Pelland Blog

The Equifax Security Breach: Your Response

October 22nd, 2017

Every so often, a truly important news story breaks into the public consciousness through an information overload that seems more and more obsessed with partisan issues, celebrity news coverage, and YouTube videos gone viral. One of these recent stories involved the unfolding cybersecurity breach at Equifax, one of the three American companies that compile the personal information that determines your credit-worthiness, your ability to obtain a loan, and the interest rate that you will pay for that privilege.

Of course, a legitimate question could be asked regarding what gives Equifax, Transunion and Experian the right to gather hyper-sensitive personal and financial information on every American citizen alive today. We have certainly come a long way from the idealized days of George Bailey and the Bedford Falls Building and Loan, when financial decisions were local and finalized with a handshake. In our modern times, it would seem that the minimum responsibility on the part of credit reporting agencies would be to maintain iron-clad security standards to prevent our personal information from falling into the hands of malevolent third parties.

In the recent Equifax incident, the personal security information of 143,000,000 Americans was compromised. According to the Federal Reserve Bank, there are only about 125,000,000 households in the United States. Without question, you were personally impacted. Essentially, the names, addresses, dates of birth, social security numbers and more for virtually every adult citizen in the United States were compromised. In addition, investigations have disclosed that credit card numbers of 209,000 individuals were hacked, along with personal identification numbers (PINs) for another 182,000 consumers.

According to testimony prepared for a House Energy and Commerce Committee hearing, Equifax CEO Richard Smith admitted that the breach was the result of a failure to apply a software update, despite warnings from the Department of Homeland Security, followed a day later by a warning from the company’s own security team. The company’s policy was to apply such patches within 48 hours, but this failed to happen. The patch was designed to repair the vulnerability in the open source Apache Struts software that the company was using in one of its systems. Even following the company’s internal software policies, hackers would have had three days to exploit that vulnerability – a virtual lifetime in the world of hackers. The Apache Software Foundation had issued a patch for the flaw in March, two months before hackers began accessing sensitive information on Equifax’s servers on May 13. Clearly, Equifax had no excuse for its failure to have taken immediate corrective measures.

This all occurred two years after a similar, but smaller, security breach occurred at Experian, compromising “only” 15,000,000 Americans. What did the credit reporting industry learn over that time? Apparently how to wait months before reporting the incident, while providing an opportunity for three top Equifax executives to unload $1.8 million worth of company stock, after the breach was discovered but prior to its announcement. It also forced Smith to resign, albeit with an over $90 million golden parachute, according to Fortune Magazine.

The impacts of the Equifax security breach upon individuals have been well-documented, including advisories to subscribe to free credit monitoring services, change all of your passwords to unique strings of characters that are more difficult to crack, to pay to freeze reports on your credit (only unfreezing the reports in specific instances, such as when applying for a loan), and to join into one or more of the class action lawsuits against the company. As a small business owner, on the other hand, what measures should you take to ensure that you are safeguarding the information of your customers to the best of your ability? There is no question that international cybercriminals tend to pursue the larger and more lucrative targets; however, every business that conducts business online (not necessarily through its website, but through any Internet-based transactional application) is vulnerable and bears a responsibility for protecting its customers.

The Federal Trade Commission offers a series of five areas of recommendation for how businesses should handle their customers’ personal information.

  • The first is an assessment of how your company handles personal information that is gathered from a variety of sources, including credit reports, employment applications, and customer-provided data. How is it delivered to your business, how broadly is it accessed within your company, and how and where is it stored? A particular area of concern is the processing of credit cards. Above all else, cybercriminals are looking for credit card information, social security numbers, and banking information. There is no reason for most businesses to maintain records of that information in any form.
  • Stop gathering information that you do not need. With the exception of very specific matters including employee tax accounting, there is no reason to ever ask for anybody’s social security number. Do not maintain records of credit card numbers. Those should only be gathered through a secure point of sale terminal or via a secure online payment gateway, where you do not actually see the number, its expiration date, or the security code. Never ask people to provide that information via email, and discourage the common practice of taking that information over the phone. Because “we’ve always done things this way” is no longer an excuse.
  • Keep all physical and electronic records secure. Paper records and backup files should be stored in locked rooms or file cabinets, with limited employee access to a limited number of keys. Electronic files should be encrypted and password-protected. Individual computers should be password protected, put into password-protected sleep or screen saver mode when left unattended, and shut down at the end of each business day. Scan the computers on your network for vulnerable open network services. For example, if a computer is not intended to be used for the sending or receipt of email, the ports for those services should be closed on that computer. Every computer should also be running real-time anti-malware and anti-virus software that includes scans of incoming email messages for malicious content that might be disguised as routine file attachments. Never allow an employee who is untrained in basic security precautions to access and open email messages.
    A highly secure password is almost worthless if an employee is allowed to write it down on a Post-It Note, typically attached to his computer monitor. Educate employees (and yourself!) on the importance of password security, use a “password safe” application with a highly secure master password, and lock out users after a limited number of incorrect login attempts on any computer and any online application. Laptops and mobile devices are particularly vulnerable due to their portable nature. They should never be left where they would be even momentarily visible to thieves, and their access to secure information should be carefully limited. Using unsecured Wi-Fi access at airports and other public places is an extremely risky practice.
  • Always maintain proper disposal practices. We have all heard the old adage about one man’s trash being another person’s treasure. That was never as true as it is today. Paper records and disposable electronic media containing sensitive data should never go into the trash. These need to be run through cross-cut shredders or incinerated. When disposing of old computers and storage devices, all data must first be removed with a data wiping utility. Simply deleting files leaves them recoverable by a thief. Did you realize that your office copier or fax machine contains a hard drive that stores its data? That data probably includes copies of your tax returns, and that data also needs to be wiped prior to the disposal of any such device.
  • Finally, maintain a response plan in the event of a security breach. If a computer is compromised, immediately disconnect it from Internet access, remove it from your network, and then shut it down. Bring in an expert to identify and correct the vulnerability and assess any threats to personal information. If there have been compromises, immediately notify your customers and anyone else who may have been impacted by the breach of security. Do not repeat the Equifax mistake of hiding disclosure for months.

This is a brief summary of what occurred in the recent Equifax security breach, how you should react to that breach, and some of the measures that you should implement to tighten the security standards at your own business. If you would like to learn more, be sure to attend the “10 Steps for Securing Your Digital Identity” seminar that I will be presenting at the Outdoor Hospitality Conference & Expo, in Raleigh, on November 8, 2017.

This post was written by Peter Pelland

Clarify Your Cancellation and Refund Policies

August 26th, 2016

If you are selling a product on eBay, you are required to clearly define your return policy, and if your website is involved in any type of e-commerce or online payments, payment gateway service providers such as Authorize.net will require that your site defines its refund policies. Your policy may simply be “no returns and no refunds under any circumstances”, but that policy needs to be clearly defined – both for your protection and for the protection of your customers. Misunderstandings can lead to disagreements and the need for mediation.

One of my company’s clients e-mailed me late last week, after one of her campers contacted her on Friday, asking for a refund – minus her stipulated $25.00 processing fee – for a last-minute cancellation of his weekend reservation, due to a less than perfect weather forecast. The client balked at allowing the refund, even though her website did not clearly define the terms for cancellations and refunds. Under the circumstances, this first-time guest at her park was making a totally reasonable request. With this instance in mind, it may be time to take a closer look at your own park’s cancellation and refund policies, confirming that they are covering the full range of potential circumstances.

As I explained to the client last week, most of our campground clients who are booking either real-time reservations or online reservation requests have policies that are much more clearly defined than what she had instructed us to post to her site. Typically, they might say that a full refund, less a $25.00 administrative fee, will be issued if the cancellation is made 14 days or more prior to the intended date of arrival; a credit for a stay at another date will be issued if the cancellation is made between 7 and 14 days prior to the intended date of arrival; and no refunds will be issued for cancellations made less than 7 days prior to the intended date of arrival. Each park is likely to have its own timeline for cancellations, its own administrative fee (if any), its own expiration date for any credits that it may issue, and probably separate schedules for campsites and rental units. The important thing is for all of those details to be clearly defined.

Many of our more savvy campground clients (typically, campground owners who have decades of experience in dealing with people who will try to find loopholes that they can use to their advantage, in this case capitalizing upon any vagueness in a cancellation and refund policy) will also specify the following:

  • Deposit forfeited for non-arrival on scheduled arrival date.
  • Holidays, special events, monthly and seasonal reservations are non-refundable.
  • No refunds for early departure.
  • No refunds due to inclement weather.
  • No refunds for evictions due to violation of rules.

These policies should be clearly visible on your website, accompanying your rates and probably repeated on a page that lists your park’s rules and policies. You want your customers to see them, and you also want to be able to direct customers to the text should any misunderstandings arise. I also suggest that cancellation and refund policies be outlined, with a link to the full list, at the end of the reservation process, using a checkbox where the guest must indicate acceptance of those policies before the form will be processed.

I know that some people like to keep things simple, and others fear that they might scare away business by posting what might be perceived as stringent policies; however, a customer who is unwilling to accept reasonable cancellation and refund policies is probably not the ideal guest.

Despite having policies that are crystal-clear and etched in stone, you will probably still want to evaluate each instance individually, exercising a degree of discretion in resolving each request. The bottom line these days is that, if a customer demands a refund, it is a lot less expensive in the long run to keep that customer happy than to suffer the consequences of encouraging him to post negative reviews or to complain on the social media. Going out of your way to make an exception to the rule in order to accommodate a first-time guest might turn that new customer into a lifetime source of income for your park.

Remember that, at least in his or her own mind, the customer is always right. Try to make an effort to help reasonable people to understand – in advance – your business’s point of view when it comes to cancellations and refunds.

This post was written by Peter Pelland

5 Ways to Annoy Your Customers

April 27th, 2016

It sometimes baffles me how some businesses will go out of their way to annoy their customers – and potential customers – when customer service should be their primary concern. Let me outline 5 bad practices that are in common use. I am hoping that none of my readers employ any of these practices; however, if you do, it is never too late to repent and change your ways!

Annoyed_Words_349705496_600x233_64T
Spammy E-Mail

It is amazing how everybody seems to think that only other people send out spam. We all think that our own messages are important and that the recipients are sitting on the edge of their chairs, just waiting to hear from us. Guess what? It doesn’t work that way.

Spam is in the eyes of the beholder. If you are not already engaged in an e-mail conversation with the recipient, and you are initiating a marketing-related message, what you are sending out is an unsolicited e-mail. By definition, that is spam. If your e-mail is carefully crafted and subtle, many people might cut you a break. Want to increase the odds of having your message flagged as spam? Use a compiled list, use ALL CAPS in the subject line or body of your message, use different fonts and colors, or use words like “free”, “not spam”, “please read”, “winner”, “congratulations”, “selected”, “limited time”, “click here”, and “$$$”.

Junk Fax

Although the laws have been watered down in recent years and are rarely enforced, junk faxes are illegal. Nobody purchases a fax machine so they can get the latest offer on a “Funtacular Vacation” or “Ticket to Paradise” involving a trip to Cancun or the Bahamas. They also do not need to be contacted about emergency roof repairs after every heavy rainstorm, and, if they are in need of a small business loan, they are probably not going to arrange for one through a junk faxer. Are you going to pay for the recipients’ telephone line, ink or toner cartridges, paper, and electricity? If you send faxes to anyone who has not specifically requested your fax, get a life and stop it!

Telemarketing Calls

After the average person has already gotten calls on any given day from timeshare scammers and people in a boiler room in Bangalore who pretend to be working with either Google or Microsoft, they are already predisposed against receiving your phone call. I already have solar panels on my roof, so why do I get calls from at least 3 solar sales outfits every day? (Trust me … my solar installation did not originate with a telemarketing call!) The only thing certain about an unsolicited phone call is that the person at the receiving end is in the middle of doing something else that has nothing to do with anticipating your call. Disturbing people is not really the best marketing approach. Think of it like eating wild mushrooms. Unless you really know what you are doing, the experience is probably not going to end as well as you had hoped.

Unmonitored E-Mail

If you send somebody an e-mail message, particularly if it is a response to any type of consumer contact form, always ensure that the recipient can reply to your message. It amazes me how often I will contact a business (or a local politician, for that matter), only to get a canned response from an e-mail address that beings with “noreply” or “DoNotReply”. A few months ago, I sent a consumer inquiry to a major supermarket chain where I am a frequent customer. The response, with a “noreply” sender address, was addressed to “Dear Customer”, and continued, “The mailbox you attempted to send your e-mail to is not monitored. However, we do want to hear from you! For questions and comments, please contact us by calling: Consumer Affairs.” If your consumer affairs department has a contact form, and I have taken the time to initiate an e-mail conversation, why is your only response to tell me to call you on the phone – and probably get put on hold for several minutes?

Spell Your Customer’s Name Wrong

Finally, I remember about 10 or 15 years ago when I bought two season’s passes to a nearby summer theatre. I probably spent two or three hundred dollars for the tickets, but from that day forward, the theatre company started sending me mail addressed to “Paul Pillard”. Do you think that I ever renewed my subscription for another season, or even bought tickets for an individual production? No way! The supermarket that addressed me in their e-mail as “Dear Customer” was far better off than the theatre company that continually addressed me by the wrong name.

Speaking of names, never presume the use of a nickname or abbreviated name, and know how to pronounce a person’s name before speaking it. My name is Peter, and I am already predisposed against incoming telemarketing calls. Want to really call the wrong number? Be a total stranger who addresses me as “Pete”, or struggle with the pronunciation of my last name when you call me. If you catch me in a particularly good mood, you will not get an earful!

Okay, now that I have gotten these marketing pet peeves off my chest, I can go enjoy a pleasant dinner … until it gets interrupted by a telemarketing call.

This post was written by Peter Pelland

All Links Are Good … or Are They?

April 4th, 2016

One of my clients recently contacted me, concerned that his New Hampshire campground was listed without his prior knowledge or authorization on several websites that purported to be online campground directories. He discovered this when one of the sites contacted him on behalf of a camper who wanted to make a reservation to stay at his park and another contacted him to “claim” his listing. At first glance, these would appear to be good things, wouldn’t they? Any resource that is sending you business is generally welcome to do so. After all, your campground is probably sent online traffic from a variety of referring sites – everything from Go Camping America to your state association website to Good Sam to your local tourism association.

In the instances that my client described, something just didn’t seem right.

Over the years, a number of websites have sprouted up that are essentially directories of local businesses. Many of these have evolved from so-called “yellow pages” companies, and their business model is to persuade gullible business owners to pay for enhanced listings. In my own instance, about a third of these local directories lists my company’s street address correctly, but then locates us in the next town. Another third list our fax number as our phone number. Do I care? Not really, because these sites get close to zero traffic, and they have little if any effect – either positive or negative – upon the SEO of my company’s official website. These websites are working with compiled data, obviously harvested from unreliable sources.

The sites that my client described were an entirely new breed. Also based upon compiled data, their business plans are no longer focused upon selling enhanced listings but in providing reservation services where they collect referral or transaction fees. These can be problematic indeed. My client has gone through a fairly labor-intensive process of getting his business de-listed from several of these sites. The more that I looked into them, the better my understanding of how my client’s instincts were probably right on target.

Campground reservations are accurately perceived as a multi-billion dollar business, and companies that would like a piece of the action are suddenly coming out of the woodwork. Funded with infusions of venture capital, the focus is on generating income from the collection of processing fees on those reservations, either in real-time (with campgrounds that get on board) or with the type of delayed booking that initially caught my client’s attention. One such site posts that it “anticipates” use by 1 million campers per month, even though it does not currently show up as even a blip on the radar at Alexa, the leading provider of comparative website traffic analytics.

What is the problem with these sites? Well, first of all there is a problem with compiled data. How often is the data updated and how accurate is the initial source? (Think back to those local sites that list my business in the wrong town or with our fax number as our primary phone number, where incorrect data tends to perpetuate itself.) On one of these sites that my client called to my attention, I perused the campgrounds listed in my home state of Massachusetts. I am intimately familiar with the industry players in my home state, and I found fictitious listings, listings for municipal parks that have nothing to do with camping, listings for campgrounds that have been out of business for several years, and listings for summer camps.

The second problem is the potential for these sites to compete with your own official website and your own chosen online reservation engine, a situation that can only serve to confuse consumers and that could inflict harm upon your business. I know that I do not want any other company representing my business, and I would be feverishly protective against any threats to my company’s unique online identity. Particularly if pricing (that may or may not be accurate) or reservations enter into the equation, the potential for problems is very real.

Thirdly, if you choose to get on board, be sure to read the fine print. The “Terms of Service” listed on one of these websites, when copied and pasted into a Word document, consisted of over 20,000 words that ran 42 pages in length. That’s a far cry from the old-fashioned handshake agreement of years past and probably reason to proceed with caution.

Keep in mind that any online directories or search engines built upon compiled data (even Google itself!) need businesses like yours as much as you need them. Without listing real businesses that consumers are seeking, they have no product to offer. It is your decision whether or not to get on board with any particular website. Understand the potential risks and benefits, and then make a decision based upon what is best for your business and how it can most effectively meet the needs and expectations of its core clientele.

This post was written by Peter Pelland

The Fine Art of Handling Negative Reviews, Reviewed

January 31st, 2016

Recent outdoor hospitality conferences in Daytona Beach presented me with an opportunity to stay at area hotels, dine at area restaurants, and visit area attractions during the course of two stays in town. For nearly 10 years, I have been an active reviewer on the TripAdvisor website, and I have come to rely upon TripAdvisor as a reliable source of peer reviews. I like to think that I write honest reviews, and I appreciate that same honesty in other reviewers. To date, I have written 120 reviews, 49.2% of which have given “excellent” ratings and 27.5% of which have given “good” ratings. My reviews provide business owners with wonderful opportunities to obtain valuable consumer feedback. Occasionally, business owners are incapable of accepting constructive criticism, and that is their loss. When they react with an over-the-top, non-objective management response, they are truly missing the point of the entire process.

One recent experience illustrates my point. When my wife and I stayed in Daytona Beach for a few days at the end of the KOA Expo, we visited an attraction that TripAdvisor rates as #1 out of 71 “things to do” in the nearby city of DeLand. We were disappointed in this historic house tour, felt that the tour was overcrowded, and considered it overpriced. What particularly bothered me – and aroused my suspicions regarding the validity of the attraction’s rating – was the way that the tour guide came right out and asked people to submit TripAdvisor reviews, followed two days later by an e-mail from one of the owners, again asking for a TripAdvisor review. I definitely had the impression that a ballot box was being stuffed.

Of course, I felt compelled to share my experience with others on TripAdvisor, particularly since I thought that the attraction’s #1 rating was highly misleading. I went out of my way to be objective and sensitive to the idiosyncrasies of the owners, quite generously giving it a three-star (“fair”) rating that I carefully documented. Prior to writing my review, I noticed how the owners of the attraction responded to every review on TripAdvisor, and how any reviewer who did not give the attraction an “excellent” rating was essentially attacked in one way or another. I was prepared for an assault but would not be intimidated. In my case, I was told that I had “baffled” and “insulted” them with my “false claims”, and that I was obviously an “angry” person.

Other reviews received management responses that were far more offensive. Here are some samples culled from various management responses: “Your comments are unsubstantiated and more importantly not true.” “Your comments are completely false and hurtful.” “I have contacted TA to handle your harassment, (and) your hateful attempt to try and discredit us is sad at best. You should be ashamed of yourself.” “Your ‘Poor’ rating is suspicious at best.” “For someone to go out of there (sic) way to give false feedback with the intent to hurt a small business owner is sad and actually difficult for me to comprehend.”

As you can see, some small business owners cannot be objective when handling criticisms of the businesses which are often extensions of themselves. That is understandable, but it is important to put subjectivity aside and recognize that, in the vast majority of instances, a negative review is providing valuable input regarding improvements that you should consider making.

When you have the opportunity to respond to a negative review, here are a few suggestions:

  1. Listen to what the reviewer has to say. Try to be as subjective as possible, putting your ego aside. The review is not a personal attack upon your reputation (even if you think that it is.)
  2. Empathize, introduce a positive factor into the conversation, and apologize if necessary. An apology is not an admission of guilt but simply a polite acknowledgement that the reviewer had less than a perfect experience involving your business.
  3. Try to take the conversation offline. Not long ago, I posted on Facebook how I was dissatisfied when an energy audit contractor failed to show up for a scheduled appointment. The organization saw that it had been mentioned on Facebook, responding by asking me to contact them privately with my telephone number. Offline, they apologized and re-scheduled the appointment for the following day. Any damage was under control.
  4. Despite the urgency of responding quickly, before posting a response to an online review, always run it by another set of eyes. Too often, in the absence of body language and tone of voice, a response with the best of intentions might sound condescending or even sarcastic. Remember that you are trying to rectify a situation, not make it worse.

It is important to separate yourself from your business, to keep your cool, and to try to treat every review as a learning experience. If you do not like what you are reading, avoid the temptation to take things personally and as an opportunity for retaliation. Respond following the guidelines above, and then move on. Put on your big boy pants and get on with the responsibilities of running your business to succeed within the best of your capabilities.

Note: Since originally writing this post, I have continued to receive e-mails from one of the owners of the attraction in DeLand, again asking me to write a positive review on TripAdvisor. (Apparently, they do not mind spamming their customers in their pursuit of TripAdvisor reviews.) Another e-mail arrived more recently, urging its recipients to e-mail the producers of CBS Sunday Morning to ask them to do a feature story on the attraction.

This post was written by Peter Pelland

Truth in Packaging

June 10th, 2015

When it comes to processed foods, probably the most deceptive phrases are:

  • Serving suggestion.
  • Enlarged to show detail.
  • All natural.

The serving suggestion lets you know that the strawberries and blueberries in that bowl of cereal are not included in the box, the image that is enlarged to show detail helps you to really see what that cracker or potato chip looks like, and the words “all natural” have no definition whatsoever and can include just about every chemical compound found on the planet. The first two phrases are usually shown in very fine print, whereas the last phrase is generally promoted in large text with an eye-catching graphic.

PackagingBuzzwords

It is unfortunate that parts of the business world have adopted language that essentially applies this same sort of lipstick to their pigs. A used car becomes “previously owned”, previously frozen fish in the supermarket becomes “thawed for your convenience”, products made in China might be “assembled and packaged in the USA”, and most people know that a “processed cheese product” is anything but real cheese. In particular, some of this deception has become commonplace in the Internet industry.

Serving Suggestion

If you have ever registered a domain name with a company like GoDaddy, you will encounter their version of the “serving suggestion”. I just went to GoDaddy to try to register a domain name for $9.99, the sale pricing for new domain name registrations. Before checking out, I am presented with an offer the “Get 3 and Save 67%” by registering the .net, .org, and .info versions of the domain name, as well as an opportunity to “target local shoppers” by adding the .nyc version of the domain name for an additional $39.99.

As I pass on those options and proceed to the checkout, I am encouraged to “Protect My Personal Information” by adding so-called “Privacy Protection or Privacy & Business Protection” for between $7.99 and $14.99 per domain per year. (The $14.99 price is made to appear particularly attractive, since it is discounted from a “regular” price of $32.97.) The next options are “Website Builder Hosting” for anywhere from $1.00 to $10.99 per month, and E-mail hosting for anywhere from $3.99 to $7.89 per month. Then, of course, I will be encouraged to register my domain for the maximum period of 10 years, rather than only paying for a single year.

Under this exercise, I only wanted to register a single .com domain name for $9.99 (plus a mandatory $0.18 ICANN fee). Most people are confused by all of the options – after all, doesn’t “privacy protection” sound important? – and will pay for at least some of the unnecessary add-ons. If I purchased everything that GoDaddy suggested, but still only registered my domain name for a single year, I would be paying $375.51 per year for that $9.99 domain name. Yes, those are “serving suggestions”.

Enlarged to Show Detail

Many website builders have a way of exaggerating their skill levels. Often, these are the local jack-of-all-trades computer shops in town, where the owner fancies himself a webmaster in between attempting computer repairs and selling home theater systems. In other instances, this might be your son or daughter or that smart kid down the street, generally telling you that “anybody can build a website.” In yet other instances, you might be misled by TV commercials from companies like Wix, Weebly, SiteBuilder.com, VistaPrint, or those wonderful folks at GoDaddy again … all suggesting that it only takes a few mouse clicks to build a website for your business for next to nothing or even free (before, of course, leading you back into the “serving suggestions”).

Needless to say, there is not a single website for any seriously legitimate business that was built under any of those scenarios. Even among companies that are engaged full-time in website development, there is a propensity toward exaggeration and a “sure, we can do that” attitude. Your best protection will be a careful review of their portfolio and references. It has been said that “the proof is in the pudding”, and you may want to confirm that the dessert being served matches the dessert being described on the menu. If you are being promised a world-class website, that is unlikely to result if there are no signs of the necessary skills visible in previously completed projects.

All Natural

The trickiest to detect is the claim that a product is made with all natural ingredients. From processed foods to pet food, from cosmetics to candy, there are no clear standards or definitions for the term “all natural”. As a result, consumers need to rely upon their own instincts, underfunded consumer watchdog organizations, or the slowly moving wheels of governmental regulatory agencies for protection. Snake oil was all natural, but it never cured a single disease other than psychosomatic disorder.

The snake oil of the Internet age is search engine optimization, commonly known by its acronym: SEO. How many phone calls have you received recently from somebody offering to get your website “listed at the top of the Google search results”, offering to help get your business listed on Google Places, or asking you to “update your Google front page listing?” In most instances, you have probably gotten dozens of such calls. Not a single one of them has actually come from Google or a company that is legitimately sanctioned to call on Google’s behalf.

In a recent phone call with the former president of one of the world’s leading e-commerce companies, I was struck (but not surprised) by his advice to “never hire an SEO agency”. Wasting time trying to find a legitimate SEO company is like trying to find a “good” fortune teller, used car salesman, or payday loan company. They are all truly good at taking your money. SEO is nonetheless big business. Be suspicious of companies that offer SEO reports as a means of getting their foot in the door, offer to “fix” your website so that it will “start ranking higher on the search engines”, or show you Google Analytics charts and graphs with misleading annotations that allegedly document their expertise.

We are living in challenging times. In order to survive and prosper, you need to cut through the chatter and filter out the noise. Should you really expect one business to provide the same services for significantly less than most others, should you really expect companies to provide free services with no strings attached, and should you really believe that there are companies with magic wands that will make your website suddenly appear more highly ranked than any other relevant search results? Sometimes business decisions come down to who you can trust, and trusting your own instincts is almost always the soundest business decision.

This post was written by Peter Pelland

Mobilegeddon?

May 13th, 2015

No doubt you heard the cries of alarm a few weeks ago, when so-called experts warned of the end of Internet search as we knew it, effective April 21, 2015. Perhaps you have also noticed the eerie silence since the uneventful passing of that date.

This past winter, the national news media spent two days ignoring real news events to warn of the impending “storm of the century” that was headed toward my home base in Western New England. We were in the bullseye of the forecast map, with a prediction of 30 or more inches of snow. After all was said and done, I believe that we received 6 or 7 inches. A few local meteorologists apologized for the inaccurate forecast that was fed to them by the National Weather Service. Other than that, the “story” was dropped – for obvious reasons – like a hot potato.

I am embarrassed that so many of my peers jumped on the sensationally-named “Mobilegeddon” bandwagon. It was particularly disturbing when the dire warnings were used by companies that were in a position to exploit the fear that was generated by the spread of this misinformation. Let’s face it: If his midnight ride was based upon unconfirmed rumors that “the British were coming”, Paul Revere would be long forgotten as a little-known Boston tinsmith.

As I pointed out at the time, many self-proclaimed “experts” cited a Google blog post, a comment reportedly made by a Google employee, and a speculative article that had appeared in Entrepreneur Magazine as the bases for a warning that was an outright exaggeration. What the new Google algorithm means is that sites that are mobile-friendly will gradually gain an edge over sites that are not mobile-friendly, being flagged as “mobile friendly” alongside mobile search results. This rise in the ranking of mobile-friendly sites will come at the expense of sites that are not deemed mobile-friendly, but it does not mean that those latter sites are suddenly going to be dropped from being indexed. Mobile-friendliness is only one – although a very significant one – of over 200 ranking signals that Google employs to determine the best search results.

Using historical – and factual – Google Analytics data that I drew from actual client websites, I was able to draw the following conclusion: If we presume that 35% of the traffic to a website comes from search engines, and that 50% of that traffic comes from Google, and that 50% of THAT traffic comes from users of mobile devices, it would mean that a site that was not mobile-friendly would lose approximately 9% of its traffic if the website was totally dropped from mobile search results on Google (something that was not going to happen and did not suddenly happen on April 21, 2015.)

According to statements made in a live stream on Google’s Webmaster Central on May 8th, the search giant realizes there are “small businesses who (sic) don’t have the time or the money (to have built a mobile-friendly site yet) … that are still fairly relevant in the search results, so we need to keep them in there somehow.” For example, if you run one of the leading campgrounds in Sturgis, South Dakota, Google is not going to drop your website from mobile search results just because your website is not deemed mobile-friendly. That would run totally contrary to the delivery of accurate and comprehensive search results, the overall basis for Google’s commanding success in the search market. A non-mobile site will still rank highly if it presents the content that users seek.

Mobile search rankings have always been different that desktop search rankings, and that gap is going to gradually but continually widen over time for sites that are not mobile-friendly. According to a recent report by digital marketing agency Merkle|RKG, fully 46% of Fortune 500 companies and 29% of the Internet Retailer 500 businesses do not yet have mobile-friendly sites. Even among the Top 10 of the Fortune 500, there are companies that do not yet have mobile-friendly sites: Phillips 66 (# 6 on the list) and Valero Energy (# 10 on the list). On the other hand, Google reports that there was a 4.7% increase in the overall number of mobile-friendly sites that were introduced in the two months leading up to the April 21st algorithm update. You can expect the numbers to increase, along with the volume of mobile-based Internet access, by less proactive companies that slowly embrace the inevitable.

As of May 1, 2015, Google has confirmed that the new search algorithm has been fully rolled out, although the differences that have been measured by both major online marketing agencies and the people who earn a living by monitoring the inner workings of search engines have been almost immeasurably lackluster. This was not the “storm of the century”; however, to use another weather-related analogy, neither the presence of that storm nor the lack thereof would represent a reason to deny long-term global warming. In other words, the mobile-friendliness of your website is in the ultimate interest of your business. Just don’t panic.

This post was written by Peter Pelland

Nobody Likes the Surprise of Hidden Charges

April 2nd, 2015

Last week, on a quick trip to Nebraska, I rented a car at Eppley Airfield in Omaha. I had reserved the car rental online in advance. My basic rental fee with Thrifty Car Rental came to $155.72. Sort of like a base rate for a campsite … or is it?

Transparency in pricing is more important than ever these days. Consumers do not want to feel cheated or like they are being subjected to fraudulent pricing practices. When you dine at a restaurant, you are not charged extra for the use of a table, to have your meal served on plates, using the restrooms, or for the use of flatware and napkins. These are part of the overhead of being in the restaurant business. Yes, we all know that there are so-called “extras”, many of which apply to various types of recreational services. Unless there is special package pricing, if you schedule a round of golf, you expect to pay extra for a golf cart; if you go skiing, you expect to pay extra for ski rentals or lessons; and if you hit the bowling lanes, you will pay to rent bowling shoes if you need them.

RentalCarCounter_219597847_800x551_100

Unfortunately, the rental car industry takes add-ons and hidden charges to a whole new level in the stratosphere. My $155.72 car rental came to $275.56 when I returned the vehicle. Mind you, this increase is despite the fact that I declined all of the added insurance (which is covered by my own auto insurance) and declined the added driver charge for my wife (a fee which is actually illegal in the State of California). The previously undisclosed, added fees included:

  • An “RAF” fee of $4.99 per day (which presumably has something to do with renting a vehicle at an airport, even if you simply take a shuttle from the airport to a nearby rental location in some instances).
  • An “Occupancy Tax” of $8.00 (which I presume is an added fee that helps to pay Thrifty’s rent).
  • An “AP Rec Fee” of 12%. I have no idea what this is.
  • An “SEC Fee” of 2%. I also have no idea what this is.
  • A “Vehicle Tax” of 4.5%. This one is also difficult to explain.

Part of the problem with the rental car industry is the lack of competition. Most of us can rattle off a list of rental car companies; however, according to a report published in the IndependentTraveler.com, the fact is that 94% of the rental car industry in America is controlled by only three companies:

  1. Hertz – which also owns Advantage, Dollar and Thrifty
  2. Avis – which also owns Budget and Zipcar
  3. Enterprise – which also owns Alamo and National

In fact, when we landed in Omaha and went to the car rental counters, the Thrifty Car Rental booth was unoccupied, with a sign directing customers to the adjacent Dollar Car Rental space. A near-monopoly is never in the interest of consumers. As a case in point, let me present one more tidbit from my car rental experience.

I generally use a bank debit card to pay for my travel expenses. When doing so, it is typical for a hold on funds to be applied, exceeding the anticipated cost of the service by $200.00 or $250.00. According the Thrifty, there would be an additional hold of $350.00 (a bit excessive). More outrageously, if you used a debit card, they would first run a credit check (which, in itself, is harmful to one’s credit score) AND charge you a $15.00 fee for the credit report! When I questioned this practice, the clerk pointed toward the other car rental counters and said that they had “all decided to introduce this policy” the previous week. I am not an attorney, but I believe that this is the textbook definition of the term “collusion”. I used a credit card as an alternate form of payment.

Needless to say, I am not happy with my most recent car rental experience, and I will never again rent a vehicle from Thrifty or Dollar. I will probably also file a complaint with either regulatory authorities or the Office of the Attorney General in the State of Nebraska (if not both). If this experience involved camping, I would not be the classic “Happy Camper”.

If you are wondering how this all might relate to camping, ask yourself if your rates are as transparent as possible. Every campground is going to require cancellation fees, guest fees, premium rates (and minimum stays) for holiday weekends, and premium charges for premium sites. The important part of the equation is for those fees to be fully disclosed at the time of reservation, leading to no surprises at the time of arrival or final check-out. If your state or county imposes a lodging tax on your cabin rentals, be sure that your campers are aware of that fee at the time of reservation.

There are other fees that you may want to reconsider because they are difficult for your customers to rationalize. These might include early check-in fees and wi-fi access charges. Then there are other fees that are certain to meet with customer disapproval. These include surcharges for the use of credit cards, along with transaction fees (often referred to as “convenience charges”) that accompany online reservations. These, like the “Occupancy Tax” and “Vehicle Tax” at the airport car rental counter, should be built into your basic pricing.

If you try to see your pricing structure from your customers’ perspective, you will avoid the type of dissatisfaction that will only hurt your business in the long run. In order for your customers to see things clearly requires transparency on your part. Ask yourself if it is time to take another look!

This post was written by Peter Pelland

The Future is Always Connected: Netflix Nixes Offline Viewing

January 28th, 2015

As online video- and music-streaming becomes more and more advanced, many service providers and media portals have begun to roll out offline caching for videos and music. From Soundcloud to Spotify to Amazon Prime and Google’s brand-new YouTube Music Key, service after service has started to allow its users to store media locally, allowing for its later consumption. This feature turns out to be especially important for users on slower or bandwidth limited connections, who can locally store media on a WiFi connection to avoid long waits or bandwidth surcharges.

BrB

With just about every service rolling out offline caching in some capacity or another, it seemed only a matter of time before the 800 pound video streaming gorilla in the room jumped on board. We’re talking about Netflix, of course. For a while now, rumors had been swirling that Netflix was planning to launch their own offline caching options.

Now, in the bright light of the New Year, these rumors have been unceremoniously dismissed by Netflix Public Relations Director Cliff Edwards. Techradar reports that Edwards bluntly stated that offline storage was “never going to happen.” Why is this?

Netflix, it turns out, treats the non-ubiquity of bandwidth and connectivity as a short term problem, one for which offline caching is nothing more than a quick band aid. Instead, Edwards predicts that within five years, bandwidth will be so cheap and universal that users won’t even remember that they ever wanted offline caching in the first place, and will regard local storage as an outdated and obsolete concept for technology.

This is a contentious stance for a company to take, since it essentially implies that Netflix is willing to offer an inferior service on the short term to save resources. Netflix seems willing to lose customers to whom offline storage is especially important. Amazon Prime streaming has been quick to affirm its commitment to providing consistent and universal service to its subscribers. Currently, offline viewing is available for Fire tablets, and Amazon has announced plans to extend this functionality to more of its devices in the future.

Trophy

Perhaps the case is that Netflix sees itself more and more as a content creator in addition to simple media provider. Like a more traditional TV station, Netflix is devoting more and more of its resources to the creation and curation of original video content, and perhaps sees its future as focusing more on this division of business. Netflix has already announced aims to debut at least 20 more original series in the next five years and is currently heavily promoting its new period drama called Marco Polo, following the adventures of the medieval Italian explorer.

No matter what you make of it, Netflix’s surprising decision about offline streaming belies a confidence that internet infrastructure will continue to be developed. Based on history, this is a safe bet, though it also shows a surprising self-confidence in their place in the market. Netflix seems to believe their position is unassailable. It will be interesting to see if this is the case.

Nick Rojas is a business consultant and writer who lives in Los Angeles and Chicago. He has consulted small and medium-sized enterprises for over twenty years. He has  contributed articles to Visual.ly, Entrepreneur, and TechCrunch. You can follow him on Twitter @NickARojas, or you can reach him at NickAndrewRojas@gmail.com.

This post was written by Peter Pelland

Finding It on Google Does Not Mean It Is Yours to Use

July 23rd, 2014

It’s late at night, a tired driver pulls up in front of your house, walks in your unlocked front door, and proceeds to enjoy a sound night of sleep in your spare bedroom. How would you react? Confronting the stranger, he tells you that an unlocked door is an open invitation to guests. Another night, your door is locked, and another stranger climbs in through a window. This one brings his entire family, redecorates, changes the locks on the doors, and wants to know what you are doing in his house.

You might think that these stories are crazy, and you would be right; however, have you ever done an image search on Google when you were looking for a certain photo or illustration to use in your own promotional materials? Unless it is specifically marked as “freeware” or “open source” by the original artist, you are probably just as guilty as one of those uninvited guests.

Most people know that just about any image or text that is ever posted online will be shared, re-posted, and indexed by search engines. Even embarrassing personal information has a life of its own. In fact, it took a May 2014 ruling by the European Union’s top court to enforce the new “Right to Be Forgotten” policy that affects Google search results that are based upon an individual’s name. In the first month, according to The Wall Street Journal, over 40,000 removal requests were filed; however, the removal process is a slow and tedious procedure that is currently in effect only in EU member countries.

When it comes to that image search on Google, when you click on an individual image, the only disclaimer is the “images may be subject to copyright”, wording that is intended to relieve Google of liability, not to protect either you or the rights of artists. It is safe to assume that any use of an image found in this manner is a copyright violation and inherently illegal.

Put yourself in the shoes of an artist – or an author, in the case of text – and try to see the situation objectively. Nobody has a right to stay at your campground without paying a fee. Your campground is your livelihood. Well, the same thing applies to artists, illustrators, authors, and other people engaged in creative pursuits. They earn a living, put food on the table, and clothe their children by selling rights to their work.

One of our clients was mildly chastised recently for using a piece of artwork that he found in a Google search on one of his Facebook posts. Google did not clearly warn him that the artwork was copyrighted, but the artist did. It was a simple matter of apologizing and deleting the image; however, if the image had been used on printed materials, it could be another story with an entirely different outcome. Fortunately, most artwork found online is low resolution and unsuitable for use in print. Using artwork found online in printed materials could actually lead to a cease and desist order that could require any materials containing an unauthorized image to be recalled and destroyed.

 

RaccoonHeadLogos_600x320_100

Another of our clients, Baker’s Acres Campground in New Jersey, has a very distinctive raccoon logo that we hired an artist to design on their behalf back in the 1980s. It is the campground’s registered trademark, they paid to have it created, and the original artwork is in our files. I just discovered that another campground has been using this artwork as its own logo, simply adding a feather to the back of the raccoon’s head. I spoke with the owner of the campground, and he sounded like a very nice individual who had no ill intent. He simply thought that he had used a piece of art that was in the public domain and then modified it. It apparently appears online and on his brochure, although I advised him to stop using it. Other instances may not result in such a friendly outcome.

If you require artwork for any purpose, there are two options. Either hire an artist to create custom artwork or buy usage rights to royalty-free stock images. Artists or illustrators can be easily found online through various resources such as www.elance.com; stock photography and illustrations are also readily available online through various resources such as www.shutterstock.com and www.123rf.com. Prices are remarkably affordable, and it is difficult to put a price on peace of mind.

The bottom line is that a Google search for images might be fine to provide ideas regarding what is already being used, perhaps helping you to avoid using something that is too similar to existing art; however, it should not be used as a resource for finding unique images that are free for the taking. In other instances, the search results might include watermarked stock images, with a link to the site where usage rights may be purchased.

Think about it: the reason that Google is indexing an image is because it is already online and being used, almost certainly by a business that has paid for that privilege. You do not want to act like that uninvited guest who is looking for a free place to spend the night.

This post was written by Peter Pelland