Google just demoed it’s new Wave product and object platform. The service is in development now, but the API is open to developers. Plus, there is an open source community for developing the wave platform. Watch the complete demo (embedded below), especially the multi-person simultaneous editing, advanced spell-checker, screen sharing like features and other gadgets. BTW, don’t miss Rosy the language translation extension.

This post is not directed at the many high-quality web developers that practice “safe dev”. This is directed at the countless website owners and managers that are NOT technically proficient and have no idea how to approach web security.

Web security risks come in many forms, including code injection, Cross-site scripting, etc.  Although it doesn’t hurt to educate oneself, site owners and managers need not understand web security at a technical level. Leave that to your developer, who you have pre-qualified (hopefully). But it is important to understand the risks related to poor web security. And it is a good idea to understand what you as a layperson can do to monitor and protect one of your most important long-term marketing assets: your website. Think of it as a check and balance againast any oversights or errors that your developer may have made.

So, what are the real business risks that should be considered. Of course this will depend on the type of site you have and how it is used. Today it is not uncommon for small and medium-sized businesses to use the web for both marketing and operations. This may include a selling product, generating leads, capturing client information, hosting a companywide CRM application, storing and sharing company documents, etc. The risks associated can be significant, including:

• Risk of losing confidential information such as personal and financial customer information;
• Risk of downtime within your organization if lead flow or operations flow are interrupted;
• Risk of lost goodwill, if your clients or prospects learn that your website has been hacked (which is easier to do than you might think — see below) or confidential data has been leaked;
• Risk of long-term revenue losses. How? Well, if you rely on your site to generate leads and sales, then you can expect your hacked site to quickly lose search engine rankings once the vulnerability is discovered by Google, et al.

So now that you are scared – and hopefully you are just a bit scared – let’s look at a few things that you can do to monitor your site’s security to avoid these risks. Some very basic security protocols and a few neat tools can go along way:

• Know your users. Start by getting a list of ALL user accounts for your hosting/ftp account, database users and any applications that are hosted on your site. This includes any employees, clients or 3rd parties that may have needed access to your server. You can get this list from your developer/administrator and its a good idea to request it on a monthly basis. After all, your employees and customers that may have needed access last month – let’s say to share certain files – may not need access this month. Limiting the total number of users helps to limit the points of risk
• Require strong passwords. Most users rely on 1 or 2 relatively simple passwords, which they use across almost every website they visit. Often these passwords are a name, object or some other word that can be found in a dictionary making it easy to crack. This is fine for Facebook, but not good if you are sharing sensitive data. Require strong passwords that are at least 8 characters and include at least 1 uppercase letter, 1 lowercase letter, 1 number and 1 special character (e.g., !@#$%^&*). A strong password might look like this:  ocqJn^bJ37. Finally, don’t forget to have users change their password regularly.
• Use SSL. Secure Socket Layers are like magical, encrypted tunnels that enable you to send sensitive data securely from your computer to your web server. If you are using a web-based application that contains your sensitive data, such as a CRM, then be sure that your developer has installed an SSL certificate. You will know that your data is secure, if your login page and every other page that contains sensitive data begins with https (’s’ for secure). For example, https://www.amazon.com/.
• Visit your site. That’s right, it’s that simple. Visit your site every day, if possible. A good browser, such as Google’s Chrome, will notify you immediately if a page you visit has been compromised.
• See what Google sees. Google, as much as any other entity, regularly “sees” almost every page on the web. Whether their systems are indexing pages, pulling data from users’ toolbar or gathering information anonymously from their browser, Google knows. And the good news, is Google gives back to the community. You can get a safe browsing diagnostic for your site to learn more about any risks that your site might pose.

These are just a few simple things that you can do to monitor your site. Of course, your business risks might be large enough that 3rd monitoring services are warranted. Either way, when it comes to web security it’s a good idea to not to rely entirely on any one else. So make it a habit to keep an eye on your site.

This is a tale of two cities — no make that universes. In one universe, you have traditional marketers, whose purpose in life it is to create content shaped to a customer’s needs and behaviors. In the other universe, you have programmers, whose existence is dedicated to building efficient, flexible and reliable platforms for delivering that very content.

This is not a new tale. Anyone who has worked in a technology environment has probably observed the clash of marketing and product development. But today, the setting has changed. Today, the “rise of search” has compelled these two groups to cooperate at an ever-increasing depth and frequency. Search engine optimization or search marketing has become central to the success of both groups and, therefore, has become the a new fertile ground for breeding success (and waging war).

The world of Search Engine Optimization (SEO) can be quite a mystery to your average marketer. More often than not, search marketing consultants are vague about the techniques they employ. Often, this is for a good reason. After all, how many traditional marketers are equipped to understand the SEO implications of a simple website decision like using Flash or graphics.

And, while programmers have a deep understanding of the technology distinctions — say, client-side versus server side scripting — they are rarely concerned with the nature and quality of the content displayed.

Fortunately for both groups, the SEM community has a new bible of sorts at its disposal. Search Engine Optimization with PHP (and the soon to be released ASP version) is designed to be a bridge between these two communities. The book is a collaboration between Jaimie Sirovich, a search marketing consultant, and Christian Darie, a software engineer.

It seems unlikely that an experienced marketer will learn much about marketing. Nor will a good programmer learn much about programming. But with this book, each group has the opportunity to learn about the other’s area of expertise.

So, who should read this book? Well, if you are a search marketing consultant, you probably (hopefully) are quite familiar with the concepts covered. You may benefit from the fairly comprehensive coverage of systems or foreign language SEO. But in general, if you’ve been at this for a while, you will most of this book to be light reading.

Overachieving programmers, will certainly have more to benefit here. This is especially true in areas such as site planning, content relocation and inadvertent black hat mishaps.

Marketers will benefit the most from this reading. This is true even if they avoid all the sample code and acronyms. Ultimately, marketers are responsible for the search-engine rankings of their sites. And therefore, having a solid, yet high-level, understanding of SEO is critical to their success. It also helps to ensure that there is less feuding and more collaboration.