Skip navigation

Body_Ecommerce.jpgBy Iris Dorbian.


Over ten years ago, e-commerce was still an emerging channel. Now it’s become a worldwide phenomenon racking up sales in the stratosphere. According to a new report by the market research firm Forrester, online retail sales in the U.S. are poised to tap $327 billion by 2016. Furthermore, overall online consumer spending is expected to increase to $1,738 per person by 2016 in contrast to $1,207 per person in 2011. For 2012, the forecast is for $226 billion, a 12 percent jump from $202 billion in 2011.


Improvements in mobile devices, coupled with myriad online promotions, may be driving the growth. In the same Forrester survey, conducted in partnership with Bizrate Insights, approximately 75 percent of shoppers polled during last year’s Black Friday and Cyber Monday said they made their holiday purchases online simply because the deals were better. Clearly, for small business owners looking to increase their profits, launching an e-commerce site is not simply a key best practice anymore—but an imperative.


However, if you don’t have an e-commerce site (and you don’t have unlimited capital), how do you start? What should be on your to-do list?


PQ_Ecommerce.jpgFind an inexpensive, user-friendly e-commerce provider

If you don’t have the funds to outsource this (and chances are more than likely you do not), then ask for recommendations among trusted colleagues regarding the e-commerce provider they are currently using. Also, do some research on your own. Make sure that whatever provider you choose for your inaugural site, they offer the most bang from your buck—meaning they offer an affordable price plan in line with the volume of products you would like to sell.


Ask yourself the following questions: Does the e-commerce platform you’re considering require monthly fees? Can they link in directly with any PayPal or bank account? Make sure before you partner up with them that they don’t take a percentage of your sales revenues. Examples of some e-commerce solution providers that small business owners might want to check out are Shopify and Big Commerce.


Check out the competition

What are your rivals doing in this space? Review their sites. What they are offering? What are their payment plans, target audience(s) and their Google search rankings? What can you do to distinguish yourself from the competition and seize a sizable portion of the market share? Offering improved customer service, expedited shopping, or the ability to speak to product experts on the phone may be what distinguishes you from online titans like and eBay.


Make your site search friendly

By leveraging customer service and search marketing, Bill and Lauren Elward were able to position their online store Castle Ink, which sells recycled printer ink cartridges and toners, as a formidable contender against heavyweight competitors such as Hewlett-Packard and Epson. Launched in 2005 by the husband and wife partners for $5,000—a sum culled from their savings—Castle Ink generated $1 million in revenue last year. This is in stark contrast to its first year when the site didn’t quite crack sales of $50,000. Not bad for a venture initially viewed by Lauren, a former high school English teacher, as a way to supplement family income while on maternity leave.


Bill credits search engine optimization (SEO), which he honed as the director of web analytics, digital strategy, and online marketing at the College Board (a day job he continues to hold) as the number one factor behind Castle Ink’s success. “I think that’s been the key to everything,” he explains. “To have our site findable on Google where almost 100 percent of our traffic comes from [has been critical]. We’re able to outrank some of the super large companies that have much deeper pockets than us simply by having a better organic ranking.”


Don’t sacrifice quality for pricing

Another challenge that Castle Ink has had to tackle is pricing. Larger competitors, says Bill, offer low price points as a way to draw in the most customers. But that doesn't presuppose the quality is up to par. “Because there’s a false sense of inferior products out there, it has turned consumers off to the whole idea of using a recycled product,” he says. “That’s been a battle for us. One of the things we’ve done to overcome that is to give people a 100 percent satisfaction guarantee. We pay for return shipping so basically they can try our products for free; if they don’t like it, they can always send it back.”


Hire staff and make sure they’re qualified

Even if your business does not have the funds to hire a full complement of staff to get your e-commerce site running, it’s still a good idea to bring on someone, even if temporarily, whose sole responsibility will be to launch this component. This is especially true since it might end up yielding more revenue for your company than your other platforms. Take it seriously and don’t treat it like a sideline hobby.

In this vein, make sure you find someone who is qualified. “Don’t go with someone’s nephew who just graduated from college and can program a site,” cautions Julian Barkat, founder and director of e-commerce at Egg to Apples, a Philadelphia-based marketing agency. He adds that one client hired a niece to set up an e-commerce site simply because she “liked colors and studied that in college.”

Barkat, who has managed e-commerce operations for large and mid-sized companies in the past, currently acts as a consultant to small businesses looking to overhaul their site or launch one. Recently, he had a success story with Rescue Rittenhouse Spa, a luxury spa located in Philadelphia. Barkat started working with them in 2010, following the client’s earlier failed attempts at online sales.

After streamlining its SEO efforts, Barkat and his colleagues built out the spa’s e-commerce site via a new platform, Magento. After launching the site in November 2011, the client saw an immediate impact on revenue, while relevant search terms rose up in rankings. For 2012, Rescue Rittenhouse Spa’s year-over-year revenue forecast (which encompasses both the spa and the online store) is up 150-200 percent.


Here are a few other best practices for entrepreneurs to employ when launching an e-commerce site to bolster ROI:


  • View your e-commerce site as a way to deepen your relationships with your existing customer base rather than pursue new customers already.


  • Link all of your marketing efforts to your site.  
  • Use Google analytics to track and monitor the visits to your site, particularly your repeat visitors. This will give you a keen sense of what is working on your site and what isn’t.
  • And finally test your site out before it goes live. Before Bill and Lauren Elward launched their e-commerce site, they spent considerable time and energy testing it and working out the kinks. “In the online space, it’s easy to try something and to wholly invest a small amount in it to see if it’s going to work,” says Bill. “Launch a pilot before you fully embark on a huge display advertising campaign or a huge search marketing campaign.”

Body_VirtualAsst.jpgby Erin McDermott.


Ryan Frankel likes to run, sometimes even competing in triathlons. Like many entrepreneurs, he gets some good ideas when he has time to think, especially when he’s out pounding the pavement.


So when the MBA candidate brought along his iPhone 4S on a training run and tapped his Siri virtual assistant to take a message to remind himself of a thought to pursue, he hoped the much-touted Apple technology would take copious notes.


When he later listened to the recording, however, he found nothing but jibberish.


“It seems to never work right with background noise or wind, but it’s OK when it’s quiet and you’re slow in enunciating,” says Frankel, a second-year student in the Venture Initiation Program at the University of Pennsylvania’s Wharton School of Business in Philadelphia. “I’d never rely on it for anything serious, or do so sparingly. It just isn’t there.”


PQ_VirtualAsst.jpgNote to self: Popular new virtual assistants may not be entirely ready for prime time when it comes to the needs of an entrepreneur or small-business owner. While the ability to handle some small time-consuming tasks, such as search, managing a calendar, and text messaging, can be of value to anyone on the go, for those running the complexities of a modern business, there are questions of reliability.


When Apple’s Siri debuted in October 2011 on the new iPhone 4S, many hoped it would revolutionize the way users utilized their smartphones. But since then, many have found that even the most advanced virtual assistant can’t comprehend context the way a human being might. So far, this modern contest of man vs. machine shouldn’t have actual human assistants losing much sleep.

Frankel said his frustration with his device’s inability to provide crucial information pushed him to found, a crowd-sourced translation service that lets actual humans answer questions in Mandarin, Spanish, and Hindi. He got the idea after contracting food poisoning in China—and being unable to use a personal technology device to express the important notion that he needed an antibiotic. “At that point, I’d have given my left arm for someone to communicate on my behalf,” he said.

OK, so virtual assistants have their notable limits, but they are able to adapt. The more you use them, the more they learn, even from mistakes.

What does work well?

Siri: Let your new “friend” get to know you better, says Olga Mizrahi, a management and marketing expert, whose blog, Chunk of Change, touts smart new efficiencies from technology. She uses Siri to add expenses to her roster verbally and send text messages when she’s driving.


The more Siri knows about the people in your life, the easier it will be to contact and interact with them, Mizrahi says. Start by going to Settings> General> Siri > My Info and fill in your own contact information through your address book thoroughly. Then introduce Siri to your favorite people:

she says there are two easy ways to add a relationship:


  1. 1. Go into your own contact listing. Click “Edit.” Click on the name of a relationship (e.g. “ mother”), which appears underneath your address. Either choose one of the given labels or click “Add Custom Label” and use the arrow to choose a name from your contacts.


  1. 2. Go into someone else’s contact information. Click “Edit.” Click “add field” at the bottom of the screen. Choose “Phonetic First Name.” Either type in the name you want to use, or click on the microphone to have Siri record it.


(You can also try using Siri to check your bank balances—follow blogger Ryan Spahn’s instructions here.) 



Vlingo: BlackBerry users can get its free SafeReader app, which can read your text messages and emails aloud, a hands-free aid for drivers with an itch to check their messages. 


Evi: (For iPhone and Android). While this True Knowledge product isn’t able to send emails or text messages on voice command, its search answers get points for brevity: They are to the point and not just forwarded to a search engine. 


Plus: watch this market space for Google’s Assistant, a new personal virtual assistant that’s reportedly coming later this year and is said to be focused on “accomplishing real-life goals,” not just churning out search results.


Dwight Carey, who teaches advanced entrepreneurship at Temple University’s Fox School of Business, says the technology could be useful to watch certain benchmarks. Work on getting your virtual assistant to monitor important numbers, such as a commodity price or how inventory levels compare with sales—and raise a flag for you if your set threshold is crossed, Carey says.


“The future is bright for technologies and services that make better use of people’s time, since we are becoming increasing time-constrained and more comfortable with mobile devices,” says Mizrahi, who’s based in Long Beach, Calif. “Small changes can make big differences over time, such as saving five or 10 minutes here and there throughout the day using a digital VA on a smart device.”


So for now, maybe it’s wise to just focus on the little advances these devices offer.


Perhaps Samir Malik has the right idea. As an MBA candidate at Wharton and a founder of 1DocWay, a HIPAA-compliant videochat service that links doctors with patients, Malik finds the most useful feature of his voice-activated Siri comes in the winter.


“When it’s cold, I use Siri a lot,” said Malik. “I don’t have to take my gloves off to do a search. I love that!”

Body_HackProof.jpgby Susan Caminiti.


Big corporations have long understood the need to protect against cyber criminals out to wreak havoc on their computer systems in order to steal money or customer data—or both.


Yet technology experts say small businesses are just as vulnerable, and don’t even know it. “The same small business owner who will spend money putting in an alarm system, a fence around the building, and locks on every door, is the same person who doesn’t see the need to take security precautions with his IT system,” says Brian Reich, founder and president of The Reich Group, a security consulting firm based in northern New Jersey. “The three prongs of security are physical, personnel, and IT security. Unfortunately, a lot of small businesses forget about that last piece because they operate under the assumption that since they’re small, they can’t get hacked.”


PQ_HackProof.jpgNo business is too small to be a target

Nothing could be further from the truth. That’s because small firms typically have weaker security profiles that enable hackers—or even disgruntled ex-employees—to easily penetrate their systems to steal proprietary information, explains Ed Skoudis, an instructor with the SANS Institute, a leading information security training and certification school based in Bethesda, Maryland. And with few (if any) IT professionals on staff at small firms to monitor these breaches, the issue often gets pushed aside until an attack actually happens.


And it’s occurring more frequently at these smaller firms. According to Verizon Communications Inc. and the U.S. Secret Service, of the 761 cyber attacks that were reported in 2010, 482 of them—or 63 percent—were at companies with 100 or fewer employees. With thinner financial resources, the cost of a digital break-in can even put a small company out of business. Speaking at the recent International Conference on Cyber Security in New York City, Shawn Henry, the FBI’s top cyber investigator, cited a case where a small business had to close up shop after hackers were able to steal $5 million from its accounts.


Passively scan for security holes

So how does a small business figure out just how vulnerable its online data is? Skoudis and others recommend that they start with a vulnerability scan. Akin to a routine physical, this test looks at your entire computer network every quarter or so to determine weaknesses—or vulnerabilities—that could allow an attacker to get in and steal sensitive information, such as customer lists and credit card information.


Qualys, a provider of on-demand IT security risk and compliance management solutions, based in Redwood Shores, California, offers a free security assessment that small businesses can try, says Skoudis. It includes a scan that detects security vulnerabilities in your systems that face the Internet, including your web server. For a fee, the company can conduct scans that look across your entire network and detect internal vulnerabilities, such as malware infections and threats. The cost is based on the number of IP addresses being scanned and the frequency of those scans.


Actively test your defenses

Going one step further, Skoudis recommends a penetration test—or pen test, as it’s often called. It begins with a vulnerability scan, but then attempts to exploit a company’s IT weaknesses to determine how easily, and to what extent, a hacker can bring a company to its knees. A penetration test can cost anywhere from a few thousand dollars to tens of thousands of dollars depending on the size of the company and how many computers need to be scanned.


“We’ve done pen tests where we were able to get a company’s customer records and all their credit card information,” Skoudis recalls. “When a company gets breached like this, it can destroy its reputation and drain its bank accounts overnight.” And any company that needs to be compliant with Sarbanes-Oxley or HIPAA rules, adds Reich, is even more vulnerable should a security breach occur.


Of course, the difference between a penetration tester and a hacker is that the former has permission to break into a computer network and steal information and the latter does not, according to SANS.


Kevin Mitnick is skilled at both roles. He was once one of the world’s most notorious hackers and today is a best-selling author on information security and president of his own firm, Mitnick Security Consulting. He often consults with small businesses and sees first-hand what happens when cyber security issues are ignored.


For example, he’s currently working with a small e-commerce company based in New Jersey that routinely takes and stores credit card information from its customers. The problem, explains, Mitnick, is that the company stored this financial information on its servers unencrypted, or in other words, as plain text. A hacker who was able to get access to the data had to do little more than copy the numbers to begin fraudulently using them. “The credit card company was the one who figured out the stolen numbers were coming from this business,” Mitnick says. “The owner of the company had no idea this was happening and now they’ve hired me to do a security assessment of their site.”

The cost of doing nothing

Mitnick, as well as others, point out that companies—big and small—who accept credit cards are required to be compliant with PCI Security Standards, the governing body that establishes the security measures merchants must have in place in order to securely accept and store credit card data. Routine vulnerability testing is one of requirements in order to be PCI compliant, points out Skoudis, and yet companies will regularly overlook or ignore this step because they think they’re too small to be hacked or just don’t make the time. According to PCI, should customer credit card data be stolen, a small business can be liable for fines and penalties. According to, a site dedicated to explaining the details of PCI compliance, each cardholder data breach can cost a small business between $50 and $90. Multiply that by hundreds or even thousands of customers and the cost escalates quickly. Further, non-compliance can also result in a small business being prohibited from accepting credit cards in the future.


No amount of IT security and vigilance can completely eliminate the risk of an IT breach, say the experts. “There isn’t an agency, organization, or company I know of that hasn’t be hacked to some degree,” says Edward J. Appel, a former FBI agent for 28 years and now a computer security consultant. The goal, they say, is to mitigate that risk by making it harder for networks to be compromised in the first place. Says Appel: “If you say you can’t afford it or don’t need to periodically see where your company might be vulnerable, you’ve already ceded control to the bad guys.”

Filter Article

By tag: