Pertinent Perils

Home Based Offices

February 15th, 2009

Home office

With the economy officially in recession, many people are working from home, either voluntarily or involuntarily. According to the Census Bureau, nearly half (49%) of all businesses in the U.S. are home-based. Add to that the number of displaced workers who are consulting from home, freelancing or using their home offices as a base from which to seek other employment and corporate employees who telecommute and you have a large home-based workforce.

If you operate your small business from home or you and/or your employees work from home occasionally, you need to be as vigilant about computer security as you would working from a traditional office. If you issue laptops to your employees, make sure that they understand that the laptops are for business use only. Do not allow your teenagers or others to use them as their most popular music and video download sites and social networking sites are often misused for mal-ware and other types of viruses. Exercise the same degree of caution with respect to passwords, VPN’s and other protocols as you would in the office.

Finally, be aware that your homeowner’s or tenant’s insurance almost certainly does not cover commercial activities performed inside the home. You can obtain a policy for a home-based business at very low cost, often offered as part of a membership benefit package in many small business associations, making the cost of joining well worth the membership dues.

Tags: Home Office
Posted in Everyday Disaster | No Comments »

How to Lose 41 Pounds Without Cutting Calories

February 13th, 2009

Lose Some Weight

Did you know that the average American receives 41 pounds of junk mail every year? If you can reduce the volume of junk mail you receive, you and the environment will benefit. The less junk mail you receive, the less time you have to waste sorting through unessential communications and the more time you will have to focus on what is truly important to you. When I lived in Switzerland, people would put stickers on their mail box with the statement “Bitte, keine reklame!” (meaning, “Please, no advertisements!”). The postal worker could not then put sales circulars, catalogs or other unsolicited junk mail in the post boxes so marked. Such mail would be returned to the sender at his expense. I hope that we can soon pass legislation in the U.S. providing such consumer protections. Meanwhile, there are steps that you can take to reduce your volume of junk mail. The Center for a New American Dream even offers a kit to do it for you, or you can sign up for Catalog Choice to opt out of mailers. In Prepare for the Worst, Plan for the Best: Disaster Preparedness and Recovery for Small Businesses (Wiley, second edition, 2008), I offer some suggestions to contact credit card companies and mailing list providers to substantially reduce the volume of unwanted mail you receive. It is bad enough receiving junk mail in your office during normal business operations, but this is certainly a burden you don’t want to have should you find yourself displaced and temporarily operating from a remote location in the event of a disaster.

Tags: Junk mail
Posted in Communications | No Comments »

Dial “C” for Caution

February 12th, 2009

Caution: Sensitive Data Here

We are all sensitive to the need to protect confidential business data on our laptop computers, but have you given any thought to what is stored on your cell phone? Just a few weeks ago a man in New Zealand paid $10 for a used MP3 player and found it preloaded with U.S. military records and personnel data for troops stationed in the Middle East. In December, an old BlackBerry was sold for $20 at a garage sale of the McCain Presidential Campaign. It was found to be preloaded with sensitive Republican donor information, emails, and more. Unfortunately, incidents such as these, while embarrassing, are all too common. Don’t let them happen at your small business.

Regenersis processed over two million mobile phone handsets in 2008 and last December, during a random sampling of 2,000 recycled mobile phones, found that 99% of them stored sensitive data such as banking information and confidential e-mail messages. The average mobile phone is replaced every 18 months; if you do not clear these handsets of data before you recycle or dispose of them, you may jeopardize the security of your small business. Of course, not all cell phones are recycled or donated once they are removed from service. In the U.S., over 700 million cell phones that are no longer actively used are stockpiled in homes or businesses, which also pose security risks.

Do not rely on the next user or the cell phone recycling firm to purge your data for you. It is safer to invest a minute or two to learn how to do a proper factory reset/hard reset on your phone, remove memory and/or SIM cards, check to make sure everything’s been wiped, and then dispose of your handset.

Tags: Data Security, Mobile Phone
Posted in Communications, IT Systems | No Comments »

The High Cost of Discounted Goods

February 11th, 2009

Bright and Shiny, But Not Necessarily Inexpensive

In Prepare for the Worst, Plan for the Best: Disaster Preparedness and Recovery for Small Businesses (Wiley, second edition, 2008), I advise readers that it is always best to purchase the current versions of computer hardware for their small businesses. Rarely is it cost-effective to purchase an earlier model of hardware for the reduction in price. Recent discount offerings by major retailers, such as Circuit City, have prompted readers to ask me if I would like to revise my original advice. After all, with major retailers discounting their inventory by 80% in bankruptcy sales, doesn’t this represent a great opportunity for small businesses to save some money on their purchases? The answer is: no, not necessarily. Consider the purchase of a computer printer. The printer’s functionality is dependent of the hardware (the printer itself) and the software (the printer driver which delivers instructions from your computer to the printer). Whenever the computer operating system is upgraded, the manufacturer of the printer must write software for the new printer driver, which they typically make available for free download. Now you see the competing needs of two different business models.

The manufacturers of computer operating systems generate revenues from software licensing fees, which are like an annuity stream. But the hardware manufacturers only earn revenue at the point of sale: when you purchase their printer. If they have to keep writing and distributing new printer driver software every time the operating system is upgraded, they incur open-ended and unlimited costs. They could invest substantial amounts of resources in supporting obsolete hardware to keep up with software upgrades. That is why hardware manufacturers limit their support to a fixed period of time, typically a year or two. So that discounted printer model you purchase at the online auction or the bargain basement may appear inexpensive. But then you attempt to set it up and find that you don’t have a current printer driver to make it work optimally with your computer system. Then the cheap printer becomes an incredibly expensive paperweight. So I am sticking with my original position: it is generally best for small businesses to invest in the current models of computer hardware, irrespective of retailer discounting.

Tags: Computer Hardware, Equipment Failure, Purchases
Posted in Equipment Failure | No Comments »

Back From New Orleans

February 10th, 2009

Back to New Orleans

I just returned from a very enjoyable few days in New Orleans where I facilitated a “Train the Trainer” day-long workshop for the counselors of the Small Business Development Centers across Louisiana. One of the challenges that was discussed concerned the need to budget for successive evacuations, which FEMA does not reimburse. One of the counselors told me of a client who had to evacuate the Gulf Coast area three times during the 2008 hurricane season at a cost of $1,000 per trip. He does not have the funds available for another evacuation. Another counselor suggested that New Orleans residents should accept the reality of hurricane season as a cost of living in the community and budget some savings for it. If they are not called to evacuate in a given year, they have a Christmas fund with the accumulated savings. Good advice for all of us, no matter where we are located. Liquidity, or the immediate availability of cash, is important for all small businesses, particularly in the current economic environment.

I also had the opportunity to visit some of the community-based non-profits in New Orleans which are laying off staff owing to the downturn in charitable donations that began with the Wall Street crisis of September 2008. On a happier note, I had two excellent dinners with the SBDC team: one at Mr. B’s and one at Bourbon House, both in the French Quarter. (We stayed at the Hotel Monteleone where our program was held.) I recommend both to readers who will travel to New Orleans for Mardi Gras, which will begin on February 24 this year.

Tags: New Orleans
Posted in New Orleans | No Comments »

The Clock is Ticking

February 9th, 2009

Time is Running Out

As is sadly the case with longer-term, chronic disaster relief needs, out of sight is often out of mind. According to the Houston Chronicle, donations supporting recovery efforts in the Texas Gulf Coast in the aftermath of Hurricane Ike are dwindling. The United Way of Greater Houston had raised close to $6 million for its hurricane efforts. It has stopped raising funds and is currently focused on longer-term human service needs. The Gulf Coast Ike Fund expects that by March it will have distributed all of the close to $12 million it has raised for emergency and short-term needs and will close its doors. The Bush-Clinton Coastal Recovery Fund is the only remaining entity still actively raising funds; however, its aid assistance focuses on rebuilding public infrastructure, not on the needs of families and small businesses. Charitable giving to support disaster relief efforts for Hurricane Ike was hindered by the timing of the financial crisis, with Lehman Brothers filing for bankruptcy two days after Ike struck the Gulf Coast. With the financial markets in crisis, charitable giving across all sectors has slowed, although the needs remain acute.

To help address these needs, I will be partnering with chapters of the American Red Cross to speak at events at Borders Bookstores in their local communities, with 10% of all sales during those time periods to be donated to the Red Cross. These events will take place in March, National Red Cross Month. As the dates are confirmed, I will post them on this site.

Tags: Disaster Relief, Red Cross
Posted in Disaster Relief | No Comments »

Category Number Seven?

January 25th, 2009

Money Troubles?

In both the first and second editions of Prepare for the Worst, Plan for the Best: Disaster Preparedness and Recovery for Small Businesses (Wiley, second edition, 2008), we presented a framework for six categories of disaster from the high-frequency/low-severity category of human error all the way to the high-severity/low-frequency extreme of terrorism and sabotage. Ellen Heffes, the editor-in-chief of Financial Executive, had suggested to me that it might be appropriate to add a seventh category of financial disasters, owing to the meltdown of the capital and credit markets. Ellen had invited me to contribute a bylined article to the magazine (which will appear in the April 2009 issue) and certainly the credit crisis is at the top of every executive’s agenda. I would not change the framework of disaster categories that had been set forth, because we had explicitly defined disaster to mean an event that displaces your business and extends to longer and longer period of remote operations, based on its severity. The financial crisis would not qualify for our treatment, although I am certainly considering writing a book on finance for small businesses. However, I would be remiss not to mention it, because the financial and credit crisis is certainly creating stress for my business. Like many small business owners, I am caught between the proverbial rock and the hard place, trying to collect monies that I am owed from large corporations (that should have behaved more responsibly) while remaining current to obligations that my business has to small vendors. A recent article in the Wall Street Journal indicates that I am not alone. As I read the WSJ story of the small business in California that has no hope of collecting the $53,000 it is owed by Lehman Brothers, I thought of the futility of the current government focus on strong-arming banks to extend their loan portfolios. Is it time for a new book on small business finance?

Tags: Credit, Finance
Posted in Everyday Disaster | No Comments »

Lessons Learned the Hard Way

January 20th, 2009

A Letter You Prefer Not to Receive

My earlier posting summarizing the lessons an attorney learned the hard way about identity fraud elicited strong response from readers, many of whom preferred to share their experiences by means other than direct posting. This attached image shows a scan of a letter one reader received from the Bank of New York Mellon, which is the custodial bank for his retirement savings account. As you can see, I have redacted the personal identifying information to make sure another misuse of private data does not occur. The letter advises that bank’s archive services vendor lost computer tapes containing personal client information when transporting them to an off-site storage facility. If you double-click on this image, you can read the letter for yourself. Obviously, this is a letter you prefer not to receive, but note that the bank acted proactively to offer free credit monitoring services to the clients who may have been affected, although they had no reason to believe that this information had been misused in any way. As the previous blog entry indicated, one unlucky attorney learned how important this service is. Should you find that any of your personal data may have been compromised, request that the vendor provide this service to you at his expense. And of course, should you ever experience a compromise of the security of your client data, offer to do the same for your clients.

In addition, Cliff Ennico, who is NOT the attorney whose advice I summarized in the earlier blog posting, offered some useful suggestions of his own for information you will need to have readily available in the event of an emergency. I have attached the link here.

Finally, I wanted to add a suggestion of my own. I had an issue with identity fraud when the previous tenant of an apartment I had purchased continuously updated her mail forwarding. By unhappy coincidence we shared the same last name, so that much of my mail was re-routed to her in another state. This mail included frequent flyer statements from the airlines on which I travel (which I now receive electronically rather than in paper form). As a “courtesy” to me, the airlines automatically updated the mail forwarding information with this woman’s address. I only learned of this matter when I called an airline to request frequent flyer awards and was told that they could only mail the tickets (back in the days of paper tickets) to the address on file for me, which was in Tennessee. When I protested that I lived in New York, not Tennessee, the whole issue of the improper mail forwarding came to light. The airline staff advised me to instruct them in writing not to automatically update my account address for mail forwarding unless I specifically request in writing that they do so. I did the same for some of the online and catalog merchants from which I often order products, as they also use mail update services as a “courtesy” to customers whose mail has been forwarded. It is a sad lesson, but vigilance pays.

Tags: Identity fraud, Privacy
Posted in Everyday Disaster | No Comments »

Emotions and Redundancy

January 20th, 2009

Aircraft Lifted Onto the Barge

Following an earlier blog entry, over the weekend, the aircraft for USAirways Flight 1549 was lifted by cranes from the Hudson River where it had submerged and was then placed on a barge for subsequent transport to an area better suited for a long-term investigation. You will note that it is directly adjacent to the World Trade Center site, in the residential community of Battery Park City, where I lived on and after 9-11-01. I am viewing these events from a different vantage point, from directly on the Hudson River on the New Jersey waterfront exactly opposite of where I used to live. The emergency workers have been on duty round the clock, with police boats, helicopters and the Coast Guard maintaining a visible presence. While this accident was thankfully unrelated to the events of 9-11-01, for the residents of this neighborhood, the presence of emergency workers has a certain emotional resonance and frankly, I am glad I am more removed from the scene of the action this time. I had written earlier about dealing with emotions following a disaster, so just knowing that the sight of the police boats and Coast Guard craft were likely to provoke a response from me gave me the ability to mute that response. This is an important insight for anyone who has worked through a major disaster and thankfully, this one ended with no loss of human life.

Drawing on another theme of our preparedness messages, the role of redundant systems is critical. Although the investigation into the cause of the emergency landing of US Airways Flight 1549 has just begun, investigators have already revealed that both engines of the aircraft failed simultaneously. When I lived in Zurich, Switzerland, I would often take short, over-land so-called “City Hopper” flights to London or elsewhere for business. Those aircraft were equipped with four engines, consistent with European safety regulations, rendering negiligible the risk of simultaneous engine failure for all. That safety standard exists in the U.S. only for military aircraft and of course, for cargo aircraft, the redundancy required to mitigate the risk of equipment failure is still lower. As small business owners, the lessons we can draw from this accident include (1) the importance of redundancy to mitigate the risk of equipment failure, (2) the critical importance of employee training as demonstrated by the flawless performance of the airplane pilot and (3) the issues surrounding emotional responses post-disaster.

Tags: Emotions, Equipment Failure, Redundancy
Posted in Emotions, Equipment Failure | No Comments »

An Attorney’s Advice – No Charge

January 19th, 2009

An attorney friend of mine recently had a horrible experience following the theft of his wallet. He sent me the following advice with the request that I post it for you. To minimize your potential losses from credit theft, he recommends the following:

“1. Do not sign the back of your credit cards. Instead, put “photo identification required.”

2. When you are writing checks to pay on your credit card accounts, do not put the complete account number on the “memo” line. Write only the last four numbers. The credit card company knows the rest of the number, and anyone who might be handling your check as it passes through all the check processing channels should not have access to it.

3. Put your work phone number on your checks instead of your home number. If you have a post office box use that instead of your home address. If you do not have a post office box, use your work address. Never have your social security number printed on your checks. You can add it if it is necessary. But if you have It printed, anyone can access it.

4. Place the contents of your wallet on a photocopy machine. Do both sides of each license, credit card, each piece of identification in your wallet. You will know what you had in your wallet and all of the account numbers and phone numbers to call and cancel. Keep the photocopy in a safe place. I also carry a photocopy of my passport when I travel either here or abroad. We’ve all heard horror stories about fraud that’s committed on us in stealing a name, address, social security number, credit cards. Unfortunately, I, an attorney, have firsthand knowledge because my wallet was stolen last month. Within a week, the thieve(s) ordered an expensive monthly cell phone package, applied for a Visa credit card, had a credit line approved to buy a Gateway computer, received a PIN number from the Department of Motor Vehicles to change my driving record information online, and more.

5. We have been told we should cancel our credit cards immediately. But the key is having the toll free numbers and your card numbers handy so you know whom to call. Keep those where you can find them.

6. File a police report immediately in the jurisdiction where your credit cards, etc., were stolen. This proves to credit providers you were diligent, and this is a first step toward an investigation (if there ever is one). But here’s what is perhaps most important of all (I never even thought to do this):

7. Call the three national credit reporting organizations Immediately to place a fraud alert on your name and also call the social security fraud line number. I had never heard of doing that until advised by a bank that called to tell me an application for credit was made over the Internet in my name. The alert means any company that checks your credit knows your information was stolen, and they have to contact you by phone to authorize new credit. By the time I had been advised to do this, almost two weeks after the theft, all the damage had been done. There are records of all the credit checks initiated by the thieves’ purchases, none of which I knew about before placing the alert. Since then, no additional damage has been done, and the thieves threw my wallet away this weekend (someone turned it in). It seems to have stopped them dead in their tracks. The following are the numbers you always need to contact when your wallet, credit cards or other personal identifying information been stolen:

Equifax: 800-525-6285
Experian (formerly TRW): 888-397-3742
Trans Union : 800-680-7289
Social Security Administration (fraud line):800-269-0271″

Tags: Privacy
Posted in Everyday Disaster | No Comments »