How to Hire the Best VAs: 5 Tips For Success

How to Hire the Best VAs: 5 Tips For Success

A VA should be one of the first hires you make as an entrepreneur, and is one of the most important. A motivated, skilled VA can take many of the most time-intensive tasks off your hands, and let you focus on the strategic direction of your business.

Hiring a VA can be a little tricky, however, particularly for entrepreneurs who are inexperienced when it comes to managing the recruitment process. In this guide, we’ll give you a simple process for making sure that you get it right first time.

Do You Need a VA?

First, though, let’s take a more detailed look at whether you need a VA. Spoiler alert: you probably do.

Image: MyTasker.com

If you’ve built your business yourself, it can be difficult to pass over responsibility for key tasks to someone else. The truth, though, is that you are probably doing a lot of tasks that you don’t need to be doing. Whether you are trying to leverage video marketing, or increase your Twitter following, you need to be aware that every task you do has an effective dollar value.

And if you are spending your time on tasks that are of low value to your business, your income is never going to rise.

The first step in hiring a VA is therefore to work out the actual dollar value of all of the tasks you do. Then you can take the lowest-paid tasks, and delegate them to your VA. This approach will also mean that you are sure to see an ROI for your new hire, because you know the exact value of the work they are doing.

Hiring a VA: The Five Steps To Success

Once you’ve decided to take the plunge, there are five steps to making sure you hire the best VA possible.

1. Document The Tasks You Want to Outsource

Once you’ve completed your audit of the tasks you do, you should have a really good idea of which tasks you are going to pass on to your new VA. This list of tasks forms the basis for the hiring process, so make sure that you spend the time to make it comprehensive.

From this list, you can then produce training materials to show your new VA how to complete their tasks, and create a handbook of Standard Operating Procedures (SOIs) for these tasks. To learn how to write effective Standard Operating Procedures, check out this guide.

2. Create a Detailed Job Description

From your task list, you’ll be able to get a good idea of the level of education you are looking for in a VA, and the specific skills they will require. Of particular importance is that they already know how to use all of the systems you use in your business.

You can then work up a Job Description for the VA role. This should include:

  • Background information about your business (your industry, what you sell, and who your clients/customers are)
  • Level of education, experience, and/or skills required
  • List of duties and responsibilities
  • List of any apps, tools, or software they will be using

The more detailed you can be in the job description, the better. Not only does this help you find the right VA for the job, but it also crystallizes your thinking – forcing you to ask, “Who or what, exactly, will this position require??

3. Advertise

The next step is to advertise your role. Though some entrepreneurs like to post jobs on Craigslist, in reality it pays to advertise your position as widely as possible. That way, you can be assured that the best qualified candidates will see it.

There are some sites that are used specifically to hire VAs, and they are a great place to start:

4. Schedule Interviews

Webinar, Conferencing, Video, Beverage, Call, Cam, ChatImage: Pixabay

Now we get to the most difficult part of any hiring process: finding the best candidate. After you’ve reviewed the applications you receive, you should immediately have a good idea of the 5 – 10 most qualified candidates for the role.

Schedule interviews with these candidates. Video calls are great for this, because you can quickly find out how easy it is to communicate with your candidates, and what it will be like to work with them.

You should definitely ask about their work experience and skills, but don’t stop there. It’s also important to ask candidates about their hobbies, how they like to work, and their values.

Conflicting values can quickly become a source of friction in a relationship, particularly when it comes to the value of security and privacy. As Will Ellis, Director of Research at security advocacy group Privacy Australia points out, “you need to ensure that all of your staff take your business as seriously as you do.”

With growing concerns over cybersecurity and data privacy, every VA you hire is a potential point of attack for would-be hackers through social engineering attacks. When conducting interviews, it’s important to filter out any candidates that have a cavalier attitude towards their own privacy, because they would carry that behavior into your business as well.

5. Trial Periods

Once you’ve identified the top candidate, you should hire them on a trial basis to begin with. Even if you are hiring them with the expectation that they will work with you for years, regular goal setting and performance management is the key to any successful business relationship.

This trial period can last for anything from one month to six months, and provides a chance for you to work out any issues with your new VA before you commit to a longer relationship. You should formalize this trial period in the contract you sign with your new VA, but also make the way that you will assess them open and transparent.

The Future

If you’ve followed these steps, you should be well on your way to having a great VA by your side. However, if the selection of real-life humans seems like simply too much for you right now, you should also have a look at AI Virtual Assistants: whilst AI solutions are not (yet) quite as good as humans, it might be that in a few years everyone has an AI assistant as well.

For now, though, hiring a VA is one of the most cost-effective decisions any entrepreneur can make. As long, that is, as they hire the right person.

 

Dan Fries is a freelance writer and full stack Rust developer. He looks for convergence in technology trends, with specific interests in cybersecurity, micro mobility, and smart cities. Dan enjoys snowboarding and is based in Hong Kong with his pet beagle, Teddy. His website is danfries.net.
How To Value Organic Traffic in an Acquisition

How To Value Organic Traffic in an Acquisition

Valuing organic traffic can be tricky, whether you are looking at your own sites or looking to acquire a new one.

There is a tendency to regard organic traffic as ‘free’, in the sense that you are not paying for each visit, and so it’s often overlooked in budgets for digital marketing. In addition, organic traffic is often overstated or overestimated when sellers attempt to determine the value of their website.

In this article, I’ll give you a relatively easy way of assessing the monetary value of organic traffic.

The Basic Formula

In order to calculate the value of organic traffic, we’re going to use the following formula:

Estimated monthly value = Total monthly searches * CTR[Position] * Value per visit

To be clear, the terms we are talking about here are:

  • Estimated Monthly Value is the total value created (per month) for a particular keyword.
  • Total Monthly Searches is the monthly search volume of a particular keyword.
  • CTR[Position] is the estimated click-through rate for a keyword, based on the current or target page rank.
  • Value per visit is an estimated value per visit.

This seems pretty straightforward, right?

The only slight issue is that some of these terms can be a little difficult to calculate in themselves. So let’s go through them one at a time.

1. Total Monthly Searches

Calculating the average monthly searches for a keyword is probably the easiest part of this process, and if you are an experienced SEO marketer you likely already know how to do this.

There are two tools that can be used to do this: Google AdWords’ Keyword Planner, and the Ahrefs Keywords Explorer. The Google system is free, but won’t give you so much data. The Ahrefs tool costs $99 / month, but will give you a lot more detail.

Let’s assume you are using Google Adwords. The process is pretty simple: just tell the system which search terms you are interested in. The results will look something like this:

calculation in google keyword planner - total monthly searches

The data we are interested in here is in the “average monthly searches” column. As you can see, Google will only give you a range, rather than a specific number. Ahrefs will provide the actual number.

In any case, make a note of this number, and also the ‘suggested bid’ value, because we will use that in step 3.

2. CTR

Now we will calculate the click-through rate (CTR). A higher rank on Google will translate to a higher CTR, but up until now it was a little difficult to see the exact numbers.

Now, though, Advanced Web Ranking (and other rank trackers) has made a great tool that tracks search rankings versus the click-through rate (CTR). This tool will tell us what percentage of searchers are likely to click on our link, based on the position that the site achieves in the Google rank.

At this point, you’ll notice that the site that is ranked #1 will get a huge amount of the CTR for a particular keyword. In fact, for most keywords the top-ranked site will take 35% of the clicks, and an additional 31% on top of that if you have the featured snippet. (SEO a winner take most game.)

So let’s say that the site you are looking to acquire is #1 for a particular keyword. You know now the monthly search volume (from step 1) and the CTR.

Let’s say that the monthly search volume for your keyword is 14,000, and the CTR for the site’s position is 35%. We can put these into the equation we started with:

Estimated monthly value = 14,000 (Search volume) * 0.35 (CTR[#1]) * Value per visit

We’re getting there… But now comes the difficult part.

3. Value Per Visit

The value per visit is necessary in order to put a dollar value on organic traffic, but it can be tricky to calculate. In recent years, the best eCommerce platforms have started to calculate this figure for you, but in an acquisition you’ll have to calculate it by hand.

There are a couple of ways of doing that, but I’ll show you a simple one:

Take the figure that we saved from Step 1, the ‘suggested bid’. This is what Google thinks traffic is worth for your keyword, and it calculates this based on the money you would have paid to get those visits to your site.

As a result, this method only quantifies how much you would pay for a PPC campaign to get similar traffic to your website. But it does not ascribe any value to the actual revenue that you generate from it.

Still, this method has the advantage that the numbers are easy to obtain, so let’s run with it for now.

Let’s say that the suggested bid value for your keyword is $0.64.

Now we have everything we need to calculate the value of organic traffic for a site.

Putting It All Together

So let’s pull all these numbers together into the formula we started with. The original formula was:

Estimated month value = Total monthly searches * CTR[Position] * Value per visit

And now we know these numbers:

  • Total monthly searches = 14,000
  • CTR[Position] = 35%
  • Value per visit = $0.64

So now do the math:

Estimated monthly value = 14,000 * 0.35 * $0.64

= $3,136 per month

The Bottom Line

Though we’ve done this process for just one keyword, it’s worth working through the math for a few different keywords in order to see which are most valuable, and give you the best ROI.

Once you’ve done that, it is fairly easy to work out if the money you are planning to spend on an acquisition is worth it. By comparing your investment with the value of the organic search traffic we’ve just calculated, you can see how many months it will take for you to make a return on your investment.

 

Dan Fries is a freelance writer and full stack Rust developer. He looks for convergence in technology trends, with specific interests in cybersecurity, micro mobility, and smart cities. Dan enjoys snowboarding and is based in Hong Kong with his pet beagle, Teddy. His website is danfries.net.
6 Essential Software Upgrades When Buying & Selling Websites

6 Essential Software Upgrades When Buying & Selling Websites

These days, many of the most popular companies across the globe are entirely web-based, meaning all of their products and services are offered over the internet. Like real estate in the real world, websites are now thought of as investment opportunities with the potential for their monetary worth to grow substantially over time.

The marketplace for website transactions is constantly growing, with both buyers and sellers looking to get in on the action. No matter what side of the trade you are involved with, you will want to be sure that the website up for sale is a valuable property with strong technology behind it.

In this article, we’ll discuss several software categories that matter most when buying or selling websites. Upgrading to new tools will show a commitment to growth and stability.

1. Cloud Hosting and Storage

software upgrades chart for cloud hosting plansImage courtesy of Hello2Hosting.com

Today’s website investor is only interested in properties that are hosted in the cloud. They don’t want to have to worry about setting up and maintaining their own servers or managing a data center. With the cloud, those responsibilities are outsourced to a hosting provider and paid for at monthly rates.

To show your website in its best light, it needs to be optimized for speed and performance. If not, the value of the website can sink due to the fact that visitors are unlikely to spend much time or money when pages don’t load reliably.

Different cloud hosts specialize in different types of websites. If your property is primarily a blogging enterprise, then it makes sense to use a platform like Kinsta, which was specifically designed to manage the WordPress content management system and provides support for migrating WordPress content across hosting solutions.

The bottom line is that, depending on your present hosting arrangement, an upgrade in this area may significantly drive the value of your website up.

2. SEO Optimization Software

 

seo software upgrades lifecycle chartImage Courtesy of TemplateTrip.com

Website buyers want assurance that the property they are investing in has a good reputation and looks strong in Google’s eyes. This is what makes search engine optimization (SEO) so critical before and during website sales. Though not cheap, options like a subscription to Ahrefs or SEMRush should be mandatory.

Poor or inattentive SEO will leave the website floundering on the second or third (or worse) page of search rankings, meaning fewer visitors will find it and – all together now – driving down the value. A new website owner may feel forced to spend more on advertising to try to attract users and that expense is coming out of the sale price. Strong SEO metrics does the exact opposite, acting almost like free marketing and making the site a more valuable asset.

In the early days of the internet, improving SEO was as simple as researching good keywords in the content for search engines to index. With the considerably stiffer competition these days, more expertise is required and upgrading to a pricey keyword tool can help reduce the time and increase the effectiveness of the process.

3. Marketing Tools

During negotiations of a website sale, often the most critical factor is the marketing performance and related metrics. Buyers want to see strong return on investment (ROI) and conversion rates, which track how often the content results in a desired action by a customer or visitor – we’re talking about clicks, purchases, or email list signups.

Third party tools like Sumo can help to strengthen marketing efforts and make websites more appealing in transactions. It’s important to show growth, as investors want to have confidence that any website they purchase is on an upward trend rather than flat-lining or dropping.

Website investors want to see modern, proactive strategies in place when it comes to marketing. Active email campaigns (which need their own tools to be done properly – MailChimp and Mailerlite are leading solutions), a strong social media presence, and content that includes video can make a property more valuable as it points to growth rather than decline.

4. Cybersecurity: Firewall, VPN, and Security Suite 

cybersecurity software upgrades to protect your business
Image Courtesy of LehighValleyChamber.org

Cybersecurity is no longer an esoteric topic reserved for high level computer science classes at the local university. The incredible growth rate of hacking attempts and successes has created an environment that forces any website owner to make security a priority or suffer the consequences. The bad news is that there isn’t much demand for a site that’s infected with viruses, malware, or has recently suffered a data breach.

The good news is that you don’t have to be a cybersecurity expert to put into place strategies that incorporate effective security software that make it harder for hackers to compromise the website. The three critical areas to pay attention to are firewalls, a virtual private network (VPN), and an anti-virus/anti-malware security suite. And don’t forget to install new updates as soon as they become available. The following is a quick review in case you’re not familiar with these security software tools.

Firewall: A firewall sets up a sort of perimeter defense that separates trusted from unknown traffic and filters out the latter. Actually, it does a lot more than that but here’s a quick rundown on why you want one.

Virtual Private Network: If the website collects or stores any sort of private data (and most do), recent GDPR regulations related to privacy make choosing a VPN any time you connect to the front or backend almost mandatory. The bottom line is that the encryption and IP address cloaking are an excellent defense against the rash of continuing data breaches.

Security Suite: There are a handful of effective choices in this part of the online security industry, any of which provide solid anti-virus and anti-malware protection. To choose not to use one is virtual website suicide. With the average small business site being probed by hackers 44 times per day, an infection is almost certain if you don’t take this precaution.

5. Customer Service Software 

Acquiring new customers is a great way to grow an online business, but unless you keep those users happy, you will not build a valuable property. The goal should always be to retain current customers and find ways to boost their activity on your website. Poor customer service will hurt a company’s reputation. Nobody wants to buy into a bad service experience.

When it comes to online stores and service providers, customers expect fast, accurate answers to any questions or issues they encounter. A tool like Intercom helps to funnel all customer communication into a single stream so that you can manage it from a central location. Intercom offers real-time chat solutions that can be easily integrated with your existing platform.

6. Activity Tracking Tools

When a website if first put up for sale, potential buyers want to see fundamental data about past performance. If key metrics like unique visitors per month are not available, then it is very unlikely that a deal will be done. So before trying to sell any online properties, make sure to have an activity tracking solution in place. The further back it goes, the better.

Third-party tools like Crazy Egg take care of most of the grunt work. You simply add a few lines of code to your website and let it track all of your visitor activity, making it one of the easiest software upgrades on this list. Crazy Egg also leverages machine learning algorithms to automatically make suggestions on how to improve your website performance and retain more users.

The Bottom Line: Essential Software Upgrades

Websites can be great investment opportunities. It’s like a store that’s open for business 24/7/365. But in order to take full advantage of this business strategy, you have to understand what drives the price of a website up or down. As we’ve just discussed, some factors include marketing performance, SEO metrics, and customer service reputation.

Like a house flipper, you want to seek out opportunities to boost a website’s value in a hurry. Upgrading the software behind a website can prove to potential buyers that there are significant growth opportunities. You don’t need to find the next Amazon or Netflix in order to make a nice profit on a website sale; you simply need to identify a property with high potential and strong marketing fundamentals.

 

Dan Fries is a freelance writer and full stack Rust developer. He looks for convergence in technology trends, with specific interests in cybersecurity, micro mobility, and smart cities. Dan enjoys snowboarding and is based in Hong Kong with his pet beagle, Teddy. His website is danfries.net.
Data Breaches Big and Small: What Can We Learn?

Data Breaches Big and Small: What Can We Learn?

Author bio

Dan Fries is a freelance writer and full stack Rust developer. He looks for convergence in technology trends, with specific interests in cybersecurity, micro mobility, and smart cities. Dan enjoys snowboarding and is based in Hong Kong with his pet beagle, Teddy. His website is danfries.net.


 

If you own an online business or website, you need to actively take meaures to prevent a data breach. If you are considering selling your online business, you should make sure your across the best security practicesYou’ve probably heard that those who don’t learn the lessons from history will repeat its mistakes. In the world of cyber-security, failing to heed that advice could have devastating effects on your reputation and bottom line. 

 

That’s exactly what seems to have happened in 2018, which smashed all records set in 2017, itself a jaw-dropping year for data breaches. Not only was there major chaos in terms of financial loss and damaged reputations for corporate giants, about 60% of reported breaches targeted small businesses. Those are the ones that rarely make the news.

 

Only 10 percent of cybercrimes are even reported, so imagine how the actual numbers add up. 

 

Digging into Breaches

 

What kind of malfeasance are we talking about? More than half of the leaks exposed customer information, and a whopping 46% or more leaked credit card and other financial records, including account numbers. 

 

One of the most dangerous times for small companies is during a merger. With so many larger companies buying up smaller businesses and online properties changing hands like it was a poker game, all parties involved need to take care they don’t inadvertently release privileged data in the process

 

What can you learn from big and small data breaches in order to prevent future grief? 

 

Without further ado, and in no particular order, here are a few of our “favorite” breaches of 2018 and a handful of case studies to provide context and additional insight.

 

1. British Airways

From August 21 – September 5, hackers were able to access credit card payments of 380,000 travelers on both the airline website and mobile app. 

 

2. Orbitz

The travel aggregation portal experienced a database hack that exposed the credit card information of 880,000 travelers who booked through their website between January 1, 2016 and December 22, 2017. The hack wasn’t discovered until a year later.

 

3. SingHealth

Singapore’s health care information system was hacked in an attempt to gain information about the Prime Minister’s health. In the process, the hackers exposed the patient histories, names, and addresses of 1.5 million other citizens.

 

4. T-Mobile

On August 20, 2018, the telecommunications giant was hacked via an API interface. Encrypted passwords and billing information of two million customers was exposed. 

 

5. Saks/Lord and Taylor

On an undisclosed date (because no one is sure when) the credit card information of five million customers was accessed. The hacking group JokerStash claimed responsibility.

 

6. Timehop

From December 2017 to July 2018, names, addresses, and some phone numbers of 21 million Timehop members were left vulnerable due to insufficient authentication in their cloud computing environment.

 

7. Ticketfly

The online ticket seller was hacked by someone calling themselves “IsHaKdZ”. Personal information of 27 million customers was exposed. 

 

8. Facebook

It was a banner year for the social media giant. In addition to their problems with third-party data sales and congressional hearings, the accounts of 29 million users were exposed when hackers gained access tokens to their accounts. This occurred from July 2017 to September 2018.

 

9. Chegg

Personal information, shipping addresses, user names, and passwords of 40 million customers were accessed by an “unauthorized person” between April 29, 2018 and September 19, 2018. The eCommerce website is an online retailer selling such brands as EasyBib.

 

10. Google+

Personal information of 52.5 million account holders, including employers and job titles, was exposed due to a software glitch. This happened from March 2015 to 2018, and again from November 7 to November 13, 2018. Google has since shut down this platform for good.

 

One of the most dangerous times for small companies is during a merger. With so many larger companies buying up smaller businesses and online properties changing hands like it was a poker game, all parties involved need to take care they don’t inadvertently release privileged data in the process.

Data Breach Case Studies

Behind each data breach or leak lies a personal story of a company that didn’t pay attention to details. Taking a deeper dive into a few of them might more seriously demonstrate the gravity of what can happen when security isn’t emphasized. Does your business have the resources to withstand a million-dollar leak? How about $100,000? Most companies don’t. In fact, most small companies will go out of business within six months of a data breach, even without the negative publicity. Almost as bad as the difficulty you’ll likely encounter trying to sell a website with a data breach history.

 

Case Study: Aadhaar

Customers affected: 1.1 billion

What Happened?

 

Aadhaar is the national database that contains all Indian government identification cards. The database not only holds names and ID numbers but also biometric information like iris scans and fingerprints. Although registration in this database isn’t mandatory, some 1.1 billion Indian residents are enrolled. 

 

The system is used for everything from registering a sim card to obtaining government benefits. It was accessed via a leak from the state-owned utility company, Indane, allowing anyone with access to their website to download customer ID numbers. It was due to a vulnerable endpoint, something that is easily patched. 

 

This isn’t the first time the Aadhaar system has had security issues. The company has suffered numerous breaches, and the government did nothing about this latest leak for weeks, calling it fake news when the public learned of the breach. 

 

Key takeaway: Digging deeper into the breach, we find that the problem can actually be traced to Indane, an Indian LPG gas company with vendor access to Aardhaar but which was leaking data through unsecured website endpoints. Whether Indane specialized in incompetence or simply tried to cut website hosting costs related to development is unclear, but the bottom line lesson remains that a government database is only as secure as the vendors allowed to access it.  

 

 

Case Study: Starwood Hotels

Customers affected: 500 million records

What happened?

 

As we can see from numerous cases, hotels are a prime target for hackers and breaches. They hold credit card information for reservations and the dates that people will be away from their homes. This is an open invitation to various means of theft. 

 

In the case of Starwood, parent company of the Marriott chain, the guest database experienced “unauthorized access” that was only discovered on September 10, 2018, but the leaks may have been ongoing as far back as 2014. The database contained not only guest names, addresses, and phone numbers, but credit card information, reservation dates, and passport numbers. What a treasure trove for thieves!

 

Key takeaway: Starwood failed to implement even basic security strategies. Though the company has been short on details, it seems hackers were basically living on their servers. One method of entry was infiltration of a POS system. For a nominal fee, the best VPNs available today would have encrypted their POS network, ensuring that any leaked customer data stayed private. 

 

Additionally, in the case of Starwood, the guest database was not protected until November 2018, two months after the breach was discovered. Security suite software and a robust firewall might have prevented THIS unauthorized ingress. Since the company has hotels all over Europe, it’s also left itself open to potential fines of up to 4% of gross revenues under the new GDPR regulations

 

Case Study: PATCO Construction 

Customers affected: The company

What happened?

 

A Trojan Horse virus was slipped into the company’s system, allowing thieves to access their corporate account and drain it to the tune of just over half a million dollars in less than a week. The company was able to recoup just under $200,000 of the money, though they initially failed in a lawsuit against the bank that handles ACH transfers, which they believe didn’t use reasonable security during wire transfers. They won on appeal, but still had to pay interest on hundreds of thousands in overdraft fees.

 

Key takeaway: Before you conduct any business electronically, make sure that the bank and any third-parties involved in conducting transfers and other financial business use adequate security. You should also ask how they handle data breaches in the case that any occur.

 

How to Protect Yourself and Customers

 

What happened to Volunteer Voyages demonstrates that small business owners don’t have much recourse after the fact. If the banks won’t reimburse you and police have trouble catching cyber criminals, what’s left?

 

We’ve touched on the idea that a data breach can make it hard to sell an online business. At the very least, expect it to drive down the valuation to the point that your profit potential is downright depressing. Consider the following steps to boost site security for a reasonable expense. The money spent will likely be far less than the financial hit you’ll take in the event of a data leak or breach. 

 

The most important thing you can do is learn about data protection, and make sure that all of your employees and subcontractors understand the process and necessity. The second step is to perform a thorough assessment of where your network stands on cybersecurity. If you don’t have qualified personnel on-staff, outsource an audit to a reputable security consulting firm. However, the knowledge you gain is meaningless unless you use it, which is step three. 

 

The most relevant data security measures you can employ are:

 

  • Install a firewall

 

  • Buy security tools like an anti-virus software that are made especially for small businesses.

 

  • Evaluate and redesign security protocols to meet today’s threats.

 

  • Use a VPN with high-grade encryption and privacy protection on every network and connected device used by you, your employees, and vendors.

 

  • Educate staff about passwords. 

With a full 81% of breaches traced to weak or repetitive passwords, simply tending to this one area could greatly reduce your exposure to hacker mischief. Today’s acceptable passwords should be long and convoluted to evade ever-stronger cracking techniques.

Rather than try to manage passwords with faulty human brainpower, organizations should use password management software and two-factor authentication (2FA). This puts your computer to work creating and managing company passwords and forces a two-step login process that requires a second key generated to a different device (like your smartphone) in addition to the one you’re trying to log into.   

 

Final Thoughts

 

With a full 81% of breaches traced to weak or repetitive passwords, simply tending to this one area could greatly reduce your exposure to hacker mischief. Today’s acceptable passwords should be long and convoluted to evade ever-stronger cracking techniques. 

 

 

Don’t allow your company to become another statistic. You can avoid being the next hard-luck tech story by taking the offensive when it comes to data protection. 

 

Effective, enterprise-wide employee training, comprehensive security solutions, and automation are all best practices to incorporate without breaking your budget. Start today because tomorrow might be the day you get hacked.

6 security best practices leading up to a sale

6 security best practices leading up to a sale

Author bio

Dan Fries is a freelance writer and full stack Rust developer. He looks for convergence in technology trends, with specific interests in cybersecurity, micro mobility, and smart cities. Dan enjoys snowboarding and is based in Hong Kong with his pet beagle, Teddy. His website is danfries.net.


 

If there is any one thing that is absolutely essential to surviving the eCommerce landscape in today’s world, it’s data security.

 

Too often online businesses overlook data security by focusing more on marketing strategies to gain more sales, but the truth is that data security can have a huge effect on your sales as well (not to mention your reputation).

 

“Roughly 60% of online customers today say that they are wary of data breaches, and if they find businesses with compromised payment systems, they’re simply going to find somewhere else to spend their money.”

 

The most successful businesses right now are learning to incorporate the best security practices that lead up to a sale, and not just security that is a byproduct of their organization. With that in mind, here are the top security practices to follow leading up to a sale:

 

1. Migrating Servers & Content

It’s no secret that content gets migrated all the time, as part of a transfer of ownership or simply for a site redesign. Often a business starts with a server provider that is basic and unable to keep up with speed and performance as the company expands its online audience.

For example, many businesses struggle to choose between a website or blog and then start to outgrow the bandwidth and limitations provided. Making the transition to a larger, more reliable server is always a good thing for growing businesses. Unfortunately, it also comes with some significant security risks.

Imagine losing some or all of your important data in the transition. Or imagine personal customer information getting breached during the migration. As a result, you need to make sure security helps sales by making every migration to a more secure server, where it can be one hundred percent safe.

Microsoft’s Storage Migration Service can you help make the transition the most effectively and with as few of security vulnerabilities as possible. Once all the data is transferred, you can then rest more soundly knowing the information is now stored on a more reliable host.

 

2. Controlling Employee Permissions

The CISO or CSO of an organization is not only a guardian of personal data and keeping the company and its technological procedures safe, but is also a curator and custodian of the overall brand.

Security teams should have their hands in every single detail of day-to-day operations, with the goals of defending company assets, meeting market criteria and compliance, and implementing the right technologies at the right times.

Like a ranking order of a military, your employees should also have different permission levels when it comes to helping generate sales. Not every employee should have the exact same access to your systems.

Only the most trustworthy people should have access to the most sensitive information. Apps like Square Employee Management can constantly let your IT team adjust and monitor permissions.

Keeping control of your back end prevents unnecessary leaks and breaches, leading to safer day to day operations. Furthermore, it becomes a domino effect as it builds trust with your customers, knowing you are reputable and take security seriously, knowing they can trust their personal information with you.

 

3. Integrating to the Cloud

There is a reason why so many organizations have moved to the cloud: the cloud has allowed information, and especially sensitive data, to get stored more securely.

Of course, this is a gigantic element of many businesses that care about safety and security. So if your business has not already made the transition, the cloud needs to be your answer if you want to cut costs and improve security. More than 70% of companies in the U.S. now use some form of cloud software — don’t be left behind, and left vulnerable.

Sensitive information that is stored on a computer is no longer the best method. If the computer gets hijacked, lost, or stolen, then everything is compromised. Cloud-based data is encrypted, making it extremely secure and reliable.

 

Are you looking for a premier cloud service? Dropbox, Nextcloud, Google Drive, iCloud, SpiderOak and OneDrive are among the most popular.

 

4. Compliance and Data Privacy

Due to the massive amount of information that is stored and transferred digitally these days, requirements to keep customers information is not only a thing that any company should do to remain ethical but also a legal matter.

More of the developed world is creating compliance procedures and other regulations that businesses must follow. So you’re also supporting and following the law when you act compliant.

Online forms, for example, are a great means for collecting customer information. However, you need to adhere to certain procedures in order to remain compliant. GDPR and CCPA are two examples of compliance measure that are implemented to help protect consumer privacy.

Depending on the industry you operate in, you may have additional measures you need to take. For example, an insurance company has to notify customers what personal data is being tracked and what is not.

Companies that work in the healthcare industry must stick to HIPAA compliant forms and utilize security practices provided by HiTRUST. Failure to secure sensitive data can end up costing a company heavily, including potentially the closing down of the business permanently. The fines can range from $100 to $50,000 per violation, depending on the violation and the severity of the security breach.

 

5. Implement Employee Security Protocols

What you can control the most about your sales is not external, but rather internal matters. In addition to many of the other security practices that help build a client vs. customer trust, organizations much also build management vs. employee trust where you know every single employee, regardless if they are IT or not, are mindful of the best security practices.

 

Even salesman need to understand the basics of cybersecurity in order to contribute to the overall growth and well-being of the company.

Questions you can ask yourself include:

 

  • What are the best practices for accepting credit cards online?
  • What changes in the online payment technology are evolving and how are you adapting?
  • What are the latest security threats and vulnerabilities that target customer credit card and bank account information?

 

All of your employees need to understand that they are responsible for maintaining security protocols in every interaction. According to a study done by Kaspersky, 46% of the businesses surveyed stated that data breaches only happened after irresponsible employees did not follow security protocols. If there isn’t a protocol in place, this is the best time to implement one.

 

6. Transferring SSL Certificates

SSL certificates are a website’s best friend and when it comes to business practices you need to have one in order to expect any reasonable and logical person to entrust you with their personal or financial information.

When a domain gets transferred it must remain secure either with an existing SSL certification or by setting up a new one. In the first security practice section, we covered migrating servers. This is where it becomes applicable.

According to a report from AccuRanker, SSL is not only a ‘nice security feature’ but mandatory if you want to rank well on Google and other search engines. Google now has mandates that require all websites it lists as having to provide an SSL.

Rankings sometimes get impacted negatively when an SSL certificate is changed or updated. It may result in a temporary drop in rankings for your business, although within a few days it should recuperate. Your web host can also help you troubleshoot the problem if it’s still affecting rankings (and therefore sales).

 

Conclusion

Wrapping everything up, we can see that:

  • eCommerce security must be one of your top priorities.
  • Migrating data can put your data at risk.
  • You need to train your employees on proper security protocols.
  • Not all employees are the same; limit their access and permissions.
  • The cloud is great but can be dangerous if not properly secured.
  • There might be more security compliance codes you need to follow.
  • A website MUST have an SSL certificate for any financial or customer sensitive information.

 

In order to keep sales strong and build up trust with customers, consider all of the security practices listed above and implement them immediately if you have not done so already.

 

While it may seem trivial at the moment, it is better to address these issues before something and/or someone messes up. Unfortunately, the human element leads to too many cyber breaches each year. You can work on reducing that in your company through proper security protocols and training. Now is the time to make sure your data is secured properly.