The Internet can be a valuable resource for small business, but along with the benefits come some risks. Fortunately, the risks are relatively easy to control.
Daniel S. Janal (https://www.janal.com) has written an excellent book called “Risky Business: Protect Your Business from Being Stalked, Conned or Blackmailed on the Web” (John Wiley and Sons, 1998) that provides small-business owners with the warnings and tools they need to use the Net safely.
The book outlines steps businesses can take to protect company secrets and avoid electronic sabotage from competitors, unhappy customers or disgruntled employees. You can watch a 13-minute video of Janal at https://www.1webcast.com/danjanal.htm.
One risk is impersonation. Someone can pose as you or one of your employees and say something online that could prove to be embarrassing to your company. Likewise, you could receive a piece of e-mail that appears to be from an employee, client or business partner but could be from an impostor.
If you get a piece of questionable e-mail, such as an unexpected cancellation of an order or a contract, Janal advises that you verify the information by phone. It’s also a good idea to read the header information on the e-mail to see if there are any clues to the sender’s real e-mail address or Internet service provider. If you don’t understand the header information, try to find someone at your company or your Internet service provider who can examine it for you. You don’t need to forward the entire message, just the part that contains the information about the way the message was routed.
Technology tools are available to verify your identity when sending e-mail. Verisign (https://www.verisign.com) offers a tool called a “digital signature” that costs $9.95 a year. Verisign can assign a secure digital ID to you that works with Microsoft Outlook Express, Netscape Messenger and other popular e-mail programs.
We tend to think about consumers as the primary victims of fraud and scams, but businesses can be hurt too. If you plan to engage in online commerce, be sure to verify credit cards before filling orders, and guard against consumers who might claim they never received your shipment by requiring your delivery service to secure a signature before an online order is delivered.
Four of top 10 Internet fraud scams identified by the National Fraud Information Center are often targeted at home-based and small businesses. These are computer equipment/software scams, pyramid schemes, phony business opportunities and franchises, and work-at-home plans. Both the book and the fraud center’s Web site (https://www.fraud.org) contain information on how to prevent or recover from such crime.
Software piracy can put your business in legal jeopardy. If any of your employees are using software at work that your business doesn’t legally own, your company can be fined for up to $250,000. The Software Publisher’s Assn. (https://www.spa.org) Web site has a recommended software policy and employee-use guideline.
The SPA also has a suggested employee Internet usage policy that provides general guidelines on how employees should use the Internet at work. It’s important for business owners to understand that employee Internet activity from company computers can have resource, productivity and legal implications.
That’s not to say that small businesses should ban employees from using company computers to send personal e-mail or check their stock portfolio or baseball scores, but if an employee is spending a lot of time using the PC for personal business, they’re not engaged in company business. If an employee is doing something illegal or inappropriate online, then the consequences can be more severe.
Another risk to businesses is the possibility that your company will be defamed or harassed on the Internet. It’s possible for competitors, unhappy customers or disgruntled former or current employees to complain about your company in Usenet newsgroups or even post a Web page criticizing the company.
Janal dedicates 48 pages to a chapter titled “Attack Sites, Rogue Sites, and Spoof Sites: The New Language of Crisis Communications.” It’s neither difficult nor expensive for a former employee to create a Web site dedicated to trashing your company. Another risk is a rogue site that masquerades as an official company site but is really designed to embarrass or misrepresent you. Usenet Newsgroups--the Internet bulletin boards where anyone can say anything--can easily be used to criticize your company or spread stories about shoddy products, unsafe working conditions and other damaging accusations. You can’t stifle legitimate free speech, but you can monitor what is being said about you and shut down rogue sites that misrepresent your firm’s identity or misuse its trademarks or intellectual property.
It’s a good idea to use Internet search engines periodically to search for your company’s name or product names to see what is being posted about you online. You can search for free on AltaVista (https://www.altavista.com) and other search engines. WebFerretPro from FerretSoft (https://www.ferretsoft.com) is a $26.95 program that quickly uses all the major search engines to locate Web sites that contain any word or string of characters.
You can conduct a quick and free search for your company name on all Usenet newsgroups by visiting https://www.dejanews.com. Be sure to search the “complete archive” if you wish to search both the standard and adult newsgroups. Again, while you might not be able to suppress what people are saying, at least you’ll know what they’re saying so you can try to set the record straight.
It’s also important to protect your company’s intellectual property rights and be certain that you’re not violating anyone else’s rights. You can take action if you find someone has used your company’s artwork, documentation or other material. Likewise, your business can be held liable if you or one of your employees post other’s copyright material without permission.
Find out more about small business and technology at The Times’ Small Business Strategies Conference Oct. 17-18 at the Los Angeles Convention Center. You can e-mail Lawrence J. Magid at firstname.lastname@example.org and visit his Web site at https://www.larrysworld.com. On AOL, use keyword “LarryMagid.”