If ever there was a key skill you’ll need in your business – it’s planning.
You can still be your own boss if you’re not the most organised of people, but you’ll find it a very tough slog.
No matter how good or bad you are at forward planning, a solid business plan is arguably the most important business-related document you will ever create. It’s highly recommended for anyone starting a venture, as a way of ensuring you plan the kind of business you want to create.
If you’re going to need financial support from a bank, a private investor or you need to attract a business partner, it’s an absolute essential.
Your business plan need only be a few pages long, containing key information about the business. Don’t worry too much about the format; focus more on getting the information right and the correct message communicated.
Here’s a suggested list of contents:
1. Objectives: What do you want to achieve from your business? List key goals including a financial overview
2. Executive review: An overview of what the business will do and how. Include the legal structure, who will work in the business and what roles they will fulfill. Potential investors will use the information in this section to decide if the rest of the plan is worth looking at
3. Market analysis: How many businesses already offer this product or service, and where does your new venture sit in the marketplace?
4. Demand analysis: Who are your potential customers and how likely is it they will buy from you? Are you at the premium end, the budget end or somewhere in-between?
5. Environmental analysis: What impact will your venture have on the environment, and how can you minimise that?
7. Analysis of the competition: To launch a successful venture you need to offer something different. So work out what’s already out there and identify the gap that’s open to you.
8. Marketing strategy: Once you know the message you want to give out, show how you will do that. Don’t get into too much detail but give an overview of strategy
9. Success factors: What things must happen to make the business a success? Listing them in the business plan keeps them top of your awareness
11. Finances: List your likely costs and predicted revenue. This is normally done for three years. Remember most people underestimate costs and overestimate revenue
12. Conclusion: Sum up your business plan in a few sentences.
Remember that a busines plan should be a living document. It’s no good to you if you complete it and stick it on a shelf. Even when you are running your business, get in the habit of reviewing your plan at least once a quarter.
source:www.bytestart.co.uk
Selasa, 17 Februari 2009
Ten tips on how to start your own business
If you want your new solo business to flourish, it makes good sense to review these tips on how to start your own business.
As a soloist starting your own business today, you have the advantage of being able to learn from those who have gone before. The business success statistics are well known: a staggering 40% of all new businesses fail within the first 12 months. Within five years, more than 80% will have failed.
Here’s ten ideas on how to start your own business and avoid that fate.
1. Define your unique point of difference
Why will a customer come to you instead of anybody else? Are you better, more accurate, cheaper, more convenient, easy to install? Whatever your unique difference is, this is the question that, once answered, becomes the basis of all of your marketing messages.
2. A powerful vision
Why are you in business in the first place? What’s the inspirational dream that convinced you to go out on your own? There may be times when you doubt yourself, but if your vision is strong, it will be the thing that sees you through those times.
3. Repeatable, scalable systems
Any activity that occurs more than once in your business needs a system or process so it gets performed exactly the same way, every single time. This consistency means that you can handle extra volumes in the most efficient way, and that the customer gets the same experience (hopefully a great one!), every time they do business with you.
Tell us what you think: rate this article
4. Love the numbers
You may not be an accountant, but you must have an overwhelming interest in the numbers side of your business. You don’t have to create the reports - outsource by all means - but you definitely need to look at your cashflow, budget and profit and loss on a monthly basis. And if you don’t know what it all means, get your bookkeeper to sit with you each month and explain your financial position.
5. Always add value to the customer’s experience
No matter what service or product you provide, you can be guaranteed that someone out there is trying to do it differently, better, or cheaper than you are. You must consistently focus on adding great value to your customers – always try and delight them in some way. Then they’ll never feel inclined to take their business elsewhere.
6. Continually add to your skills and knowledge
A business can only grow as quickly as the person who owns it. Your investment in your own development is super important. When you learn new skills and come across new ideas, you apply them in your business which in turn drives evolution and innovation.
7. Plans
The purpose of planning is simply to work out how to spend your time, money and other resources effectively. Without considered plans you may find yourself spinning your wheels, jumping from one priority to the next, or simply being undecided. Plans allow you to:
prioritise activities
step back from the day to day issues and take a longer term view, and
anticipate problems before they arrive
8. Product innovation
All products have a defined life cycle. People’s needs change, and so must your products or services. Solo businesses have a tendency to retain unchanged products and services for too long. Be conscious of reframing, restructuring, or refreshing your offer on a regular basis.
9. Surround yourself with the right support
Successful business owners know what their skills are. They also know exactly what skills they don’t (and probably will never) have. Believe me, you are not ‘saving money’ by doing it all yourself, you are wasting time. Outsource those things that aren’t your specialty, and use that time to go and get some new business!
10. Stay close to your customers
The best people to give you feedback about how you are going are your customers. Successful soloists regularly ask their customers for feedback and ideas for improving what they do. And more importantly, they follow through on the feedback they get.
source:www.flyingsolo.com
As a soloist starting your own business today, you have the advantage of being able to learn from those who have gone before. The business success statistics are well known: a staggering 40% of all new businesses fail within the first 12 months. Within five years, more than 80% will have failed.
Here’s ten ideas on how to start your own business and avoid that fate.
1. Define your unique point of difference
Why will a customer come to you instead of anybody else? Are you better, more accurate, cheaper, more convenient, easy to install? Whatever your unique difference is, this is the question that, once answered, becomes the basis of all of your marketing messages.
2. A powerful vision
Why are you in business in the first place? What’s the inspirational dream that convinced you to go out on your own? There may be times when you doubt yourself, but if your vision is strong, it will be the thing that sees you through those times.
3. Repeatable, scalable systems
Any activity that occurs more than once in your business needs a system or process so it gets performed exactly the same way, every single time. This consistency means that you can handle extra volumes in the most efficient way, and that the customer gets the same experience (hopefully a great one!), every time they do business with you.
Tell us what you think: rate this article
4. Love the numbers
You may not be an accountant, but you must have an overwhelming interest in the numbers side of your business. You don’t have to create the reports - outsource by all means - but you definitely need to look at your cashflow, budget and profit and loss on a monthly basis. And if you don’t know what it all means, get your bookkeeper to sit with you each month and explain your financial position.
5. Always add value to the customer’s experience
No matter what service or product you provide, you can be guaranteed that someone out there is trying to do it differently, better, or cheaper than you are. You must consistently focus on adding great value to your customers – always try and delight them in some way. Then they’ll never feel inclined to take their business elsewhere.
6. Continually add to your skills and knowledge
A business can only grow as quickly as the person who owns it. Your investment in your own development is super important. When you learn new skills and come across new ideas, you apply them in your business which in turn drives evolution and innovation.
7. Plans
The purpose of planning is simply to work out how to spend your time, money and other resources effectively. Without considered plans you may find yourself spinning your wheels, jumping from one priority to the next, or simply being undecided. Plans allow you to:
prioritise activities
step back from the day to day issues and take a longer term view, and
anticipate problems before they arrive
8. Product innovation
All products have a defined life cycle. People’s needs change, and so must your products or services. Solo businesses have a tendency to retain unchanged products and services for too long. Be conscious of reframing, restructuring, or refreshing your offer on a regular basis.
9. Surround yourself with the right support
Successful business owners know what their skills are. They also know exactly what skills they don’t (and probably will never) have. Believe me, you are not ‘saving money’ by doing it all yourself, you are wasting time. Outsource those things that aren’t your specialty, and use that time to go and get some new business!
10. Stay close to your customers
The best people to give you feedback about how you are going are your customers. Successful soloists regularly ask their customers for feedback and ideas for improving what they do. And more importantly, they follow through on the feedback they get.
source:www.flyingsolo.com
Financing Your Business In 2009 by Joseph Lizio
There are many criteria that banks require in approving loans for businesses. What usually comes to mind first is credit, given today’s financial crisis. While credit is extremely important, there are many other factors in addition to credit scores that businesses must be aware of and account for when seeking capital for business growth. The following outlines a company’s ability to repay or service a new debt facility. Banks and other financial lenders will not just give you money because you think you need it; you have to be able to pay for it as well.
You must be able to repay your new debt – both the principle amount and the interest. Now, there are many structures to business debt like interest only (which I do not recommend), balloon payments, quarterly payments, etc. Still, you have to generate enough income from the business to service the payment amount. Further, not only do you have to generate enough money to pay the P & I, but you usually have to have a little bit more – usually 25% to 50%.
Why? This additional cushion provides the bank with assurance that your business could have a down period and still cover their payment.
Now to the numbers: To determine if your business could service a $100,000 business loan, begin with your net income. To this amount, add back depreciation (this is a non-cash accounting anomaly) and any and all interest payments that you already make and your taxes. This should be the net amount that your business has to cover your total debt service – this is essentially your earnings before interest, taxes, depreciation and amortization (EBITDA) or your actual cash profits from your operations.
For the remainder of this analysis, we will ignore taxes. The interest on your loan is an operating cost – meaning it reduces your taxable income. However, the principle portion that you pay comes straight out of your net income – after all other obligations are paid including local, state, and federal taxes. The reason we will ignore taxes is to make this analysis simple and demonstrate why banks and other financial lenders require higher debt service ratios.
At 8% for 48 monthly payments, a $100,000 loan would require a monthly service of $2,442 or $29,296 per year (straight amortization for simplicity purposes). Assuming that your business does not have any other debt, you would have to, at the least, earn this amount over and above all other business costs – over your EBITDA. However, most banks want to see a debt service ratio of 1:1.25x to 1:1.5x – meaning that you need to generate EBITDA between $3,053 and $3,663 per month in this case.
Should your business have other debt that is not being paid off with this new facility, add that amount to your debt service minimum payment above. You will then have to cover up to 1:1.5x all your debt obligations.
Further, banks do "what if" analysis on this debt service requirement. Take your operating profit (EBITDA) and reduce it by 10% and 20%. After these calculations, does this new income amount still cover the original payment amount of $2,442? If not, no loan. Again, banks want to ensure that your business could survive a down turn and still make its payment obligation to them.
Keep in mind that the above analysis is based on past financial (past results of your business). While the lender will make every attempt to forecast future projections, it does not significantly rely on expectations of what your business will or may do.
While this is a very basic analysis, I hope you get the gist of what banks look for when underwriting loans. Should your business not be able to meet these requirements, then negotiate a lower payment through interest reduction, loan amount reduction, or balloon payments or reevaluate your need for a loan. If you can’t pay for it, you don’t need it.
Additionally, there may be many other ways to finance your growing business. The most widely used for working capital loans and advances are accounts receivable financing (factoring), purchase order financing, and business cash advances. These types of facilities can help bridge the gap between cash outlay and revenue.
source:www.businessknowhow.com
You must be able to repay your new debt – both the principle amount and the interest. Now, there are many structures to business debt like interest only (which I do not recommend), balloon payments, quarterly payments, etc. Still, you have to generate enough income from the business to service the payment amount. Further, not only do you have to generate enough money to pay the P & I, but you usually have to have a little bit more – usually 25% to 50%.
Why? This additional cushion provides the bank with assurance that your business could have a down period and still cover their payment.
Now to the numbers: To determine if your business could service a $100,000 business loan, begin with your net income. To this amount, add back depreciation (this is a non-cash accounting anomaly) and any and all interest payments that you already make and your taxes. This should be the net amount that your business has to cover your total debt service – this is essentially your earnings before interest, taxes, depreciation and amortization (EBITDA) or your actual cash profits from your operations.
For the remainder of this analysis, we will ignore taxes. The interest on your loan is an operating cost – meaning it reduces your taxable income. However, the principle portion that you pay comes straight out of your net income – after all other obligations are paid including local, state, and federal taxes. The reason we will ignore taxes is to make this analysis simple and demonstrate why banks and other financial lenders require higher debt service ratios.
At 8% for 48 monthly payments, a $100,000 loan would require a monthly service of $2,442 or $29,296 per year (straight amortization for simplicity purposes). Assuming that your business does not have any other debt, you would have to, at the least, earn this amount over and above all other business costs – over your EBITDA. However, most banks want to see a debt service ratio of 1:1.25x to 1:1.5x – meaning that you need to generate EBITDA between $3,053 and $3,663 per month in this case.
Should your business have other debt that is not being paid off with this new facility, add that amount to your debt service minimum payment above. You will then have to cover up to 1:1.5x all your debt obligations.
Further, banks do "what if" analysis on this debt service requirement. Take your operating profit (EBITDA) and reduce it by 10% and 20%. After these calculations, does this new income amount still cover the original payment amount of $2,442? If not, no loan. Again, banks want to ensure that your business could survive a down turn and still make its payment obligation to them.
Keep in mind that the above analysis is based on past financial (past results of your business). While the lender will make every attempt to forecast future projections, it does not significantly rely on expectations of what your business will or may do.
While this is a very basic analysis, I hope you get the gist of what banks look for when underwriting loans. Should your business not be able to meet these requirements, then negotiate a lower payment through interest reduction, loan amount reduction, or balloon payments or reevaluate your need for a loan. If you can’t pay for it, you don’t need it.
Additionally, there may be many other ways to finance your growing business. The most widely used for working capital loans and advances are accounts receivable financing (factoring), purchase order financing, and business cash advances. These types of facilities can help bridge the gap between cash outlay and revenue.
source:www.businessknowhow.com
Senin, 16 Februari 2009
Sources of Capital for New, Start-up Businesses by Joseph Lizio
As the economy continues to face credit challenges, small businesses, especially new, start-up companies are finding it even more difficult to find the capital they need to take their ideas and concepts and turn them into viable businesses.
Private equity firms and angel groups are no longer actively seeking new investments. They are more concerned with preserving and protecting their current portfolios. Further, private investors, like your neighbor or local doctors, accounts, lawyers, are not investing in local companies as their investments and retirement portfolios (usually the main source of their investment capital) have taken such large hits that any new investments are just out of the question.
Bootstrapping, by far the greatest source of capital for new businesses, is drying up fast. Credit card issuers and backers are pulling programs, tightening approvals and reducing limits. Friends and families are struggling just to survive themselves and do not have the disposable income to investment in your company.
Taking loans from retirement accounts are nearly impossible today as the market values of these assets have drop so dramatically over the last two quarters. There just isn’t the value there to take a loan against.
SBA backed loans remain just a difficult and costly to obtain as always. These loans still need to be underwritten by traditional lenders who are not making any loans at all as well as be underwritten by the SBA who has followed the banks’ course in tightening standards.
So, what are new, small businesses to do?
A few suggestions are as follows:
First, start smaller and work your way up. Small scale operations mean smaller capital needs. Thus, the small amount of capital a new entrepreneur does have (savings, home equity, retirement plans) can be used to jump start a business if it is designed on a smaller scale.
Micro-Loans: Micro-loans are loans for small organizations or start-up companies that do not qualify for regular loan facilities. These loans usually range from $500 to $25,000 and take up to five weeks for approval and funding.
Personal Loans: There are still a few companies that make personal loans from $10,000 to $100,000 provided the borrower has excellent (and I mean excellent) credit and a demonstrated ability to make the loan payments.
Asset Based Facilities: If your business has some proven track record, even if it is just for a few months, and has generated some financial assets like accounts receivables or credit card receipts, you may qualify for capital against those assets.
Account Receivable Factoring can help speed up your cash flow while you wait for your customers to pay you. You can then access working capital that can be used to generate new business, cover current liabilities obligations, or make payroll. There are companies that will factor receivables as low as $200.
Included with Accounts Receivable Factoring is Purchase Order Financing. If your business has an order to be filled but does not have the money to complete the order (e.g. buy supplies or equipment or hire needed labor) Purchase Order financiers will provide the funds needed based on that order.
Business Cash Advances, while not really a loan, can provide working capital against FUTURE credit card sales. The funds can be use for any purpose and could provide the capital your business needs to get it through these troubled times.
Equipment: Do you own some equipment outright? If so, you can sale that equipment (including tools and machinery) to a leasing company. Then, lease the equipment back from the lessor. You get the cash you need now and still benefit from possible tax deductions of the lease payments and other costs.
Where there is a will, there is always a way. These may not be the cheapest financial products in the market but for most business owners and start-ups, these may be the only option.
When seeking capital in this market, try to keep in mind that it is only temporary. The markets will turn around and lending standard will loosen. So, what you seek now should only suffice enough to get your new, start-up business through this down period.
Copyright 2009 - BusinessMoneyToday.com
Joseph Lizio holds and MBA in Finance and Entrepreneurship and has a strong commercial lending background. In his current venture, Mr. Lizio is the founder of www.businessmoneytoday.com - a site designed to help business owners find and obtain capital to grow their businesses.
source: www.businessknowhow.com
Private equity firms and angel groups are no longer actively seeking new investments. They are more concerned with preserving and protecting their current portfolios. Further, private investors, like your neighbor or local doctors, accounts, lawyers, are not investing in local companies as their investments and retirement portfolios (usually the main source of their investment capital) have taken such large hits that any new investments are just out of the question.
Bootstrapping, by far the greatest source of capital for new businesses, is drying up fast. Credit card issuers and backers are pulling programs, tightening approvals and reducing limits. Friends and families are struggling just to survive themselves and do not have the disposable income to investment in your company.
Taking loans from retirement accounts are nearly impossible today as the market values of these assets have drop so dramatically over the last two quarters. There just isn’t the value there to take a loan against.
SBA backed loans remain just a difficult and costly to obtain as always. These loans still need to be underwritten by traditional lenders who are not making any loans at all as well as be underwritten by the SBA who has followed the banks’ course in tightening standards.
So, what are new, small businesses to do?
A few suggestions are as follows:
First, start smaller and work your way up. Small scale operations mean smaller capital needs. Thus, the small amount of capital a new entrepreneur does have (savings, home equity, retirement plans) can be used to jump start a business if it is designed on a smaller scale.
Micro-Loans: Micro-loans are loans for small organizations or start-up companies that do not qualify for regular loan facilities. These loans usually range from $500 to $25,000 and take up to five weeks for approval and funding.
Personal Loans: There are still a few companies that make personal loans from $10,000 to $100,000 provided the borrower has excellent (and I mean excellent) credit and a demonstrated ability to make the loan payments.
Asset Based Facilities: If your business has some proven track record, even if it is just for a few months, and has generated some financial assets like accounts receivables or credit card receipts, you may qualify for capital against those assets.
Account Receivable Factoring can help speed up your cash flow while you wait for your customers to pay you. You can then access working capital that can be used to generate new business, cover current liabilities obligations, or make payroll. There are companies that will factor receivables as low as $200.
Included with Accounts Receivable Factoring is Purchase Order Financing. If your business has an order to be filled but does not have the money to complete the order (e.g. buy supplies or equipment or hire needed labor) Purchase Order financiers will provide the funds needed based on that order.
Business Cash Advances, while not really a loan, can provide working capital against FUTURE credit card sales. The funds can be use for any purpose and could provide the capital your business needs to get it through these troubled times.
Equipment: Do you own some equipment outright? If so, you can sale that equipment (including tools and machinery) to a leasing company. Then, lease the equipment back from the lessor. You get the cash you need now and still benefit from possible tax deductions of the lease payments and other costs.
Where there is a will, there is always a way. These may not be the cheapest financial products in the market but for most business owners and start-ups, these may be the only option.
When seeking capital in this market, try to keep in mind that it is only temporary. The markets will turn around and lending standard will loosen. So, what you seek now should only suffice enough to get your new, start-up business through this down period.
Copyright 2009 - BusinessMoneyToday.com
Joseph Lizio holds and MBA in Finance and Entrepreneurship and has a strong commercial lending background. In his current venture, Mr. Lizio is the founder of www.businessmoneytoday.com - a site designed to help business owners find and obtain capital to grow their businesses.
source: www.businessknowhow.com
Senin, 09 Februari 2009
Simple Startup Tips
When going into business for yourself start out simple. In most states, the first step to starting your business is simply to register in your county for a fictitious business name, also called a “dba” (for “doing business as”) registration. This is very common. If you want to be “Dawn’s Design” or “Acme Furniture” or “Joe’s Diner,” or whatever, the registration makes you a legal business.
I did this in California a couple of times for $35 a pop, and once in Oregon, more recently, for $25. Normally you go to the county seat and establish that nobody else is using the name, then register it. In most states you will have to do a legal advertisement too, but they have forms in the registration office and local papers make this easy. Then, you go to your bank and take out a bank account with the new name, and you’re in business.
You may also need a business license, this would depend on local laws. Some areas require it, some don’t. Most don’t, actually.
If you will be running your business from your home the laws depend on the city rules, normally, zoning laws, and local licensing requirements. You could call your town hall or the chamber of commerce to ask. When I ran a home office business in Palo Alto in the early 1980s, you were not allowed to put a sign outside your house or take commercial deliveries. Otherwise, the city didn’t care.
As you look at these details, the best source of real help at an affordable cost is your local Small Business Development Center (SBDC). These are funded by federal, state, and local funds, and there are almost 1,000 of them throughout the country. They vary by state, but I know New Hampshire has an excellent program. Definitely one of the better ones.
Because SBDCs are publicly funded, they tend to offer business counseling for relatively low rates. I recommend them highly. You can find a list of SBDCs at our website.
source: http://articles.bplans.com/business-articles
I did this in California a couple of times for $35 a pop, and once in Oregon, more recently, for $25. Normally you go to the county seat and establish that nobody else is using the name, then register it. In most states you will have to do a legal advertisement too, but they have forms in the registration office and local papers make this easy. Then, you go to your bank and take out a bank account with the new name, and you’re in business.
You may also need a business license, this would depend on local laws. Some areas require it, some don’t. Most don’t, actually.
If you will be running your business from your home the laws depend on the city rules, normally, zoning laws, and local licensing requirements. You could call your town hall or the chamber of commerce to ask. When I ran a home office business in Palo Alto in the early 1980s, you were not allowed to put a sign outside your house or take commercial deliveries. Otherwise, the city didn’t care.
As you look at these details, the best source of real help at an affordable cost is your local Small Business Development Center (SBDC). These are funded by federal, state, and local funds, and there are almost 1,000 of them throughout the country. They vary by state, but I know New Hampshire has an excellent program. Definitely one of the better ones.
Because SBDCs are publicly funded, they tend to offer business counseling for relatively low rates. I recommend them highly. You can find a list of SBDCs at our website.
source: http://articles.bplans.com/business-articles
Understanding Cyberspace Threats
SQL injection. Drive-by downloads. Social engineering. Rootkits. Malware. Rogueware. To the busy small business owner these words and phrases might sound like gibberish, but they're actually terms that describe some of the more destructive security risks lurking in cyberspace today. Since the first step in helping prevent harmful hacker attacks to your company computers is getting up to speed with the ever-evolving threat landscape, here's a brief overview:
Malware. Short for malicious software, it includes all forms of computer viruses, worms, Trojan horses, rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software. When you see the word "malware" in a news story or threat report, keep in mind that it covers a variety of forms of hostile, intrusive, or annoying software or program code.
Rootkits. Popularized by the Sony digital-rights management case, a rootkit is a form of malware that allows an attacker to maintain a stealthy presence on an infected computer. Rootkits are typically used in spyware and other programs to avoid detection and allow another piece of malware to monitor traffic and keyboard strokes. A rootkit is considered the most insidious form of malware.
SQL injection. SQL injection is an attack technique used by hackers to insert malicious code into the database layer of a Web application. These types of attacks are typically used to plant harmful code into hacked Web sites and use that code to launch drive-by-downloads against end users.
Drive-by downloading. Drive-by downloading is a catch-all name for malware that gets installed on a computer when a user simply surfs to a (maliciously rigged) Web site. Over the past year, there has been a dramatic surge in these types of attacks where a hacker uses SQL injection to infect legitimate Web sites for use in drive-by download attacks. The exploits used in these types of attacks typically target unpatched vulnerabilities in desktop applications, so the best defense for this is to adopt safe browsing habits and ensure that all installed software programs are fully updated.
Rogueware, fraudware, or scareware. These are types of malware that attempt to trick computer users into buying useless and dangerous software. They typically generate a legitimate-looking pop-up warning that purports to be antivirus or antispyware software or a registry cleaner. These are fake warnings that claim the computer is infected with a large number of viruses and point the user to a Web site to pay for a virus cleaner. Rogueware/fraudware/scareware is such a big problem that Microsoft recently added removal detections for this class of attack and removed fake security software programs from 994,061 distinct machines, most in the U.S. and Europe.
source: http://www.businessweek.com/smallbiz/tips/
Malware. Short for malicious software, it includes all forms of computer viruses, worms, Trojan horses, rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software. When you see the word "malware" in a news story or threat report, keep in mind that it covers a variety of forms of hostile, intrusive, or annoying software or program code.
Rootkits. Popularized by the Sony digital-rights management case, a rootkit is a form of malware that allows an attacker to maintain a stealthy presence on an infected computer. Rootkits are typically used in spyware and other programs to avoid detection and allow another piece of malware to monitor traffic and keyboard strokes. A rootkit is considered the most insidious form of malware.
SQL injection. SQL injection is an attack technique used by hackers to insert malicious code into the database layer of a Web application. These types of attacks are typically used to plant harmful code into hacked Web sites and use that code to launch drive-by-downloads against end users.
Drive-by downloading. Drive-by downloading is a catch-all name for malware that gets installed on a computer when a user simply surfs to a (maliciously rigged) Web site. Over the past year, there has been a dramatic surge in these types of attacks where a hacker uses SQL injection to infect legitimate Web sites for use in drive-by download attacks. The exploits used in these types of attacks typically target unpatched vulnerabilities in desktop applications, so the best defense for this is to adopt safe browsing habits and ensure that all installed software programs are fully updated.
Rogueware, fraudware, or scareware. These are types of malware that attempt to trick computer users into buying useless and dangerous software. They typically generate a legitimate-looking pop-up warning that purports to be antivirus or antispyware software or a registry cleaner. These are fake warnings that claim the computer is infected with a large number of viruses and point the user to a Web site to pay for a virus cleaner. Rogueware/fraudware/scareware is such a big problem that Microsoft recently added removal detections for this class of attack and removed fake security software programs from 994,061 distinct machines, most in the U.S. and Europe.
source: http://www.businessweek.com/smallbiz/tips/
Putting a Computer Security Policy in Place
A friend of mine setting up an online printing operation e-mailed me a few weeks ago to ask for advice on setting up formal computer security policies to keep his business safe from intrusion. We went back and forth on the obvious ones—keep antivirus subscriptions current; enable a properly configured firewall; block access to the darker parts on the Internet.
The more we e-mailed, it became clear to both of us that it's a real predicament for startups that do business on the Internet to ever be safe from hacker attacks. The nature of Web-based threats, drive-by malware downloads, and clever social engineering attacks make it nearly impossible to be fully secure. Having acknowledged that, we narrowed down some must-do items that could help to minimize exposure to risk.
• Invest in anti-malware protection and make sure signature databases are current. When evaluating security software, ask about approaches to "whitelisting" (application control), "behavior blocking," and the use of "herd-intelligence."
• Stay on top of high-priority patches for Web server and desktop software programs. Be vigilant about software that gets installed on employee computers and stay away from programs without auto-update mechanisms. Pay special attention to patching known vulnerabilities in applications that are constant hacker targets. Some examples include Adobe PDF, Adobe Flash Player, Apple QuickTime, RealPlayer, and WinZip.
• Diversify browser usage and make it a policy for employees to use certain browsers for certain sensitive transactions. Microsoft's Internet Explorer, a popular target for hackers, should be avoided for high-value transactions.
• Adopt strong password policies. A strong password should be between 8 and 20 characters and must combine random upper- and lower-case letters, numbers and symbols. The longer and more complex your password is, the harder it is to crack using dictionary-based hacking tools.
source:http://www.businessweek.com/smallbiz/tips/
The more we e-mailed, it became clear to both of us that it's a real predicament for startups that do business on the Internet to ever be safe from hacker attacks. The nature of Web-based threats, drive-by malware downloads, and clever social engineering attacks make it nearly impossible to be fully secure. Having acknowledged that, we narrowed down some must-do items that could help to minimize exposure to risk.
• Invest in anti-malware protection and make sure signature databases are current. When evaluating security software, ask about approaches to "whitelisting" (application control), "behavior blocking," and the use of "herd-intelligence."
• Stay on top of high-priority patches for Web server and desktop software programs. Be vigilant about software that gets installed on employee computers and stay away from programs without auto-update mechanisms. Pay special attention to patching known vulnerabilities in applications that are constant hacker targets. Some examples include Adobe PDF, Adobe Flash Player, Apple QuickTime, RealPlayer, and WinZip.
• Diversify browser usage and make it a policy for employees to use certain browsers for certain sensitive transactions. Microsoft's Internet Explorer, a popular target for hackers, should be avoided for high-value transactions.
• Adopt strong password policies. A strong password should be between 8 and 20 characters and must combine random upper- and lower-case letters, numbers and symbols. The longer and more complex your password is, the harder it is to crack using dictionary-based hacking tools.
source:http://www.businessweek.com/smallbiz/tips/
Langganan:
Postingan (Atom)