The internet of SMMEs

Posted on 2016-02-19

In this modern age it’s an assumption that any and every business has a website, but that’s hardly the case.

The younger generations look for businesses and services almost exclusively online, and we often end up on directory websites that list outdated contact information and addresses; sometimes even businesses that have closed down. For the most part, these directories do not offer a service which keeps your information up to date, and your day-to-day operation makes it difficult to remember or find the time to go to each of them and update it yourself, if they even have such facilities. And then to add insult to injury, do you remember what your username or password was? Is the directory's login page even secure?

The internet is a difficult place to grasp, and usually a small business has to rely on third parties to assist them in the process. In some cases, internet access for your business via one of the ISPs comes bundled with hosting, web design and domain registration services thrown in. The latter expires after a year, and suddenly you have to start paying to renew the domain. Most business don’t remember or decline to do this, and so their website (and associated email addresses) all stop working. Suddenly all your business cards are out of date, none of your former customers can get hold of you unless they have your phone number, and that only lasts until the day you move to different premises.

So unless you have representatives that go around and meet clients (usually other businesses) your business has suddenly disappeared off the face of the earth to the online public, Google will in due time remove your address and associated links from its search engine results and once you’re off Google, you are off the internet. It’s as simple as that.

So what should a small business do? Here are a few tips:

Don’t use your cousin’s son who is in IT

This is probably the most important item on this list. Using an individual with only an oral agreement is a recipe for a disappearing act. This individual will forget the login details to the registrar’s website, could move overseas or worse and become unavailable, and your only line to your online assets are severed. Use the professionals. Use the services of the ISPs if they provide it.

Keep credentials and other records safe

Always store credentials to the various websites and portals that you use safely. Use different passwords for different websites, and two-factor authentication where possible. The best practice for credentials is to use a password manager. There are both online and offline versions of this. To keep records safe, create a DropBox, Google Drive or Microsoft OneDrive account and store your important documents online. These can all synchronize to your local computer or laptop so you don’t need to manually upload it every time, and you can make backup copies of it on DVDs or otherwise.

Renew your domain name

Unless you renew your domain name it will expire and your website and emails will stop working completely. To register or renew a domain costs R100 per annum (in 2016) if you do it yourself at http://co.za. This is a very small amount of money to pay towards the upkeep of your online infrastructure. There is nothing less professional when your advertisement states you have 50 000 happy customers, but then have an email address of joe_carpetcleaner123@gmail.com.

Secure your website

Internet security is no joke, and there are many misrepresentations in the press about it. In 2014 South Africa was rated sixth in the world on cyber crime. If you have an online shop or a user section, it is paramount that you provide a secure portal through which customers can login. But more than that, these days it is important to secure your website regardless*. There are a few reasons for this:

  • Legislation (POPI) provide for harsh penalties (10 years in prison) should your users’ data be compromised and you did not take appropriate measures to secure that data.
  • If it is not secure, you cannot ensure that what your users see in their browsers when they attempt to look at your website is actually your website.
  • If your site (typically based on wordpress) has an administrative login and is not secure, your own admin password can be stolen and your website can be defaced and taken over.

All of these problems arise because of “man-in-the-middle” attacks where someone impersonates your website. This is typical of how phishing attacks happen. This means that the bad guys will use your business’s good name as a front in order to upload malicious software to your customer’s phones and computers and steal their passwords and email addresses or other identifying information. You can get away with an issued SSL certificate from about R1000 per year, depending on the authority (there is also a new free authority at https://letsencrypt.org/, which is in beta). Again, this is a small amount to pay for peace of mind and surety to your customers.

Email Backups

If you make use of your ISP’s email facilities, make sure that they keep an online backup of your mailbox (much like using email on the web at GMail or Apple). Never rely on your computer, because computers crash and hard drives break, and you will lose your entire inbox and email history. Alternatively, register for Google Apps or Microsoft Office and make use of their cloud-based solutions. The same goes for documents.

Social Media and other advertising sites

Get your Facebook page setup and use it. Let people check-in when they arrive at your business. It’s free, it spreads organically and it’s relatively cheap to promote it. Similarly, online advertising sites are very useful for certain types of services, not just physically selling something.

Like anything, keeping an online presence active and engaging will cost both time and money, but rest assured that as new generations arrive, things like physical directories are in less and less circulation, quickly being replaced by social media and online searches. Compared to other forms of advertisements, an online presence is so cheap it’s a no-brainer. A radio advertisement is about R350 for 30 seconds for one airing, excluding the cost of actually recording it. That alone is the cost of three years for your domain name. In South Africa we are slightly behind the trend in the bigger west, but know that soon it will be a case of if you are not online, you are not in business.

*This website will soon be secure too, once I get my certificate from letsencrypt. Until now, securing a personal website has been prohibitive due to the diligence checks.

Recently on helloserve

I’ve been privileged to recently be part of a Unity project at Global Kinetic. Game development and the intricacies specific to that discipline is something I really enjoy, but it also reminded me about my philosophy of first principles and native code development.

As part of our continued Counsel Connect development, I started implementing the online payment service “Pay Now” provided by Sage Pay. Unfortunately, things went bad a few days into the initial prototype.

Lately I’ve noticed that while everyone’s talking about SOLID principles, it also seems that most people think that the benefit of “I” (Interface segregation) is solely related to dependency injection. While that is indeed one benefit, the true (and original) intention of an interface is often overlooked; that is, an interface is first and foremost a contract.