Counter-attack Online Fraud

Online fraud is skyrocketing, and the stakes are significantly high for IT decision-makers and their companies. According to the Internet Crime Complaint Center -- a joint operation between the Federal Bureau of Investigation and the National White Collar Crime Center -- Internet users reported losing nearly $560 million to online fraud last year. That’s more than double the losses from the previous year.

These days, online fraud includes a wide range of activities, such as exploitation of online banking and e-commerce sites and their customers. Your company’s reputation might also be on the line in spamming or denial of service (DoS) attacks, where there is no direct financial gain for the perpetrator. Fraud is also now conducted in minutes, leaving your IT department little time to respond with damage control measures.

Amid these growing threats, the pressure is on IT departments -- especially those in such industries as financial services and e-commerce -- to deploy counter-fraud measures to protect the company and its customers. Geoffrey Turner, a senior analyst with Forrester Research Inc., offers these guidelines as you battle online fraud:

Counter-measure No. 1: Assess and improve authentication.
Turner says one of the biggest areas in which companies need to up the ante on security is authentication. “Identity theft is a huge problem and the root of all online fraud,” he says. “Ultimately, online fraud is of the magnitude it is now because we have a poor capability to know who’s who.” It’s critical to also evaluate emerging authentication technologies and understand whether they’ll work in your business.

Counter-measure No. 2: Increase your fraud intelligence.
Before deploying a new technological measure, you should take stock of current online authentication processes and determine if fraud risks justify adding more layers of sophisticated measures. On top of that, Turner advises determining where and when online fraud can impact your operations and customers. You need to evaluate whether the level of risk to your organization means you should work more to prevent fraud or to recover from it. If you do employ anti-fraud technologies and processes, make sure there’s an auditing system to measure effectiveness. This is particularly critical in making sure your anti-fraud efforts keep up with new threats.

Counter-measure No. 3: Know your ROI.
Belt-tightening and focusing on revenue-generating business strategy is already driving companies to evaluate the ROI of any investment they make. When it comes to investing in online fraud prevention, you should first concentrate on risk-driven security controls, advises Turner. “Rather than put all the expense on the front edge, you do it based on the level of risk of the transaction,” he says.

Finally, it’s smart to look at how government agencies are bolstering online security. “The more strategic security exploration is being done by governments," says Turner. "You need to be aware of what the government is doing to see what can be leveraged in the private sector.”

Read more about fighting fraud with encryption here.


The Cloud: A Security Solution for Small Business

Let’s say it politely: Stuff happens.

Although natural or manmade disasters aren’t too common (we hope!), even a relatively minor disruption in your organization could grind your business to a halt if you don’t have a contingency plan in place. For a small business, this sort of stoppage can spell catastrophe.

Here’s what to do to ensure this doesn’t happen to you.

Find More Protection in the Cloud
Fortunately, cloud solutions make it easier than ever before to have a disaster recovery (DR) plan to minimize your downtime should something happen.

“Small firms are very much aware of the need to back up regularly, but it’s kind of like flossing; everyone knows they should do it, but very few do so regularly,” says Raymond Boggs, vice president of SMB Research at IDC. “Cloud-based storage and disaster recovery solutions are particularly well-suited to smaller firms, which lack budget and extensive IT resources.”

If your backup is onsite, you likely aren’t as secure as you think you are -- or as you need to be, says Boggs. “Backing up a server -- onsite -- still leaves a firm vulnerable to all kinds of disasters that have been in the news, from floods to tornadoes,” notes Boggs. “Online storage providers offer higher levels of protection than that found in a typical small or even midsized firm.”

The challenge is for a small business owner or IT manager to surrender direct control of precious data in order to make it more secure. “Many understand in their minds the cloud offers both solid value and exceptional security, but in their heart of hearts, they are often reluctant to give up personal possession of essential information,” says Boggs.

Employ a “Partly Cloudy” Solution

One of the first real-value propositions of the cloud is disaster recovery, says John D’Esposito, founder and CTO of, an Internet performance engineering company. But the cloud offers a lot more than just data backup.

“If you can seamlessly fall onto another offsite server, with data and applications, then you’ve successfully set up your DR framework,” adds D’Esposito. “I call this concept ‘party cloudy’ because there’s a lot of value for SMBs who can’t afford a more ambitious enterprise-grade disaster plan but can still benefit from accessing data, serving up applications and seamless proximity routing from one hot data center to another

You’ll find a number of options these days, as many companies offer secure services to empower small companies, says D’Esposito. “If you’re not leveraging the cloud, then you’re not as nimble and effective as your competition, during a disaster or otherwise.”

Not availing yourself of these services could have further repercussions when it comes to your business’s long-term plans. “Without any cloud solutions, small companies who try to raise money from VCs will no doubt have trouble,” says D’Esposito.

The Concept Stays the Same

“I’m not sure that adding the cloud to the mix really changes the fundamentals of disaster-recovery planning,” says Leslie Fiering, research vice president at Gartner. “At the end of the day, it is important to know that in the event of outages, or even large disasters, critical data is stored somewhere that is safe and readily accessible in time of need.”

Doing your homework when it comes to disaster recovery in the cloud is essential. You’ll want to utilize a reputable, established company and have a good idea of how your cloud provider deals with its own potential outages. “We’re seeing a growing number of instances where the cloud providers have outages and customer data is not available for some period of time,” says Fiering. “That said, the cloud offers relatively inexpensive and simple backup options. Many smaller businesses that might not otherwise have discipline for regular backups and offsite storage may find cloud solutions a real game-changer.”


Facebook Business Strategies That Work

Many small- to midsized businesses today shy away from using Facebook. That’s a mistake, say technology experts. Sure, there’s the risk of negative comments getting posted on your wall for the whole world to see, but here’s the reality: If you’re not on Facebook, your competition is.

So instead of avoiding of this powerful social tool, embrace it -- and use it to boost your reputation on the Internet. Here’s how.

1. Get your employees to contribute.
Creating a successful Facebook page simply requires posting frequently and answering comments. Make it a team effort, and the process will be easier -- not to mention, you’ll have a more competitive page, thanks to continuous engagement.

“Fourteen members of our staff have admin status on our Facebook page and are encouraged to share and engage with our fan base,” says community manager Dayna Winter of GelaSkins, a Toronto-based company that sells decorative covers for gadgets. Because of the manageable number of employees with Facebook authorization and two people whose job is to actively monitor all comments, Winter says the opportunities outweigh the risks of putting yourself out there.

But if you still want more control, try setting a stricter approval policy. “Some companies have a fairly restrictive creation-approval-post process whereby no official content ever leaves the company without proper approval,” says Chenxi Wang, vice president and principal analyst at Forrester Research. “The approval process can be manual and similar to how you would control outbound content for press and media today.”

2. Engage your fans with multimedia content.

The ultimate goal of your Facebook page is to promote your brand and connect directly with your customers. So post things that update and engage your users so they’ll come back to you and have a conversation. At GelaSkins, for example, employees post a good mix of content, including photos (GelaSkins-related skins), new art announcements and conversation-provoking questions.

You can also take the conversation beyond just what your company is doing and include links and pop culture topics. Or, try to poll your audience on various topics to get them to interact.

Use negative comments to your benefit.
Comments from unhappy customers can actually be a boon to your business image: They’re opportunities to display your exceptional customer service. “Resolving the issues directly in this public forum shows transparency,” says Winter, “which goes a long way -- and forces us to address these concerns quickly.”

And sometimes, customers can help answer questions too. Winter cites a recent example of a Spanish-speaking customer helping out another. “This is very useful for companies that do business worldwide but who may not have the resources to translate or respond in other languages,” he explains. So reward your most engaged fans, advises Winter; they’ll do a little legwork for you.

4. Mend a bad reputation.

Technology experts agree that social media can help your business, as long as you know how to manage the flow of information. “Be aware of what social media content out there is associated with your company’s brand,” advises Wang.

This goes beyond just what your company is posting on Facebook to include content from third-party sources -- customer and competitor comments, general reviews, community boards and more. Wang suggests MarkMonitor, which can help you understand what content out there is relevant to your brand and reputation. And if you don’t like what you discover, try services like and Cyveillance to correct a bad reputation or inaccurate content.

5. Resolve bigger issues offline.

Don’t let it get ugly on Facebook. Most of the time, you can manage the two-way information flow easily online. But in some situations, the conversation should be temporarily taken off the social platform to find a resolution.

“Generally, we discuss as a team some of the more sticky situations and how we handle,” says Winter. “Many times, a customer who has posted negative comments has contacted us via email already and is looking for a more immediate outlet. It’s important that our messaging is consistent before we publicly or privately post a reply.”

GelaSkins uses iChat internally, so employees can check in with each other before they post, which could work for similar companies too, advises Winter.

For more Facebook inspiration, check out the GelaSkins and ITinsiderOnline pages, or connect with us @ITInsiderOnline

Photo Credit:

5 Apps and Strategies for Mobile Security

For professionals and consumers alike, smartphones and tablets are quickly replacing desktops and laptops. But given the growing popularity of these devices, criminals’ interest is increasing too, bringing with it a bigger threat of loss, theft and exposure to viruses and malware.

Fortunately, there are plenty of security measures you can take to stay safe. Check out these five strategies -- and corresponding apps -- to help you carry them out:

1. Encrypt and back up your essential data.



Keeper safely cocoons your contact info and sensitive business data within a layer of 128-bit military-grade encryption, archiving it online for immediate retrieval. You can synchronize records across multiple devices, from desktops to tablets, and quickly restore missing files. Your files are only accessible by use of maximum-strength passwords. If hackers unsuccessfully try to log in five times, archived data self-destructs, permanently putting it beyond the reach of offenders.

Available on: iPhone, Windows Phone, BlackBerry and Android devices

2. Protect your devices from viruses and theft.


Security App: Webroot Mobile Security 

Harmful apps and websites disguised as legitimate resources are getting harder to spot, even for IT professionals. By perpetually scanning for, detecting and preventing mobile threats, Webroot Mobile Security [disclosure: Webroot is the sponsor of IT Insider Online] stops malicious programs dead in their virtual tracks. It also keeps your data and your device safe: If you lose your phone, you can track its location online, lock the device or SIM card, activate emergency alerts or remotely wipe personal information. Options to block calls, stop spam and end unwanted text messages on-demand are just an added bonus.

Available on: Android devices

3. Safeguard your passwords.


Security App: LastPass 
Often find yourself tearing your hair out trying to remember all of your passwords? Save time (and follicles) by storing them in a single, secure online vault, accessible via one master login. Capable of warehousing an endless supply of personal access codes, LastPass even lets you import existing PINs and ciphers from other programs or share logins with colleagues -- without exposing them to digital snoops.

Available on: Android, iPhone, iPad, BlackBerry, Windows Mobile, webOS and Symbian devices

4. Hide recent activity, messages and calls.

Security App: History Eraser 

As any working professional knows, it pays to have a clean record. Now your smartphone can help. History Eraser lets you wipe everything from your search history, call log, SMS messages and clipboard text with a single touch. The app prevents nosy sorts and intruders from seeing what you’ve been up to recently -- and with whom.

Available on: Android devices

5. Ensure your privacy during voice calls.


Security App: Kryptos 

If you’re paranoid (rightfully so or otherwise) about corporate espionage, try Kryptos: It uses 256-bit encryption (so secure, it’s suitable for use by the armed forces to scramble voice calls) to keep eavesdroppers from overhearing sensitive conversations. The app is compatible with a range of devices using 3G, 4G or Wi-Fi networks.

Available on: Android, BlackBerry and iPhone

Like this article? Connect with us @EveryDayConnect 

The Role of Google+ in Business

If anyone could go after the Facebook jugular -- and its three quarters of a billion users -- it’s Google. The online search giant took aim at Facebook when it launched Google+, a social network that combines old services (Google Profiles, Google Buzz, etc.) with new. But is Google+ strictly for consumers, or can its applications benefit businesses too?

Google+: Best Features for Business
Amber MacArthur, a social media strategist and author of Power Friending: Demystifying Social Media to Grow Your Business, says Google+ isn’t a Facebook clone, though at first glance they do appear similar. Once you get to know the social network, you’ll likely see it as a hybrid: “It has the advantage of long-form posting like Facebook (but better) and the immediacy of a real-time stream like Twitter,” says Doug Lacombe, president of the communicatto social media agency in Calgary.

Other unique Google+ features that can benefit your business include the following:

  • Photos. Forget the regular online photo albums you’re used to; Google+ arranges your photos into a beautiful one-page layout. “The search engine giant has created a platform that has a better in-line photo viewing experience, as images are larger and the overall design of the page is cleaner,” says Lacombe.
  • Circles. An easy way to share content with friends or colleagues, without being forced to share the same things with everyone. “Your work circle gets different content and conversation than your family circle, and so on,” says Lacombe.
  • Hangouts. A feature that lets you video chat or watch videos together with others.
  • Sparks. A feed of everything you’re following.
  • Huddles. An instant messaging feature for Android and iPhone users.
  • Better integration. If you use Google products regularly, Google+ is a natural extension to your Internet experience, says MacArthur: “The network sits neatly within your Google account.”

How can you use all these features to maximize your business? Get one person from your company to represent your business and manage the social network account. (Google+ is set to launch its business pages later this year.) “The same principles for building a community exist on Google+ that exist on Facebook -- it’s important to be authentic, post regularly and engage with everyone,” says MacArthur. “It’s like going to the gym: If you don’t stick to a regular schedule, you’re not going to see the results you want.”

Google+: Security Concerns
Facebook is no stranger to privacy concerns. Google too has come under fire over Gmail hacks and revealing too much info on Google Maps with Street View. So can Google+ be trusted?

“Yes and no,” says Lacombe. “In the sense that Google successfully and securely runs millions of accounts on Gmail and Google Apps, I think G+ accounts are as secure as any other online service. The weakest link is usually careless users with weak passwords, or those who leave their devices open and accessible to thieves.”

But Lacombe also reminds us that anything posted online can be copied, pasted and shared, so you need to manage information security by being judicious in your posting. “No service can protect you thoroughly,” he concludes.

Google+: Its Future in Business
Like Facebook, Google+ will become an increasingly important social media destination for brands and small businesses, predicts MacArthur. “We’ve seen over the past couple of months how quickly this new social network has grown, so with millions of users, it’s only natural that companies will want to build a presence on Google+ in order to reach customers and clients.”

Like this article? Connect with us @ITInsiderOnline

Photo Credit: