The Refresh Orlando Heirs

Many small businesses don’t have enough work for a full-time bookkeeper so they often resort to part-time bookkeepers. In most cases, these part-time bookkeepers are not accounting professionals and lack the experience and knowledge required to keep accurate financial records. Secondly most part-time bookkeepers desire full time work and are only working part-time until they find full-time work. If you have a part time employee that wants a part time job you are one of the lucky few. Most probably your part-time bookkeeper is actively seeking full time work. When your bookkeeper quits, the business owner plays that role until the next one can be found.

Are you getting tired of your part-time bookkeepers? Wouldn’t you rather focus on growing your business? Why not outsource your bookkeeping and accounting functions? Bookkeeping and taxes should not be your top priority, outsource those tasks so you can focus on growing your business.

There are so many benefits of outsourcing, here are just a few:
Reduce overhead, free up resources,
Avoid Capital Expenditure,

Improve Efficiency,
Offload non-core functions,
Get access to specialized skills,
Save on manpower and training costs,
Reduce operating costs,
Effectively handle temporary business peaks

Avoid the cost of chasing technology.Best of all, although you pay for the hours you need, you can reach them whenever you want.

In Today’s globalized and networked economy, outsourcing has never been as easy or made so much business sense. The question is not “Why outsource?” but rather, “Why not?”

Margo Masri (Certified Quickbooks Pro-Advisor)
Owner of Margo’s Bookkeeping Service
(We are QuickBooks professionals. We provide outsourced Bookkeeping services to NY’s five boroughs and Long Island. Our goal is to provide professional, affordable, and timely accounting services to small and medium business while adhering to high standards of quality and integrity. )

http://www.margosbookkeeping.com

margo.masri@margosbookkeeping.com

Phishing, you’ve probably heard the term used before but do you really know what it
means to be ‘phished?’

Phishing, a play on the word ‘fishing,’ is a term used to describe the types of emails
used to lure people into divulging their user names and passwords for internet
banking, Ebay, and other sensitive sites.

Common emails are banks, Ebay and Paypal.

These phishing emails are incredibly sophisticated. I teach courses on how to
recognise these emails at our local community house and I have to tell you that
some of the more professional scam emails have me double and triple checking.

Banking ones typically ask you to verify your details by clicking on a link. Ebay and
Paypal tend to use phrases like ‘your account has been suspended,’ or ‘your account
has been fraudulently used and you need to take action.’ The thing all of these
emails have in common is the action you are required to do, either click the link or
enter your details.

It’s not always easy to spot a phishing email. They can look incredibly genuine.
Any email originating from Ebay will always contain your full registered name and
your Ebay ID. If you’re still unsure, look at the email address it was sent to, is it
your registered ebay email? Look on your ‘my messages’ folder in ‘my Ebay,’ is the
message there?

So, what do you do if you get a phishing email in your inbox? The easy thing is to
just delete it. Never, ever, and I repeat again, never, ever, click on the link or enter
your user name or password.

If you want to help stop these types of emails you can also send them onto the
company they are copying. For example, when I get Paypal phishing emails I always
forward them to spoof@paypal.com Ebay ones I forward to spoof@ebay.com You
can use your nouse and look up the bank the email is purporting to be from and
find their abuse/fraud email contact details and forward it to them as well.

Taking action like this helps stamp out internet phishing scams…I know that it is
like stepping on an ant, there’s always 1000 more coming out of the hole in the
ground, but at least it’s one ant that won’t be causing any more trouble.

Just remember this golden rule: Never, ever, divulge your username and password
just because an email asks you to. Always verify, verify, verify. And if unsure,
forward it on to the institution in question and ask them if it’s real.

Many of you have found yourself hopelessly addicted to this not-so-new hobby called Scrapbooking. In your new-found addiction you find yourself wondering just what you should or should not place inside your scrapbooks. Scrapbooking is more than just a picture album; it’s telling the story of the photograph and the events that led up to that captured moment.

A great rule of thumb to follow is: if it’s important to you, then it’s a must-scrap. Nothing else matters. Anything that happens to you in your life is worth scrapbooking, be it a new job, a new baby, a wedding, even funerals are worth scrapping. (I myself have done ‘in-memoriam’ pages, they are therapeutic). Life and death are a large part to everyone and therefore those stories should be told.

You can place just about anything in your scrapbooks; just take care to use Archival Mist so the item won’t harm your photographs or turn them yellow. Newspaper articles are a wonderful addition to scrapbooks. Anything that comes from the special event you are recording will do nicely, anywhere from an apple seed to a napkin. There are many different ways to add these little mementoes to your treasured page. For example, you have your child’s first lost tooth-you can place the tooth in a sachet or a glassine envelope.

What if my child has the chicken pox-is this cause for a scrapbook page? Yes! Illnesses are usually recorded in the immunization and medical records, so why not complete the history inside your scrapbook? Yes, your child is in misery and doesn’t want his/her picture taken, but it is a great way for your child to remember they did have the ‘itchy spots’, as my children called them. Imagine the fun you could have with this page! Maybe a little chicken die cut with red dots all over it!

A family member was in a horrible car accident, should I take pictures? That’s a tough call and one I know all too well. Honestly, I believe I would, to let the person see what has happened to them. Your family member might want to see what the rest of their family saw, what they had to go through. It’s a wonderful way to record someone’s triumph after tragedy. Again, it’s history in the making.

I have a new job, how could I go about telling this story? Congratulations! You could start by taking photographs of the place where you now work. Maybe some new co-workers would like to be captured in the moment as well. I would start with your job title. Did you need a special degree for this job? If so, show it off! You could scan it, reduce it, and print it out to place it on the page. You could also tell about your job interview, how you felt while answering questions. Explain how you found out about the new job and your feelings at that time.

What about pets? They don’t pose well for the camera, how can I scrap this? Pets are always wonderful to add to a scrapbook. We love them like they’re our babies. Pets are a huge part of our families. True, they don’t like the camera much, but great shots don’t always have to be posed, action shots are just as beautiful and can add fun to the page.

My keyboard and mouse have been acting up and I need them for my work, can I scrap about this, or would it be too silly? Not silly at all! Computers are a large part of our everyday lives and when they decide to stop working, they drive us crazy. I think this would be a cute look at those machines that can cause us havoc. See if you can’t find someone to snap a picture of you in a frenzied state while fixing the problem. You can turn an aggravating day into a great page.

I’m a collector of many different things from baseball cards to marbles, is there a way to scrap this? Sure! A wonderful story is waiting to unfold here. You could get a few of the sports cards scanned and printed out (try not to use originals). You could place them on specialty papers that may pertain to the collection. Then add journaling on how you came to own that first baseball card or marbles. The same goes for any collection – take photographs and tell the tales.

I just got the worst dye job of my life! Would it be too embarrassing to scrap? Oh boy! Having only dyed my hair once in my entire life, I can’t really share your pain, I can only imagine it. On how embarrassing it would be, only you can answer that-but imagine what a fun and interesting page it could make! You could use different color inks on some tags using your embarrassment on the hair color. Make sure you journal how you felt when you first looked into the mirror, what you did to fix it, or if you just had to let it grow out. Have fun with a bad experience!

I just committed to becoming healthier, what is a good way to start this scrapbook? Oh yes, this is a great scrapbook! Start with a list of what you eat right now, the good and bad. Get a photograph of yourself as the before picture. Keep a diary meant just for your eating habits and then later you can transfer the information into the book. Maybe make a list of your five favorite foods and how hard it will be to give them up. Taking photos with every goal you have met to celebrate. Good luck!

After receiving many rejections, I finally have a piece of writing that has been accepted. Would it be gloating to do a page on becoming published? Not at all! Congratulations! Becoming published is hard work and you should be proud of yourself and show it off! There are so many who have the same dream and are still struggling for achievement. I would take a scan of the work published and reduce it, printing it a size comparable to the size page you are working on. Reflect on how long you have been writing, when you became serious about getting published, and your struggles in doing so…you are a writer, show your story.

Remember the part of scrapbooking that makes it more than just a picture book is the journaling. Your feelings and stories about a special day will make the memories much more incredible to share with others.

Cyn Pagliolo spends her days in the northern parts of the country, watching the snow fall, and her nights writing wonderful articles about scrapbooking…and is also an author on a site for
Creative Writers

Your buddy at the barbecue tells you how the new Customer Relationship Management (CRM) software which they recently installed at their company has revolutionized their business.

He waxes lyrical about no more sales leads slipping through the cracks; a much higher close rate on sales inquiries; more precise and cost effective marketing campaigns; improved productivity and customer service levels; vastly improved reporting and so on.

Great! Sounds just like what the doctor ordered for your company. You have been getting by using Microsoft Outlook to manage your database of sales prospects, follow-ups, notes, profiles etc. but it’s starting to prove woefully inadequate.

Only problem is his business is in an entirely different industry sector to yours, with a much bigger IT budget to boot. Their CRM solution seems like an unattainable dream for your small business.

So now what? A quick search for CRM on Google returns 26,600,000 results! Whoa! So you narrow your search query to Small Business CRM only to get 6,260,000 results. You then put “Small Business CRM” in quotation marks which yields 29,300 results. But now the fun really starts..

You realise there are hundreds of CRM, Contact Management, Sales Force Automation and other Sales Tracking software tools to choose from. Each of these tools sports a dizzying array of features, some of which won’t apply to your business.

To confuse matters even further, you see some of these applications are Web Based CRM (sometimes referred to as Hosted CRM), or Open Source CRM. Others are the more traditional CRM software tools you are already familiar with. Yet others are embedded within Microsoft Outlook, but added a CRM component.

Many CRM packages now cater for certain industries. That is, these software solutions may have been customized, or had specific add-on’s developed, for specific industries. One of these tailored solutions might be suitable for your small business.

Which of these CRM apps should you download to evaluate? How should you evaluate them?

Many at this point realize that they need a more thorough evaluation of their requirements to enable them to put together a Request For Information (RFI) or Request For Proposal (RFP). This will be of tremendous benefit if they decide to call on the services of a CRM consultant to fast track the important decision of selecting and implementing a tailored CRM solution suitable for smaller businesses.

This should be your kicking-off point. Sit down with all your staff and co-operatively draw up a list of all your specifications. Keep it broad - you can always narrow down the options later. And be sure to involve your staff - ensure everyone has an opportunity to contribute.

From this informed position you are far more able to choose the correct CRM solution for your small business and will see marked improvements in productivity levels and sales. After all what has not been measured, remains undefined. What is undefined cannot be improved. There are specific criteria that you and your CRM consultant need to fulfil. Build your wish list, meld it with reality and build it into your business.

Perry Norgarb has specialized in CRM solutions for small businesses over the last 15 years.

Contact him or find out more about CRM, Contact Management and other Sales Tracking software tips and solutions for small businesses at: http://www.smallbizcrm.com

You are free to re-publish this article as long as this bio box and copyright remain intact and links live. © 08 September, 2005.

A customer calls for help on her Blackberry Device…
Me: Hit Escape twice
Customer: Do you mean on my computer?
Me: No, I’m sorry, I meant on your Blackberry.

Customer: I do not see the ‘escape key’ on my Blackberry.
Me: It’s the button below the trackwheel.
Customer: You mean the thing I roll?
Me: Precisely!
Customer: (excited) Oh my goodness, I see the number by the envelope getting bigger, it’s going bananas! I see all my messages coming in now. Thank You So Much! You are a patient woman.
Me: You’re most welcome and no worries, it’s my job!

Although I thought the situation was slightly comical at first that my customer would think to hit the escape button on her computer instead of her Blackberry, it dawned on me that her rationalization might not have been very far off. With her Blackberry tethered to her computer via her USB sync cable and no true expertise on the wireless or technology world, those two devices are seemingly more closely related than we think. Both instruments can receive email independent of each other. They both have QWERTY style key boards that function similar ways and the program icons are on the home screen. You can access your Outlook contacts, calendar and tasks from both devices. They are both generally sold by salespersons that aren’t very knowledgeable on product specifics and they sell them like they are selling a piece of furniture. Out of the box it seems that both are as simple to set up as plugging them up and start using them. However, it generally turns out that neither device is very intuitive to set up and most Blackberry’s do not even come packaged with a user manual, so it is not like you can read the instructions even if you wanted to. A call into customer care (dependent on the wireless provider) for assistance with set up and configuration help usually means an hour on the phone walking through a lot of steps that is full of technical jargon and terminology that the layperson often does not understand. While hitting CTRL + ALT + DEL “reboots” a frozen computer, a “hard reset”, removing the battery and hold power button down for 60 seconds does the equivalent on a Blackberry. And who can live without either device?!?!?

The first decade of the personal computer was full of people buying individual machines, while the second decade of the personal computer was devoted to people connecting them. Now you cannot go anywhere and find a computer that is not connected to a network. With the introduction of the digital phone in the U.S. in 1994, the first decade of wireless had been consumers purchasing individual digital phones. The next decade will be people networking digital phones. This is becoming more evident with the introduction and emergence of the Blackberry and other wireless Personal Digital Assistants (PDA’s) along with new technologies like Bluetooth & Wi-Fi enabled in the devices. Although it sometimes seems like ‘everybody has one’, wireless PDA’s current penetration is actually less than 3% of the cellular market share, according to Research Firm Strategis Group. Over the next 3 years the wireless PDA market share will grow to 20% and by 2015, like every computer, every wireless handheld device will be connected to a network other than traditional cellular network somewhere.

As this transition begins to take place, IT helpdesks that are currently managing terrestrial networks within organizations and government agencies are being given the task of managing wireless resources by default. They are coming to the realization that the wireless industry is a much different animal than the IT world they are used to. Wireless IT requires a completely different level of support and has its own set of terminology. The Blackberry or wireless PDA is not like a $600 computer workstation sitting on a desk. It is a device that costs that amount and more over the course of a year. As senior level management reads about the great applications and services that are available on the wireless handheld, not enough of the end users are actually taking advantage of these services and features meaning that their ROI (Return on Investment) is ZERO. Due to lack of or non existent training, often end users have a difficult enough time just understanding how to program phone numbers and check their voice mail, traditional old school cellular tasks. The IT Helpdesk generally cannot help solve problems beyond the basics without a call into customer care themselves. This in part comes from the disconnect that while computers and handheld wireless devices are parallel today in many respects, wireless devices unlike computers are constantly in motion and communicating within multiple networks; the cellular network, the carrier data network, the corporate network and the Internet and therefore requires intense resource and physical management to make it do what you want it to do and take full advantage of what the device has to offer. Support levels need to be provided at the manufacturer and carrier level. At this time of tremendous industry growth, both have a hard time adequately staffing their customer care departments. This is where effective independent sales organizations can pick up the slack. Sales personnel who are properly trained on the capabilities of the devices they are selling can be an invaluable source of support to the customer and IT Departments struggling to adapt to the new challenges of dealing with a new technology. The current disconnect is in the customer’s willingness and to pay for the extra support or paying indirectly by having their $80,000/year IT staff on the phone for three hours with carriers and manufacturers trying to resolve a simple issue with a wireless device. And just how ironic is that? Presumably no different than thinking that a Blackberry and a computer are as vastly the same as they are different. Handheld is powering off, press any key to abort. ….Now shutting down.

Shonika Proctor is the Owner of Group Interactive, Inc, a wireless resource management company. Group Interactive helps companies, prime contractors and government agencies to centralize, better manage and deploy their wireless resources (i.e. Blackberry’s, cell phones and cell phone bills). sproctor@groupinteractive.net

Recent years have shown a trend in corporations being held responsible for information security negligence. In particular, the Federal Trade Commission (FTC) and the Attorney General of New York have been actively pursuing companies that fail to follow effective security practices. Many high-visibility cases illustrate how companies are being required to implement stronger security controls, the Guess case being a good example.

In June 2003, Guess, Incorporated agreed to settle FTC charges that it exposed consumers’ personal information to commonly known attacks by hackers, contrary to the company’s claims. “Consumers have every right to expect that a business that says it’s keeping personal information secure is doing exactly that,” said Howard Beales, Director of the FTC’s Bureau of Consumer Protection. The settlement required that Guess implement a comprehensive information security program that would be certified as meeting or exceeding the standards in the consent order by an independent professional within a year.

The Problem

A key reason why corporations demonstrate poor or inconsistent information security controls is the lack of a widely accepted and comprehensive set of good security practices. Standards bodies such as the U.S. National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO) publish security standards with varying degrees of corporate acceptance and use. The Information Systems Security Association (ISSA) has identified the need for a universally agreed-upon collection of essential security practices and is currently developing the Generally Accepted Information Security Principles (GAISP)–although how well accepted these principles will be upon publication remains to be seen.

The Health Insurance Portability and Accountability Act (HIPAA) Final Security Rule and the Gramm Leach Bliley Act (GLBA) Interagency Guidelines are customer privacy laws specifying the security rules that must be followed by the healthcare and financial services industries respectively. If entities covered by these laws fail to follow the required security practices they may not only be exposing their customers’ private information but may also be subject to regulatory penalties and fines. These laws, in essence, define information security due care standards–the security practices that must be followed to avoid liability–for the healthcare and financial services industries. The entities covered by these laws, however, only represent approximately 25% of the U.S. Gross Domestic Product. Other industries must rely upon their best judgment to protect customer information–clearly not an effective approach as the cases mentioned earlier demonstrate.

Most companies certainly want to do the right thing and protect their customers’ information, but avoiding legal liability and harm to their reputation are also factors that motivate them to implement appropriate information security controls. While most corporate information security professionals probably think they understand how to protect customer information, many wouldn’t be comfortable attesting that their practices would protect their employer from liability. Lacking a commonly accepted set of security practices, many corporate information security professionals are uncertain how to secure customer information in a way that also limits their company’s liability.

Proposed Solution

The best approach for companies that wish to protect their customer’s information and potentially avoid liability is to implement the security practices required by both HIPAA and GLBA. There are 12 security practices in common between these two customer privacy laws. By following these 12 practices, companies will be practicing information security due care and can potentially avoid liability. Indeed, all of the security requirements mandated in the settlement of the cases mentioned earlier are among the 12 practices in common between HIPAA and GLBA.

What is Due Care?

Companies that handle the personal information of their customers may be breaking the law and not know it, as evidenced by the Guess case. This ignorance may partly stem from substantial gaps of prosecutable computer crimes that exist in federal criminal code and individual state criminal statutes. Federal and state criminal statutes are slow to evolve to adequately prosecute crimes based on the fast-changing technology of information systems. Companies and information security professionals may find little direction in criminal codes and statutes to help them avoid inadvertently breaking the law when it comes to protecting their customers’ personal information.

Since there is little guidance for companies to follow when it comes to avoiding criminal or civil liability or harsh settlements from the FTC, they need to consider how legal standards are created in the first place. Legal standards are developed based on the concept of due care, which is the care that an ordinarily prudent person would have exercised under the same or similar circumstances. Failure to practice due care is equivalent to demonstrating negligence. Companies that demonstrate negligence relative to their information security practices are susceptible to lawsuits, fines, and other sanctions, whereas companies that practice due care should be largely protected from such punishments.

Where to Find Due Care Information Security Practices

Companies that wish to find due care information security practices need look no further than to two major federal laws that regulate the protection of customer information: HIPAA and GLBA. While both HIPAA and GLBA enacted a lot more than just customer privacy requirements, they both have spawned substantial regulatory guidance on security controls for protecting customer information. The regulations for HIPAA are called the Final Security Rule and those for GLBA are referred to as the Interagency Guidelines.

While some of the requirements in these regulations are industry-specific, there is a lot of commonality between the two. In particular, 12 security practices were found in both the HIPAA Final Security Rule and the GLBA Interagency Guidelines. The fact that these two sets of regulations intersect in 12 places is no coincidence. This is a clear signal from the federal government of the level of due care it expects the country’s health care providers and financial institutions to practice. If these are the standards of due care that must be practiced by industries that represent about a quarter of the country’s GDP, it stands to reason that other industries will be expected to follow these same practices.

HIPAA & GLBA Security Due Care Practices in Common