Archive for June, 2012

Complacent in Colorado

Tuesday, June 26th, 2012

Smoke Plumes Near the Garden of the Gods and Some Firefighting in Action

Trevor Dierdorff is the founder, president and chief executive officer of Amnet, a company that designs, implements and supports computer networks for businesses with 10 – 200 computers. Every year since 2005, readers of the Colorado Springs Business Journal have selected Amnet as “Best IT Consulting Company”. I met Trevor in Colorado Springs at the annual awards luncheon of the Colorado Small Business Development Centers, where my hosts took me to see the beautiful Garden of the Gods and Pikes Peak, areas now affected by severe wildfires. I want to extend my thanks to him for contributing this guest blog to share his thoughts and his photographs about the wildfires in his community.

Complacent Colorado: Now Thinking About Disaster Preparedness and Business Continuity by Trevor Dierdorff

Fires raging just west of Colorado Springs have really brought disaster preparedness to the forefront here. In Colorado Springs, we are pretty insulated from most disasters. We are too far inland for hurricanes and big earthquakes. We don’t get tornadoes like the mid-west. We get a little snow here, but it has been fifteen years since we had a decent blizzard so we Coloradoans get a little complacent about disasters and disaster preparedness.

As of today, the Waldo Canyon Fire has consumed nearly 6,000 acres and is only 5 percent contained. While no homes or businesses have been destroyed (yet), entire cities and neighborhoods have been forced to evacuate. Highway 24 west of town has been shut for days and one of my employees lives on the other side of the roadblock. He was able to go 80 miles around the roadblock to get a hotel in town.

What if your business building was intact, but the police or fire department was going to keep you out of it for days or even weeks? Could you still serve your customers? Probably not, if you own a restaurant, retail store or hotel. Of course, that answer varies depending on what type of business you have and whether or not you have remote access.

Does your insurance cover a situation like this? Loss of Business Income Insurance does not typically cover your financial losses in this situation unless your structure is damaged which caused your losses. You may want to add this coverage if this is concern to you.

Picture Taken Yesterday from the Interstate Near My Home

Here are some questions that you should ask yourself and then document your answers as part of your business continuity plan.

What would you need to do in the first 24 hours, after 3 days, after one week? These answers will probably be different.

What are some likely scenarios? Start with these.

What are some extreme scenarios? Don’t leave these out, but certainly cover the likely ones first.

What documentation have you done of your business assets and IT infrastructure?

Do you have a process to contact your clients and your staff?

What would you tell your staff to do?

Who has access to your Business Continuity Plan if you are unavailable?

This is just a short list of questions to get you thinking. Remember, everything you do before a disaster strikes determines the likelihood of remaining in business after the disaster.

These homeowners were evacuated at 1:00 a.m. the night the fire started. What would you grab? What would you leave?

Network Security Measures on Vacation

Sunday, June 24th, 2012

As the summer travel season begins, hackers will no doubt increase their attempts to exploit vulnerabilities in airports and hotels. Business travelers and those who conduct some business while on vacation should exercise care when using unsecured WiFi networks in airport, hotels and other public places. In addition to personal identifying information, business and trade secrets may be at risk. The FBI recently advised travelers of the risks of malware attacks to laptop computers over hotel WiFi networks. Exercise caution yourself and remind your employees that all of the usual security protocols apply even when using the business laptop, tablet or cell phone while on vacation. And given what national security officials consider to be an increased threat risk, consider the following:

  • Prepare before the trip. Before you travel, confirm that your anti-virus software is updated on your laptop and all sensitive files are securely encrypted. You may wish to change your passwords both before and after travel.
  • Limit your online activities to when you have a secure Internet connection. Security breaches more commonly occur when travelers are using WiFi or even worse, free WiFi. Sometimes “free” can be very expensive! If you can, refrain from online work until you are sure you are certain of a safe Internet connection.
  • Stay current on alerts. The latest travel-related scam involves phony airline e-mails offering convenient online check-in. The recipient clicks the link and is unaware that his information is being tracked from that moment.

And be aware of your environment. When you have the laptop at the hotel pool, you will be less vigilant than you would be while sitting at your desk. Don’t let your relaxed setting lull you into taking needless risks.

And the Really Big Threat Has Yet to Surface

Saturday, June 23rd, 2012

There is More Below the Surface

I chose this image from stock photography to accompany this blog post both for the refreshing effect as we experience scorching heat, and for the symbolism. Icebergs are more dangerous for what they conceal as for what they reveal. The depth of an iceberg can exceed the height of a Manhattan skyscraper, making it very risky to the unsuspecting sailor. So it is with public finances, as our long-term liabilities remain obscured but what is above the surface is scary enough.  And one community has taken desperate measures that may become increasingly common as the economy struggles.

North Las Vegas, the fourth largest city in Nevada, has declared a state of emergency. The city invoked a rarely used law to mobilize resources to respond to unforeseen disasters and invoke emergency powers. But it wasn’t an earthquake or other extreme weather event that caused the city’s crisis. North Las Vegas is responding to a fiscal emergency. Years of declining tax revenues, growing expenses and rising joblessness led city officials to apparently conclude that they had exhausted their options.

North Las Vegas is among the most distressed cities in a troubled state. Nevada has the highest unemployment rate in the country and a crisis in the rate of home foreclosures and personal bankruptcies. But while the financial pressures are severe, the disaster declaration may be over-reaching.  Two cities in neighboring California, Stockton and Los Angeles, attempted similar emergency declarations that could not survive legal challenges.  Officials in Buffalo, NY were more successful when a court upheld a freeze on public employee wages, allowing the city time to address its deficit. North Las Vegas officials concede that they are not experiencing a Hurricane Katrina-like event in their city. But the disaster declaration will allow them to suspend scheduled increases in the salaries of city workers and suspend other contracts. The question remains – these short-term measures only buy time. What are the unseen, longer-term costs? And what happens when a real (i.e., not contrived) disaster strikes?

It’s That Time of Year Again

Friday, June 22nd, 2012

Image Courtesy of NOAA

The National Hurricane Center has issued an advisory predicting that thunderstorms and heavy rainfall in the southern Gulf of Mexico have a 70 percent chance of becoming a tropical cyclone over the weekend. The consensus among the forecasters is that 2012 will not be a severe storm season.  Let’s hope that they are correct.

The Real Finance Minister of India

Thursday, June 21st, 2012

Tending the Garden

India’s summer monsoon season begins in June and now that it has arrived, the country’s weather forecasters predict a normal season. This is welcome news as more than two thirds of India’s population of 1.2 billion people are employed in the agricultural sector. Their livelihoods are dependent of a “good” monsoon season, when 80% of the annual rainfall occurs. Owing to the state of irrigation, half of India’s crops depend upon adequate rain.  Indians consider the monsoon to be the country’s real finance minister: a good season drives economic development. And while we typically associate monsoons with India, they affect most other countries in Southeast Asia, such as Thailand where the severe 2011 monsoon season resulted in catastrophic flooding. It is extraordinary to think of the extent to which most of the world’s population depends on a critical balance of nature: too little rain and we have drought, too much and we have flooding.  A “good” monsoon season is like Goldilocks’ porridge; it is just right. In the United States, where less than 5% of our population works in the agricultural sector, we may be less sensitive to such considerations. I took this photograph, by the way, near the iconic image of India, the Taj Mahal. I was so struck by the image of someone going about her ordinary business near this spectacular monument in marble that I wanted to remember it.

SBA Simplifies Online Disaster Loan Application

Wednesday, June 20th, 2012

Print and Electronic Forms Now Match

This week, the U.S. Small Business Administration published its revised disaster recovery loan application. Until now, the SBA relied on an electronic loan application that guided applicants through a sequence of 80 screens, based on responses to questions to assess eligibility. The online application bore no resemblance to the paper form of the application, complicating the process for those who like to follow their notes as they work through the screens. The new version of the electronic loan application is identical to the paper form with three pages of information required for business loans.

The new online application can be found at The SBA is offering multiple channels to access assistance as small businesses and their advisers become familiar with the new application. A “Help” link appears at the top of each page of the loan application, which directs applicants to online support.  In addition, the SBA offers a dedicated disaster customer service line at 1-800-659-2955 or by e-mail at Further information about the disaster assistance program is available at The intent of the new online application is to reduce the burden on applicants and eliminate the confusion resulting from the differences between the paper and electronic versions.  Applicants should also consider sharing their experiences with the new application, both positive and negative, with their elected representatives. Is the SBA a more welcoming partner to work with small businesses? Revising the online loan application is certainly a step in the right direction.

U.S. Patent and Trademark Office Alerts Small Businesses

Tuesday, June 19th, 2012

The U.S. Patent and Trademark Office has issued an advisory that companies with which it is not affiliated are harvesting trademark registration information from the USPTO’s online databases to solicit applicants by deceptive means. The companies use names that appear to resemble the UPSTO name, such as including “United States” or “U.S.” in their titles. They may also use graphic elements in their correspondence to appear as official government documents. The solicitation asks the trademark applicant to pay additional required fees. The USPTO website has posted examples about misleading solicitations issued by companies pretending to be conducting official business related to trademark applications. The applicants receiving these misleading solicitations tend to be individuals or small businesses, as larger corporations are too savvy to be so misled. Before responding to any correspondence concerning your trademark application, consult your attorney. If you filed the application yourself without legal assistance, you may seek advice from Scan and e-mail a copy of the correspondence you received in connection with your trademark application to TM Feedback and they will advise you if what you received was a legitimate communication from the USPTO.

Happy Father’s Day

Sunday, June 17th, 2012

Remembering a Great Father

As we celebrate Father’s Day today, I want to share again the words that had appeared in the “Acknowledgments” to the first edition of Prepare for the Worst, Plan for the Best: Disaster Preparedness and Recovery for Small Businesses:

“I hope that my dad, who is retired, will enjoy mentoring those students and sharing with them his enthusiasm for the natural sciences as he did with me! My dad never missed a parent-teacher’s meeting, never missed a science fair or spelling bee, sacrificed his Saturdays to coach my soccer and Little League teams, and offered every possible encouragement to me. I have fond memories of touring college campuses with my parents during my senior year of high school, as we imagined what my future would be. I wish every young woman could have such a wonderful dad to instill in her confidence and optimism.”

Two months before those words were published, my dad was admitted to the hospital for coronary bypass surgery. He looked so frail in the hospital bed, his large eyeglasses making his face and body appear small. I wondered if he had the strength, the stamina or the motivation to participate in cardiac rehab, which would be the next step after discharge from the hospital. Recovering from bypass surgery would be daunting for anyone, but my dad was attempting it after caring for my mother following her traumatic brain injury. He must have felt overwhelmed and I knew that there was something I needed to do.

Sheck Cho, my editor at Wiley, was able to get me a complimentary author’s copy of the book in advance of the official publication date. I brought it to the hospital where I read the “Acknowledgments” to my parents. They were absolutely stunned, as they had been unaware that I had a publishing contract with John Wiley & Sons Inc. or that I had written a manuscript.  I had intended to surprise my dad with the book when it would be published in October 2002, but after seeing his fragile state, I didn’t want to delay two months for the book to be “official”. Tears formed in my dad’s eyes as he heard the words from the “Acknowledgments” and then he drifted off to sleep. I wondered if I had done the right thing, to provoke such emotion when he was weakened.

The next morning I returned to hear the buzz in the hospital: my dad was like a lion that had roared. Every physician, nurse and member of the hospital staff who had entered his room had to read the “Acknowledgments” to my book, as my dad proudly announced to anyone and everyone “my daughter wrote that!” Everyone told me that this was the perfect morale booster at the ideal time. My dad went on to participate with great enthusiasm in cardiac rehab, impressing his physical therapist with his dedication. For the remaining years of his life, he went to the gym three times a week without fail. He was very disciplined.

My dad died last year, just two days before Christmas. I was alone with him in hospice when he took his last breath. I am grateful for our last conversation the day before his death. His obituary (shown here) appeared in the Providence Journal and was my hardest writing assignment ever. This is our first Father’s Day without him. As we celebrate Father’s Day today, I hope everyone takes the opportunity to say what needs to be said, because there may never be another opportunity to say it.

Better Cyber Insurance Products Are Available

Saturday, June 16th, 2012

A recent survey by Chubb Insurance and Marsh found that businesses fail to appreciate cyber risks or integrate their approach to threats to network security into their overall risk management framework.  I agree with that conclusion and would add the following points:

  • There is no substitute for a robust data security protocol. Cyber insurance may reimburse certain of your losses for data breaches, but it cannot restore your business’ reputation.
  • Cyber insurance offers carefully defined policy benefits that may or may not suit your business, so take care in evaluating the policy. The insurer will typically dictate the way your business responds to a data breach, which may be more in the interest of the insurance company and less in the interest of your business. For example, in the event of a healthcare data breach (let’s say your business provides home nursing services), the policy may cover only credit monitoring services for the patients whose information was compromised, when medical identity monitoring would better meet your needs.
  • Also understand that the defined breaches eligible for coverage are often limited. For example, the cyber insurance coverage may not cover a data breach caused by a third party, such as a cloud computing service provider, even through the primary organization, your business, is liable.
  • Finally, review your existing policies carefully as cyber insurance may be duplicate of certain provisions of your existing business owner’s policy.

Airmic’s Review of Recent Developments in the Cyber Insurance Market reported that cyber insurance is now a more cost-effective risk transfer mechanism than it has been in the past. I look forward to reviewing the new provisions for covering cyber risks when my policy comes up for renewal. Meanwhile, I will be continue to be vigilant on network security.

So Richly Deserved!

Thursday, June 14th, 2012

It Could Get Worse

JD Power just released its rankings for the airline industry, rating seven key areas of the airline experience (reservation, check-in, boarding, aircraft, staff, service and cost) on a five-point scale. One represents the best; five represents the worst. USAirways tied United Airlines for last place, with an overall score of two.

I am not surprised. My most recent experience with USAirways illustrates the indifference the airline has to its customers. My dad had purchased two nonrefundable, nonexchangeable tickets for himself and my cousin to travel to Fort Myers. This is a trip they enjoy every year, for the Red Sox spring training. Unfortunately, as my dad was hospitalized, he was unable to travel. A doctor’s letter confirmed his inpatient admission.

Tough luck, said USAirways, the tickets were nonrefundable and nonexchangeable and company policy is inflexible on this point.

Eventually, they relented, but it took a lot of effort on my part. USAirways agreed to allow my dad to transfer  vouchers for the value of the two tickets, less a $150 re-booking fee for each, for my use. We had to have his signature notarized to confirm that he approved the transfer to me and supply a doctor’s letter stating that even when my dad would be discharged from the hospital (and the doctor could not guess when that would be), he would be unable to travel. USAirways gave me a time limit within which to use the vouchers.

I planned to use the vouchers to travel to do my programs with the American Red Cross, as this defrays the cost of my volunteer work. I was unable to do so. My dad was admitted to hospice where he died.  I had hoped in view of that development, the airline would extend the deadline for my use of the vouchers and would consider returning to me the $150 per voucher re-booking fee. It seems a gratuitous penalty at a time of great sadness. That was wishful thinking. Once again, USAirways said “tough luck”.

And in case I was thinking of investing the time and effort in trying to persuade them to reverse their position, as I had originally done to get the vouchers in the first place, a representative of the airline sent me an e-mail message in which he wrote “We have found no reason to alter the original resolution as we are unable to make another exception in regard to your unused travel vouchers…We are considering this matter closed and there will be no further correspondence pertaining to this issue.”

In a functioning market economy, companies like USAirways wouldn’t be around for very long. Poor customer service practices don’t build sustainable businesses. But unfortunately, in the U.S., we socialize corporate losses and privatize their gains.  Recall that after the September 11th terrorist attacks, Congress established the Air Transport Stabilization Board, offering $5 billion in cash payments for lost revenue when the airspace was shut down, insurance guarantees and liability protection and a $10 billion loan guarantee program. This act rescued USAirways Group Inc. and facilitated its merger with America West Airlines. Without the loan guarantees, both airlines likely would have been liquidated.

In Prepare for the Worst, Plan for the Best: Disaster Preparedness and Recovery for Small Businesses, I explained at length the nature of corporate welfare masquerading as emergency relief aid for powerful corporations. The airlines were already losing money before the events of 9/11. If they had been subject to the same criteria for small business 9/11 assistance, only those that could show they were profitable and sustainable before the disaster would have qualified for assistance. That would have limited the field of bailout candidates to one: only Southwest Airlines was profitable at that time.

And it is simply outrageous that Congress took cash from taxpayers and gave it to the airlines to compensate them for lost revenues. Business interruption insurance compensates businesses from revenues lost as a consequence of disasters. If USAirways or any other airline had failed to secure appropriate business interruption insurance, their management teams were guilty of gross negligence. Ask any Lower Manhattan small business owner if they received a 9/11 aid package to compensate them for their choice not to purchase insurance. (Or, for that matter, ask small business owners in New Orleans if they received comparable government largesse after Hurricane Katrina.)

USAirways has been working aggressively to acquire American Airlines, while the latter is trying to restructure its operations under the supervision of the bankruptcy court.  The management of American Airlines appears to prefer to remain independent of USAirways. USAirways is reportedly proceeding to file paperwork with antitrust regulators to secure regulatory approval for its merger with American.

Let’s hope the Justice Department acts responsibly and blocks any such anti-competitive maneuverings. American Airlines is a leader in its industry for serving small business customers. Folding it into USAirways would limit consumer choice and force us to endure more bad service.