Your Customers' Confidential Info


By Christopher Freeburn


Customer data may well be your business's most critical asset. Unfortunately, there are plenty of thieves who would like to gain access to it. Identity and credit card theft are burgeoning problems. Customers' names, addresses, and credit information are valuable commodities that thieves not only steal, but actually trade among themselves. Today's profusion of computer technology and online connectivity has proven not only a boon for business, but for thieves as well. Protecting your company's information is as vital as locking your office doors.


The World Wide Web of Hackers
There's almost no way to isolate your business from the Internet these days. Even the smallest businesses usually have web sites and email is now virtually a business requirement. That usually means that the computers you use for business are likely connected, either directly or through your company network, to the Internet. While there is no question that the Internet has been a huge boost to small business, it comes with serious security risks.



The Internet connection that brings the world to your business's front door can also let unscrupulous thieves dive right into your company hard drives and gain access to vital customer and business data. "The best way to prevent that is to make sure that your company network and computers have a robust firewall and use the latest Internet security software available," says Cambridge, Massachusetts-based computer security expert Dan Smith. "This applies even if you outsource your company's online services to a web hosting company." If you don't know how to enable your firewall and security software properly, hire a network or computer expert to do it for you. "Your firewall is the first and best line of defense in keeping unwanted people out of your system," Smith explains. "If you don't pay enough attention to it you can find your network crippled and your data stolen."


A wide variety of Internet Security software packages are available for small businesses. Additionally, personal computers and network servers come with some form of internal firewalls that will work in concert with third-party Internet security software. Most of these programs feature an automatic update feature that allows the software to contact its manufacturer online and check for software updates. Since the battle between hackers and security software is never-ending, keeping the update feature active is crucial to receiving updates meant to combat the latest threats.


Isolate Data
Your company data can be threatened not only from the outside, but also from within your business as well. Last January, news organizations reported the story of a Florida architectural firm whose office manager, erroneously believing she was about to be fired, deleted seven years worth of company records, including millions of dollars worth of blueprints and drawings from the firm's computer. The company was able to recover much of the data, but only at great expense. In order to prevent accidental or deliberate loss or theft of data, it is a good idea to restrict access to the company network-or at least to the most sensitive data-to a few trusted, high-level employees. Most network software packages offer a variety of different password-based levels of access to the network and its assets.


Make sure that employees guard their individual passwords and that the passwords of employees who depart the business are deleted immediately.


Shredding to Security
Keeping your company's critical data secure often means more than simply keeping your computers free from hackers and the office doors securely locked. Too many companies forget that documents tossed out with the trash become instantly vulnerable to thieves or competitors.


There is no privacy in garbage, according to a 1998 Supreme Court ruling, which means anyone can grab a garbage bag from your firm left at the curb and legally sift through it. That means your competitors can legally acquire sensitive information about your business if you aren't careful enough to properly dispose of it. It also means that identify thieves might glean enough personal information regarding your customers to open credit cards accounts in their names, causing them substantial financial harm.


In order to protect your company and your customers, you should consider creating a formal company policy regarding document disposal. And then make certain that all employees understand and follow through with its implementation.


Any paper that contains customer names, account numbers, or billing information should be shredded. The same is true of company documents that provide employee names, social security numbers, payroll, medical insurance, home addresses, or salary information. But you should also be shredding any documents containing information valuable to your competitors. Sales numbers, financial analysis, marketing plans or reports, web site usage figures - all of these could be of potential interest to competing companies. Legal documents as well. In practice it's a good idea to shred any document that sheds light on your company's internal practices or arrangements.


Document shredder machines are available in a wide range of sizes and prices, with small units running under $60, making it easy for a small business to have several such machines where needed. Traditional shredders rend documents into narrow vertical strips. Newer cross-cut shredders slice the documents two ways, rendering them into confetti that is almost impossible to reconstruct.


Wireless Vulnerability
Once upon a time, connecting the computers in a small office meant running wires all over the place. Today, setting up a wireless network for a small or home-based business can take little more than a few hours work. But for all their convenience, wireless networks face a serious downside: security. Your wireless router broadcasts your network's data indiscriminately over a certain area (anywhere from a 100 to 300-feet radius from the router). Any computer equipped with a wireless network card within that area can receive the signals and access your network.


"The number of businesses that forget to install some level of encryption in their wireless networks is astonishing," says Dan Smith. "People who are scrupulous about installing Internet anti-virus programs just blank on wireless access security." But the consequences can be serious. "There are people who set up their laptops outside office buildings and shopping malls looking for vulnerable wireless networks," Smith explains. "Once they find one they can penetrate they'll poke around until they find some useful information." That can include customer data like credit card numbers and billing addresses or employee data like social security numbers. "Once they have anything like that, it can be used for theft or identity fraud, or sold to others for that purpose."


In order to prevent unwanted intrusions, wireless equipment manufacturers have developed a variety of encryption programs. Most wireless network equipment comes with two basic encryption systems: Wired Equivalence Protection (WEP) and (Wired Protected Access) WPA. These encrypt your wireless signal, requiring any wireless-capable computer to have the right encryption key to decode the signal. WPA is the more robust encryption protocol. Keeping firewalls enabled on all networked computers and changing network passwords is also recommended.
Many obstacles can reduce web site crawability - and impact your chances of achieving a coveted spot on a search engine results page. Learn the SEO fundamentals from an industry expert and put his SEO best practices to work for you.

SEO Fundamentals
Improving Web Site Crawlability


By icrossingseo


Over the years, the growth in search engine usage has become increasingly popular. Consumers use search engines to do everything from research investments to buy shoes. With this in mind, ensuring your business has good visibility in search engines should be a critical element of your marketing mix.


The practice of search engine optimization (SEO) is concerned with maximizing the visibility of your business by ensuring its web pages appear frequently and prominently in Search Engine Result Pages (SERPs).



The goal of this marketing channel, and therefore the SEO best practices outlined in this article, is to create an environment where all businesses, both large and small, can achieve top rankings in SERPs on leading search engines for search terms that are relevant to their business.


Search engines assign weights to various elements on a page and use algorithms to determine the value of each element - and thus how pages will rank in the SERPs. These algorithms vary by search engine and are regularly modified, so there is no "silver bullet" to getting a page-one rankings. Instead, it's best to follow the engines' SEO best practices - and your own good judgment - in developing and maintaining your web site - and ultimately your brand.


This series of articles describes SEO fundamentals and is designed to help you not only understand how various elements of your web site are evaluated by the engines, but learn to optimize your web site in three specific areas (crawlability, relevancy, and popularity) for improved visibility.


Web Site Crawlability


To achieve visibility, search engines must be able to find the content of your site. Using programs known as "spiders, bots or crawlers," they are able to "read" both the on-page content and take cues from a site's programming language. These crawlers follow a very simple process; read content and follow links (e.g. crawling).


To achieve top rankings, it's imperative that spiders are granted access all the salient points of your web site. The following are some common factors that would prohibit a search engine spider from crawling your site and ultimately reducing visibility of your business on the web. Duplicate Content


Duplicate content exists when two or more URLs display the same content. Search engines often become confused as to which URL is the correct source. Many times a search engine will reduce rankings for web sites with duplicate content.




Although Flash technology creates a rich visual experience for visitors, it can prohibit spiders from effectively reading the content on the page. That's because content in a Flash file is broken into several components that is not visible in the HTML code of the page.




JavaScript is a useful technology that drives drop-down menus, enables add-to-cart functions and more. Search engines historically have ignored JavaScript code on web pages. This is not to say that JavaScript shouldn't be used, but using it in a way that won't prevent a spider from crawling the pertinent on-page content is important. Placing JavaScript in external files or in CSS navigation are both excellent ways to minimize obstacles created by on-page JavaScript.


User-action and cookie requirements


To gain an understanding of user-behavior, adhere to legal requirements and other reasons, many web sites require cookies and user-actions to declare location, age requirements, etc. This is common for regulated industries (financial services, pharmaceutical, energy, etc.). The issue this presents is that a spider is not able to crawl past this point. If the entry page to a site contains this type of obstacle, the search engine may be prohibited from indexing all the relevant content.


Another critical component of web site crawlability is the internal linking structure. Because search engine spiders only read content and follow links, it's important to develop an easy-to-follow internal linking structure that will enable all visitors to navigate your site and find all the critical points easily and quickly. SEO best practices suggest creating an easy-to-follow navigation and internal sitemap page to facilitate better crawling and provide a better user experience.


Once all web site crawlability issues have been solved, your site will be ready for optimization. The next article in this SEO Fundamentals series will cover relevancy - the second phase of any SEO program.


About the Author: Richard Chavez is an SEO Manager at iCrossing, a leading digital marketing agency, whodevelops search strategies for Fortune 500 clients in the financial services, publishing, CPG and pharmaceutical sectors.

Filter Article

By tag: