Chances are that your website collects PII if you have a contact form or an email newsletter sign-up form. PII is any data that could be used to identify a particular person such as name, email or phone number. If you do collect this type of information, the following privacy laws may apply to you:
For many businesses, their website is their most important online asset. It is where people just learning about their business will likely "land" first, and is the central hub of their online presence. But surprisingly, many small and medium sized business websites are lacking in one or more key aspects of website security. Here are 3 ways your website may be putting you at risk for a security breach.
Secure data transmission means that data exchanged between your site visitors browser and your website is encrypted so that anyone intercepting communications to/from your website would only see garbage characters and not clear text. In practical terms, securing data transmission means installing a "SSL (Secure Socket Layer) Certificate" on the website server (hosting account) that enables communications between the server and the visitors browser to use the secure (https://) protocol. Depending on your browser, you may see an indication that SSL is active in the form of a lock icon, "Secure" label, or other indicator.
SSL is important for any functions on your site that involve communicating personal data -- a newsletter sign-up form that has a user's name and email, for instance -- and especially any kind of eCommerce where credit card info is transmitted. But even if you site doesn't have features that transmit sensitive data, SSL is important for one very big reason: Google started warning users about non-secure sites back in 2018. While Google has looked at the presence of a SSL certificate as a minor ranking factor since 2014, the in-your-face scare that comes from non-SSL sites being flagged has caused most site owners to add SSL.
If your site still doesn't have SSL installed, do it now! Most web hosting companies are now offering free basic SSL certificates and "one-click" installation. After that, there are a couple of easy settings that need to be made on your website. The entire process of adding SSL to your website should only take a few minutes, but if you're not comfortable doing it, find someone who is. The benefits far outweigh the minor inconvenience of setting it up.
The second consideration for security is data storage. While this may not apply to everyone, chances are that it applies to many website owners who do not realize that their website is storing personal information. If your website allows users to create logins, it is storing personal information. If you have any kind of form (e.g. "Contact Us", "Join our Newsletter", etc.) on the site, it might be storing personal info, depending on how the form is implemented. If you accept payments on your site, it also might be storing personal info, again depending on how the payment function is implemented.
Note that a data storage breach can have disastrous implications for any business. Besides the loss of confidence in your business, there may also be legal penalties. For instance, the medical profession is governed by the HIPAA laws which provide for a fine of $50,000 per violation (record) and jail time in cases of "willful neglect" where the firm knew they were at risk of a data breach and chose to ignore the problem. In the case of a data breach, it is more likely that multiple records will be accessed, so a single incident HIPAA violation involving many records could easily put a medical practice out of business!
Having secure data storage starts with the web-hosting provider, so this is why it is important to choose a well-known and reliable company that implements good security practices. But secure data storage also relies on you keeping your site software up to date. Even if your hosting company has everything locked down, outdated software might provide an opening. Think of it this way, even if the doors of your house are locked tight, an open window makes it easy for a burglar to slip in.
This third security risk with websites is around the software that implements the web site and web server. Just like with your PC, there are bad actors who are constantly trying to break into your site. We implement security hardening and monitoring for a number of our clients and see multiple hack attempts every day! While best practices such as using non-trivial passwords are important, just like with your PC, there are frequent software updates that must be applied to patch security holes as new "exploits" are discovered.
On the web server side, we are to a great extent reliant on hosting companies to implement strong security practices, so this is again why it is important to deal with a reputable hosting company. I have actually had a customer support rep from one of the larger and immediately recognizable hosting companies admit to me that they intentionally don't upgrade their servers because doing so would increase the likelihood that their customers' sites may break if those customers aren't keeping up with updates on their sites as well. To the hosting company, it is cheaper to deal with the occasional hacked website than to create a lot of support issues for people who don't know better. But for the business owner, a hacked site can be disastrous, even to the point of putting them out of business!
Sadly, for many business owners, their web site is "out of sight, out of mind". Unless they are adding content regularly, many site owners rarely log in to their website's "back end" where the site software updates are made, so they may not even realize that an update is needed. Missing a required update that closes a security gap can have extremely dire consequences! For business owners who don't login to the admin area of their website (and don't want to), we offer Website Care Plans that take this off our clients' plates and give them peace of mind.
Have Peace of Mind
For Less Than a Cup Of Coffee a Day!
We’re half-way through the year now, so that seems to be a good time to look at your mid-year resolutions for your business. Wait. What? Mid-year resolutions?
We’re probably all familiar with personal new-year resolutions. You know, those promises bordering on vows that we make to ourselves around the first of the year to lose weight, get in shape, eat healthier, spend more time reading, etc. How are those working out for you? Yeah, me neither.
What about your business? Did you make new-year resolutions around growth or profitability goals? How about specific things to do to improve your marketing? Expand your portfolio? Tighten up your strategy? Implement some new tactic?
The middle of the year is a perfect time to revisit your goals and plans for the year with an eye toward making necessary adjustments to keep you on track for reaching the finish line in 6 months. And if you haven’t really set any goals or made and concrete plans, what better time to start than right now?
Here are a few ideas for things you can do in your business right now…
The best marketing you can do for your business will involve a solid strategy built around your Ideal Client definition, the Unique Selling (Value) Proposition of your business, and your core values. Resolve to commit a solid strategy to paper and then use it to drive all of your marketing efforts.
Once you have the strategy piece nailed down, map out the “customer journey” or experience you want your prospects and customers to have with your business. Looking at the interactions they have with your business through their eyes will give you the perspective you need to guide them down the path of know, like, and trust that leads to them doing business with you. What opportunities do you see to improve their experience and therefore position your business in the most favorable light?
Review your marketing materials to see if they are all about you and your business, or if they put your prospects at the center of the story. Hint: if you marketing materials use too much “I” or “we” language, they are less likely to connect with their intended audience. People are looking for solutions to their problems, so your marketing materials need to first let your prospects know they are indeed your target audience, then they need to connect on a solutions-to-their-problem level.
Examine the tactics you are using and be sure they are the right ones to connect with your audience, and if they are being used in the optimal way to do so. Meet your prospects where they are on social media, networking, searching for articles to answer the questions or inform them, etc. Keep in mind that different people absorb information in different ways (auditory, visual, experiential, etc) and be sure to have something for everyone you want to reach.
Pay attention to how the technology is changing, and how it can best be used to your business advantage. The world of marketing — especially “digital marketing”, “online marketing”, or “internet marketing” — is constantly evolving. What worked last year may no longer work today, and what is hot today may not have even existed last year. What adjustments do you need to make to your “marketing stack” to ensure optimal results as measured by return on investment of your marketing dollars?
For us, this website, launched less than a week prior to writing this blog article, meets one of our resolutions — that of modernizing our site and making it more visitor-centric. We still have a lot we want to do with it, but that’s the nice thing about approaching a marketing system as an ongoing, evolving process. Specifically, it doesn’t all need to be done at once. The key is to put a plan in place, map it out, and get going on it.
That brings us back to the point of this article. What mid-year resolutions have you made for your business, or more specifically your marketing?
In case you need a reminder about the power that your brand has in your marketing, consider the case of a crime fiction novel published in 2013 by rookie author Robert Galbraith called “The Cuckoo’s Calling”. Despite having positive reviews such as it being a “scintillating debut novel”, and “astonishingly mature”, it sold only 1,500 copies in hard cover form. Then things changed. The novel, you see, was really authored by J.K. Rowling (of Harry Potter fame, in case you didn’t know). Once that little tidbit came to light, sales of the novel took off. It shot up the best seller charts and within days was in the top 3 at amazon.co.uk.
There are many stories of great — and even superior — products that do not survive in the marketplace. If this were not true, the “Tucker ’48” would have propelled the Tucker Corporation into the ranks of Detroit’s “Big Three” auto makers. Microsoft and Intel would not be in the leadership positions that they are today, as they were second-runners when IBM was developing the first PC. And those of us who are old enough to remember videotapes would fondly refer to the “BetaMax Days” before DVDs.
Inc. magazine published an article a few years back titled Why Better Products Don’t Always Win. In that article, authors Karl Stark and Bill Stewart suggest that entrepreneurs “need to shed our rose-colored glasses and instead focus on building what the customer wants.” While this is true, I would also suggest that entrepreneurs and business owners alike also need to focus on their brands.
Your brand is the visible and recognizable manifestation of what sets you and your business apart from your competition. It stems from your core values and unique differences. It becomes part of your very business identity and, over time, it conveys enough “Know, Like, and Trust” that what it is attached to gets an automatic leg up. The brand itself becomes one of your most valuable assets and opens many doors. Just ask J.K. Rowling.
As the saying goes, “what’s old is new again”. Constant innovation in marketing is to be expected. After all, how else can businesses “stay ahead of the curve” and not look “ho-hum” or “me too”? But innovation as it applies to Marketing does not have to mean that everything we know today will be useless tomorrow. In fact, the famous McGraw Hill “Man in the Chair” ad from 1958 is just as relevant a concept today is it was almost 60 years ago although the media used to deliver the message may have changed , as this short video from the Business Marketing Association illustrates. Two ways to deliver marketing messages, Direct Mail and Email Marketing, are making a comeback and may be worth another look for marketing your business.
A few years back, Direct Mail seemed to be dropping off as postage rates went up and the internet became increasingly dominant as the “go to” source of information. Now don’t get me wrong, the internet is still a huge player, and having a “Total Online Presence” for your business is an absolute must. But, the internet is not the only channel that savvy business owners use to market their businesses. Getting someone’s attention using an eye-catching direct mail piece should not be counted out. The US Postal Service has a product offering called “Every Door Direct Mail”, which allows businesses to target specific postal delivery routes at a very attractive rate (at the time this was written, 16 cents per door). This rate undercuts the rates charged by many door flier delivery services, and this affordability, coupled with the widespread availability of high-quality postcard printing at reasonable cost, is creating a lot of renewed interest in Direct Mail.
To be even more effective, rather than “sell” your prospective client, a direct mail piece should direct them to take action in order to learn more. This call to action could be a “mail back for more info” card, a phone number to call for info, or a suggestion to visit your website. The benefit of this two-step approach is that it not only gives you a greater opportunity to build “know, like, and trust” in order to move your prospect toward an eventual sale, but it also allows you to gather contact information in order to implement a “drip marketing” campaign. That brings me to the second “old is new again” topic, Email Marketing.
When Social Media began its meteoric rise, there were those who felt that the era of marketing via email was coming to an end. After all, who was going to bother with email when they could “connect” on Social Media? While leveraging Social Media in marketing definitely has its place, it is not the wholesale replacement for Email Marketing that many thought it might have become. For one thing, many people use “Social” for strictly that and ignore ads placed there. Furthermore, as the Social Media sites take measures to deal with the flood of traffic that their popularity has created, your posts are likely not being seen by all of your friends. So the possibility of something “going viral” — even if only among your friends and their friends — is decreased. Re-enter Email Marketing,
To be effective, Email Marketing must be done right. This means using good looking emails with the “right” content. It also means having them delivered via a reputable service that does not have capacity issues, that is “whitelisted” by Internet Service Providers in order to maximize deliverability, and that contains the features to keep you in compliance with Federal “CAN-SPAM” laws. When it is done right, Email marketing can help publicize special offers, or promote goodwill by getting the word out about your community involvement. It also has much to offer that is useful for implementing two-step marketing campaigns. Giving away a free report or some other value-added piece of content in exchange for contact information that allows regular “touches” via Email can pay large dividends. Email Marketing increases your “know, like, and trust” with your customers and prospects by educating them about you and your business and by keeping you top-of-mind so that when they are ready to buy they call you.
So the next time you want to “change up” your marketing to stay in front of your competition, consider another look at Direct Mail and Email Marketing. They might just break you out of the “same old, same old” and propel you into new growth.
Dive straight into the feedback!Login below and you can start commenting using your own user instantly