Archive for October, 2008

Fire Prevention Week

Friday, October 31st, 2008

Fire Prevention Week falls during the month of October and with it, a new Fire Safety Census was published by Liberty Mutual Insurance Company and the International Association of Fire Fighters (“IAFF”). The survey revealed that many people unknowingly engage in risky behaviors and while nearly all respondents expressed concern about fire safety, many did not take basic precautions, such as checking out home smoke alarms or learning how to use a fire extinguisher. Based on the survey results, Liberty Mutual and the IAFF have put forward fire safety recommendations:

  • Test smoke alarms once a month.
  • Change smoke alarm batteries once a year – at an easy-to-remember time, such as when clocks are changed.
  • Replace a smoke alarm that’s more than 10 years old
  • Buy a fire extinguisher, mount it, and learn how to use it. Revisit the instructions every six months.
  • Never leave burning candles unattended or near combustible materials – home fires caused by candles have doubled in the past decade.
  • If a fire alarm sounds, or smoke is visible, evacuate first and then call the fire department.
  • Close doors behind you when leaving the room and building to slow the spread of fire and smoke.
  • Plan an escape route that shows two ways out of each room.
  • Identify a meeting place near the home.
  • Practice an escape plan – during the day and night – at least twice a year.
  • Talk to children frequently about preventing fires and escaping fires.
  • Do not leave a dryer on unattended.
  • Do not leave a stove or oven on unattended.
  • Keep portable heaters at least three feet away from all combustible materials and never leave them on unattended.
  • Never disable a smoke alarm.
  • Do not overload power strips.
  • Turn holiday lights off when not at home.

For more information on the survey and fire safety tips go to

Who Can Help?

Monday, October 27th, 2008

I recently had the experience of four fraudulent charges appearing on my credit card. I contacted the online merchants where the sales were made and learned of what appears to be a mill for the fraudulent use of credit cards. One merchant where my card had been improperly used to pay for goods determined that the same buyer with the same shipping address had attempted to put through more than 40 charges in the exact same dollar amount within a ten-minute period online. I also, after properly identifying myself as the holder of the credit card that was used to make the purchases, obtained the address to which the goods were to be shipped.

Getting help in dealing with credit card fraud is difficult because unless the purchases improperly charged to your account exceed $2,000, federal law enforcement generally won’t get involved. And with the sheer volume of card misuse, local officials cannot investigate every claim. So with little risk and some reward, incentives exist for credit card fraud to continue. Moreover, since card holders can obtain some protection from the card-issuing bank, they are not terribly motivated to invest much time in pursuing the matter, leaving the fraudsters to go on to victimize someone else.  I recommend a different approach: I obtained the address to which the goods improperly purchased on my credit card were to be shipped from the online vendor. This is the point in the transaction where the user of a stolen credit card has to step out of the shadows; otherwise, if he cannot take possession of the goods he has purchased on someone else’s credit card, it was all for nothing.

The risk for him is that if he has the goods shipped to his real address, that provides a means to identify him as the card thief. But if he has the goods shipped to a phony address, he will likely not receive them. So what is commonly done is that the thief will have the goods shipped to a street that exists, but the numbered address on the street does not. For this to work, he needs an accomplice who works with the shipping company who covers that route to know that any goods shipped to 123 Apple Drive, for example, are to be forwarded to him at another address. Apple Drive must exist within the identified city, state and zip code or else the package delivery service’s software will reject the package and return it to the sender. But if “123 Apple Drive” does not exist, there is a means to use that address to re-route purchased goods.

I discovered that the online merchants where my credit card was improperly used were instructed to ship the purchases to a street that exists within the city of Las Vegas at the correct zip code given, but the street number does not exist. I also discovered that in all four cases, the card thief elected the same delivery service. I wrote a letter with the pertinent information and all the relevant documentation I could obtain to the delivery service and requested that they investigate the matter internally. They replied to me that they would do so. I hope that the delivery service attempts to deliver a package to that phony address to track what happens to it. If more people alerted the delivery services in such instances, we could change the risk-reward equation for those who engage in credit card fraud and reduce the incidence of such abuse.

You’ve Got (Too Much) Mail

Tuesday, October 21st, 2008

IBM posted a podcast and report appropriate titled “You’ve Got (Too Much) Mail” that is worth checking out. It deals with the topic we called “info-stress” in the first edition of Prepare for the Worst, Plan for the Best: Disaster Preparedness and Recovery for Small Businesses. This is the phenomenon of being overwhelmed with unnecessary information through e-mails, facsimile messages, postal mail, telephone calls and other communication channels, such that you cannot claim time for what is truly important. What does this have to do with preparing for or recovering from a disaster? Should your small business be in disaster recovery mode, you will have to focus on the truly critical, so I advise you to weed out the info-spam time wasters now. You will benefit from an immediate improvement in productivity and reduced stress, even if disaster never strikes. IBM’s brief report contains some good suggestions.

Private, but Not Anonymous

Wednesday, October 15th, 2008


I was encouraged by a recent report that a U.S. federal court shut down the world’s largest spam operator. Not that I believe that this action will slow the tide of spam; indeed, the last time that the federal government shut down a spam operator, other players stepped in to fill the void, increasing the overall volume of spam. What I found encouraging was that three million Americans took the time to file complaints against this particular spam operator. But given the economic payoff of spam – it costs nothing to send and only a miniscule proportion of responses is necessary to make it profitable – it is unlikely that government or regulatory action can stop it. Market mechanisms are needed to change the risk/reward ratio for the spam operators.

Seth Godin had an interesting insight: he questioned what would happen if Google were to charge $1 annually for its Gmail accounts, payable on a valid credit card, rather than allow free account access? And what if Google would fine violaters of their anti-spam rules? They could change the rules of the game for spammers, as Google e-mails would be more readily accepted for their anti-spam provisions. Journalists have also taken matters into their own hands to reduce spam volume by sanctioning public relations firms that abuse them with frivolous, irrelevant pitches. Some journalists will “out” the offenders in trade communications, while others will blacklist them such that the p.r. firm pays a penalty in that future communications are not accepted in the journalist’s e-mail inbox. One reporter from the New York Times even went so far as to publish a spam pitch from a named p.r. firm to embarrass them into stopping.

Of course, such measures that the journalists are undertaking divert their time from more productive pursuits. But they are an attempt to address the anonymity that allows spam abuse to continue, by changing the risk/reward ratios for the perpetrators. Ultimately it is this market action that will address this abuse; the Federal Trade Commission is impotent to stop the spam tsunami, its recent enforcement action notwithstanding.

Disaster Loans for Economic Catastrophes?

Monday, October 13th, 2008

Senator John Kerry, Chairman of the Small Business and Entrepreneurship Committee of the U.S. Senate, recently introduced legislation that would treat the current credit crisis as a federal disaster. If passed, this legislation would enable the Small Business Administration to guarantee private low-interest loans to small businesses, along the lines of what is currently done with the SBA disaster loan program. Senator Kerry compared the recent events around the credit crisis to the extension of aid following the September 11th terrorist attacks which, he noted, put $2 billion into local economies. I am extremely skeptical of this proposal; it appears to me to be a sop to dilute criticism of a bail-out of Wall Street by appearing to redistribute aid to other constituents.

Recall exactly what did happen as a consequence of the 9-11 SBA programs: a 2005 Senate review found that many of the loans went to small businesses that did not appear to be harmed by the terrorist attacks. Only 15% of the cases reviewed by the Senator Kerry’s committee showed evidence of disaster-related losses; the remainder had insufficient or questionable documentation. The more egregious cases of small businesses receiving 9-11 disaster loan aid included the now-infamous doughnut franchise in Oregon, a Nevada tanning salon, a liquor store in Georgia and a golf course in Texas. I also note that this “aid” is provided on very different terms to small businesses than the disaster bail-outs routinely extended to large corporations: small business owners are personally liable for their liabilities and must provide personal guarantees. It appears to me as though the Senate Small Business and Entrepreneurship Committee failed to learn the lessons of 9-11 and of other failed disaster relief programs.

October is National Cyber Security Awareness Month

Saturday, October 11th, 2008

Beware of botsDid you know that 71% of Americans are unaware of the fastest growing security threat, which is, according to the National Cyber Security Alliance, bots? Bots, a term derived from the shorthand of Web robots, are malicious software codes that seize control of computers. Without the user’s knowledge, a bot can commandeer the computer to send spam, host phishing sites or infect other computers with mal-ware. The bot can also harvest personal data, such as social security information that can be used for malicious purposes. Stefan provided tech assistance to a small business owner, a jewelry designer and retailer whose computer network had been taken over by bots. The bots used her small business network as a platform to spam the world with the punitive consequence that many Internet service providers blacklisted her business. Indeed, it was not until her own legitimate e-mails were returned to her as undeliverable that she began to suspect a problem.  As her retailing operation depends on an e-commerce website, this was devastating to her business. Stefan helped her to not only free her network of the bots (and protect it against future invasion) but to reinstate the credibility of her company to conduct business online. It took some weeks of effort on his part to persuade ISP’s to let the jewelry retailer’s business resume delivery of e-mails to their clients!

What are some of the indications that bots may be operating under your radar screen? Be alert to unusual error messages suggesting that applications cannot launch or disk drives cannot be accessed, as these may indicate a bot infection.  Also be alert to unusual e-mail activity, such as messages to your e-mail in-box bouncing back from undelivered mail messages that you did not send, which suggests that a bot is using your system to send spam. Another clue is the appearance of additional e-mail addresses in your small business accounts that you did not create.  The National Cyber Security Alliance is using the month of October to advise consumers on the risks of bot infections, which you can minimize with current anti-virus and security software, consistent with the recommendations in Prepare for the Worst, Plan for the Best: Disaster Preparedness and Recovery for Small Businesses (Wiley, second edition, 2008).  Be wary of downloading software from unfamiliar sources and do not click through or open suspicious e-mails or attachments.

Working in California

Friday, October 10th, 2008
Cabernet Grapes at the Hanna Winery

Cabernet grapes at the Hanna Winery

I spent a very enjoyable week in California as the guest of Chris Hanna who welcomed me to Hanna Wineries in Sonoma Valley for the fall harvest. Together with a friend, we toured Hanna’s vineyards, tasted their award-winning estate-grown Sauvignon Blanc and Cabernet Sauvignon wines, and accompanied Winemaker Jeff Hinchcliffe on a tour of Hanna’s production facilities, learning first-hand about the art of winemaking.  The highlight was a harvest lunch with Chris and the winery staff. We appreciated the scenic beauty of the Sonoma Valley and particularly its authentic cuisine. We dined at the Dry Creek Kitchen and Cena Luna and enthusiastically recommend both. And if you ever need accommodations in the Sonoma Valley, I recommend the Healdsburg Inn, where we stayed. In addition to visiting eight wineries and one olive oil press in Sonoma, we also attended the Harvest Fair, which was great fun. I particularly enjoyed seeing the fruits of the harvest, such as this impressive array of apples.

A Bountiful Harvest at the Sonoma Fair

A bountiful harvest at the Sonoma Fair

Our stay with Hanna Wineries was a particular delight for me as I have completed four certificate programs at the French Culinary Institute, including study with Master Somnelier Andrea Immer Robinson. Chris Hanna is also writing a cookbook and I look forward to reading about her special cuisine and suggested food and wine pairings. And as Chris Hanna and I are both women business owners, I related to her choices and her values. I also envy her quality of life in Sonoma Valley! Photographs of our visit will be published in a future issue of Gourmet magazine; I will provide the link as soon as it will be available.

We enjoyed the hospitality of Hanna Wineries

We enjoyed the hospitality of Hanna Wineries

We then went to San Jose where we visited the Museum of Technology and its impressive exhibit devoted to the work of Leonardo da Vinci. The presentation focused on da Vinci’s work as an inventor and engineer and featured facsimiles of his notebooks. If you have the opportunity to see this exhibit, do so, as it will leave San Jose in a few months’ time. And before you think I had all fun and no work in California, I should tell you that I did work in San Jose, including doing a book signing at the local Borders Bookstores, although that was fun, too. This photograph below shows two copies of the book remaining after the signing; I guess this is the author’s experience of the harvest and it is very rewarding.

Technology museum in San Jose

Technology museum in San Jose

Don't miss the Leonardo da Vinci exhibit

Don't miss the Leonardo da Vinci exhibit

Fruits of your author's labor

Fruits of your author's labor

October 8 is International Day for Disaster Reduction

Thursday, October 9th, 2008
Natural disasters are devastating in the developing world

Natural disasters are devastating in the developing world

October 8 is the International Day for Disaster Reduction, continuing a tradition agreed upon by the United Nations General Assembly nearly twenty years ago in which the second Wednesday of October is designated to observe the need for better risk practices. It is the poor in the developing world who are most vulnerable to natural disasters. In 2008 alone, more than 62,000 people died in China’s Sichuan-Wenchuan Earthquake and Cyclone Nargis killed or left homeless more than 84,000 people in Myanmar.

I had the experience to speak with small business owners and government officials in Beijing concerning the disaster vulnerabilities of smaller enterprises. Representatives of more than ten Asian countries participated. With the passage of time, we forget the severity of threats, such as SARS and avian bird flu. October 8 is a day to reflect on how we might improve our resilience to such threats, particularly for the most vulnerable among us.

Hurricane Ike’s IT Lessons

Friday, October 3rd, 2008

A Houston business owner contributed a piece to, titled “Hurricane Ike’s IT Lessons”. Click here to read the linked article. The lessons are consistent with what we had written in the first edition of our book in 2002, just after our experience of 9-11, and in the second edition, Prepare for the Worst, Plan for the Best: Disaster Preparedness and Recovery for Small Businesses (Wiley, 2008): build in redundancy, disaster recovery is stressful, simple solutions are best, etc. I would hope that every small business owner would learn these lessons the easier, rather than the hard way, so please read another person’s view to take the message to heart!

Get Some Breathing Room

Thursday, October 2nd, 2008

With all of the reports in the news about the difficulties small businesses face in accessing credit, the bigger story is overlooked. Many small businesses contract with the federal government for net payment terms of 30 days on submission of an approved invoice. The federal government is stretching its payments out to 140 – 150 days, in effect, extracting interest-free financing from small business suppliers. Even worse, if the small business is the prime contractor, it must pay its sub-contractors even before it receives payment from the federal government. The Fortune-500 are also stretching out payments, although not to that extreme. Being an unwilling creditor is a more serious problem than being unable to access credit.

And with that happy thought, I would like to suggest that residents in the Houston-Galveston area in the wake of Ike begin to negotiate longer payment terms, reductions in interest rates or any other forbearance that they can with their creditors. In disaster recovery mode, everything takes longer than you think it will. Try to negotiate some breathing room for yourself while the powerful images of the disaster give you some negotiating leverage or sympathy. It is better to negotiate early in the process then when your accounts go into arrears and blemishes start to appear on your credit report. And it will reduce your stress level.