Apply by emailing resumes to jobapps at paradigm CC dot com.

Duties include full charge bookkeeping (AR, AP, payroll), purchasing, collections, customer service, and office administration. Strong customer service skills, a solid grasp of Windows-based office and accounting packages, and outstanding written and verbal communications skills are a must. Apply by email to jobapps@paradigmcc.com.

As reported on the Cyberjungle Podcast and Webroot’s Blog, these fake shipping confirmation documents are nothing more than malware designed to hijack your computer. A few years ago, these emails were very easy to spot because of their typos and obvious content problems. Have you ever heard of the “United Postal Service?” Neither have I. However, they seem to be refining the content using real company names now, e.g., FedEx, DHL, and the United Parcel (as opposed to Postal) Service.

Bear in mind the following:

• Do not open attachments in email unless you are explicitly expecting them. This does not mean “sometimes they send me something so I open it.” It means “John P. is sending me the spreadsheet right now, so I will open it.”
• Do not click links in emails. Links in emails are trivial to forge. See one of our first posts on the subject for an explanation.
• These companies do not email attachments with your shipping confirmations. They may send you a tracking number. If this is the case, and you receive a tracking number, do the following:

1. Copy the tracking number out of the email
2. Open a web browser and manually type in the website address of the shipping company, e.g., www.UPS.com, www.DHL.com, www.FedEx.com.
3. Find the box to track your shipment and paste the tracking number into the box.

The site, available at http://databreachcalculator.com, asks you a very simple set of questions to estimate the cost of a breach for your business.

Incidentally, if you are wondering exactly what a breach is, or why you should be concerned about it, I highly recommend Michael Santarcangelo’s book, “Into the Breach,” which takes a very non-technical approach at explaining it in terms anyone can understand.

The Data Breach Calculator starts with the following:

Since 2005, The Ponemon Institute has examined the cost incurred by organizations, across industry sectors, after experiencing a data breach. The results were not hypothetical responses. They represent cost estimates for activities resulting from actual data loss incidents.

Based on five years of trend data, we have created a calculator that will estimate how much a data breach could cost your organization. We can calculate:

• The likelihood that your company will experience a data breach in the next 12 months.
• The cost per record in the event of a data breach at your Company.
• The cost of a data breach at your company.

The site asks you ten simple questions which any business owner should be able to answer within one or two minutes. While it is geared toward larger enterprises, evidenced by the fact that the smallest company size you can specify is “fewer than 500,” this is still a valuable tool to get an idea of just what sort of risk your organization may be facing in the event of a breach.

If you are still running these at your business or at home, an upgrade is called for as soon as possible.

I applaud this move toward security and productivity. I don’t think it will be a easy task for Google, but I believe it will be worth the effort in the long run.

Does your company need to consider switching away from Windows?

First off, what if I had a very simple security fix, requiring no new software to be purchased or installed, and with minimal configuration changes, that could block 64% of all Microsoft vulnerabilities reported in 2009? Would you be interested? What if I told you we had a fix that could also prevent 94% of Internet Explorer and 100% of Internet Explorer 8 vulnerabilities reported in 2009? How about blocking 100% of Microsoft Office vulnerabilities reported in 2009? Still not enough? How about blocking 90% of critical Windows 7 vulnerabilities reported to date?

As you should have guessed by now, the fix for all of these is the same: removing administrative rights from end users over their PCs.

While there are still some (poorly written) desktop applications which require administrative rights to run, I have found these to be relatively few in number these days, and once the initial configuration has been done, most programs run just fine as an ordinary user. Despite the additional configuration required by some programs, including hardware drivers, that needs to be done by an admin, the cost of setting these up the right way is generally far less than recovering from the damage caused by a serious malware outbreak.

The press release and the complete report are available from BeyondTrust’s website.

1. Warranty.  These computers generally come with a 1 year, limited manufacturer Warranty.  This means that if any part of the computer breaks after that, you can either “fix it yourself” (time and money) or replace the computer.  Unfortunately, the argument that “you can just go down and buy another computer” (money) is not really a good one, since you likely won’t be able to find an exact replacement, and will therefore have to set up the computer again from scratch (time).  When you spend a little money up front to purchase a computer we recommend, we make sure you get a 3 year business-class warranty, which includes free, on-site repair provided by the manufacturer (not Paradigm).
2. Compatibility.  These systems generally come with Windows XP Home, Vista Home Premium, or Windows 7 Home Ultimate.  These operating systems are not compatible with a Windows business network, not to mention other limitations that don’t belong in a business environment. An upgrade to XP Professional or Windows 7 Professional is an unaccounted for cost when you purchase one of these computers.
3. Standardization.  By purchasing a computer that we recommend, you will likely be able to take advantage of our familiarity with that particular product.  Often we will recommend a single line of computers to multiple customers, and in some cases it may even be one that we have deployed and tested in-house.  All computer models have “quirks” associated with them that make them unique, and knowing our way around them means more efficient deployment, maintenance, and troubleshooting- saving you money.
4. No Upsell. Most bog box store sales clerks are paid on commission. We’re not, and our margins are small. Paradigm has always been primarily a service entity, and the only things we sell to our clients are what they need.

”Do not leave a voicemail if you do not reach your sales target. Connections are only made with real people. Your message will be deleted anyway.”

I don’t follow. I leave voicemails. I don’t expect that my voicemail will close the sale, but to not leave a message when someone has put up a facility just for that seems silly to me. I’d also supplement a call with an email, or vice versa, because some people are more responsive to some media than they are to others.

So, I agree on 9 out of 10 points. Keep up the good work, @smallbizlady.