The Show Notes

If you’re enjoying the show would love for you to leave us a rating and review on iTunes. If you have a question you want answered on the show, give me a shoutout on Twitter @vsellis and use the hashtag #asktechtrans.

The Transcript

How to Protect Your Customers by Understanding PCI Compliance for Credit Card Security

Voiceover: This is Rainmaker.FM, the digital marketing podcast network. It’s built on the Rainmaker Platform, which empowers you to build your own digital marketing and sales platform. Start your free 14-day trial at RainmakerPlatform.com.

Scott Ellis: Welcome to Technology Translated. I’m your host, Scott Ellis. Today, we’re going to be talking with PCI expert Sean Mathena.

PCI is the payment card industry’s set of rules and regulations governing how e-commerce websites, anyone really that’s transacting online, handles credit card transactions. If you have e-commerce and you are taking credit cards, listen up because this will directly affect you.

Sean Mathena, thank you for joining us today.

Sean Mathena: Sure.

Scott Ellis: Good to have you here. You are a, as I introduced you, as a Qualified Security Assessor. You’ve been doing that since 2005, correct?

Sean Mathena: Correct.

Scott Ellis: What exactly is that?

What Is PCI

Sean Mathena: Prior to the institution of PCI, all of the card brands had their own enforcement program. Then they decided they needed to bring it all together, so the PCI SSC, the Payment Card Industry Security Standards Council, was created. They created the certification of QSA, Qualified Security Assessor. Anyone that is going to perform a PCI assessment, a Level 1 PCI assessment, has to be a Qualified Security Assessor.

Scott Ellis: Okay. First of all, since we are here to translate for non-techies, tell us a little bit more about what PCI — we know what it stands for now, payment card industries — but what does that really mean? What does it mean to SMBs?

Sean Mathena: The PCI Data Security Standard, or PCI DSS, is a set of security requirements that the card brands have mandated that people have to comply with in order to accept credit card data. When you’re talking about a SMB, there are several reporting levels for PCI.

There’s Levels 1 through 4. Level 1s are mainly really large merchants, large service providers. Think maybe Exxon, Walmart. Then it goes down depending on your volume of credit card transactions. In order to be a Level 1, you have to take 6 million or more credit card transactions annually. SMBs usually fall somewhere between the 2 to 4, and those are reporting standards. It tells you the level at which you have to report. It doesn’t absolve you from complying with any of the requirements.

Scott Ellis: Okay, so the same requirements apply no matter what level you’re at.

Sean Mathena: Correct.

Scott Ellis: The level is just about reporting.

Sean Mathena: Correct.

Scott Ellis: Let’s talk a little bit about what those requirements are for PCI compliance. It sounds like it’s something that all of us that take credit cards need to be aware of and to comply with.

Who Is Responsible for Being Compliant

Sean Mathena: Correct. There are 12 major requirements that the PCI DSS is broken down into. Then those 12 requirements are broken down further into sub-requirements — ends up being somewhere around 250 individual requirements. When you’re talking about SMBs, though, going back to the reporting requirements, there’s several different self-assessment questionnaires, or SAQs, that an SMB would fill out depending on how they take credit cards.

For example, if they only take credit cards through a swipe device and nothing else, then they have less questions to answer about their environment. There are not as many things that could be compromised as if you were taking credit cards a number of different ways and it’s passing through a bunch of systems. While in theory, you are required to meet all of the requirements, there may only be a subset of requirements that really apply to you or apply to your environment.

Scott Ellis: Got it.

Sean Mathena: Those requirements extend everywhere from the network devices, to the applications, to policies and procedures, to incident handling, to security testing that has to be done on your environment. To be compliant at the Level 1, it’s quite an ordeal.

Scott Ellis: What does it look like a little further down the chain if I’m a 3 or a 4? I’m doing credit card transactions. I’d love to be doing 6 million a year. Was it a year or a month?

Sean Mathena: A year.

PCI Reporting Levels

Scott Ellis: I’m not there yet, so how onerous is it at that level?

Sean Mathena: At a Level 4, there’s two parts to it. There’s the scanning portion, which is scanning your external environment. That has to be done by an approved scanning vendor. Then there’s the actual attestation to all of the requirements. For a Level 2 through 4, they fill out a self-assessment questionnaire. They don’t have to have a QSA come out on site to do the assessment. They go through and they check it off themselves.

Like I said, depending on how they capture the credit card data depends on how large of an SAQ they have to fill out. It used to be there was one SAQ for everyone. A few years ago, they had broken it down. I think there’s maybe 6 now, 6 or 7, depending on how you accept credit card data. It goes everything from an SAQ D, which pretty much mirrors the PCI DSS, all the way down to an SAQ, I think it’s C-VT, where they’re using a virtual terminal, and there are maybe 20 questions they have to answer.

Scott Ellis: Okay. It doesn’t sound like it’s too bad.

Sean Mathena: No.

Scott Ellis: There’s probably SMBs out there listening to this right now thinking, “Oh man, I’ve never even done this. I don’t know. This sounds awful, but I have to do it.” It’s really not going to be too bad for most smaller businesses. What are the reporting levels? Do you know the numbers for moving down from a 1 to a 2, 2 to 3, 3 to 4?

Sean Mathena: I don’t know those offhand, but I can say, when you get down into the Level 3s and Level 4s, the banks who actually enforce this on their merchants, for lack of a better word there, they don’t have time to deal with all of their Level 3s and Level 4s. If you’re out there and you’re Level 4, which probably most of the SMBs would be a Level 4, and you’re doing something and you’re turning your SAQ in, they’re going to love you for it.

The whole goal is to make sure the credit card data is secure. It’s nice to be compliant, but it’s much more important to be secure. If you’re doing the right things security-wise, you should be good to go.

Scott Ellis: Okay. That begs the next question. If I take credit cards online — that’s all I do, let’s just start there to make it easy — and I want to make sure that I am compliant, where do I go to find out, just to get started to make sure that I am covering my bases?

How to Make Sure You’re Compliant

Sean Mathena: You can go to the Payment Card Industry Security Standards Council. You can Google it. It’s PCI SSC. I think it’s PCISecurityStandards.org.

Scott Ellis: Okay. We’ll find it and link it up in the show notes.

Sean Mathena: They have all of the self-assessment questionnaires out there. They have awesome directions and FAQs that can help you determine exactly where you fit in their compliance regime. You can get started there. Another good location is talking to your merchant bank representative. All of the merchant banks have a PCI representative that is there to help merchants comply with PCI.

Scott Ellis: What if I use a credit card processor for online transactions, like an Authorize.Net or Stripe? Do they help us meet those requirements? Do I have to work with them in some way outside of my bank? How do the gateways fit into all of this?

Sean Mathena: They will normally have someone that can help you with PCI compliance. The big push in the industry right now is just to get credit card data out of the merchant’s hands. A lot of the payment gateways, or even the acquiring banks, for e-commerce are doing some type of client-side redirect or iFrame presentation of where it’s capturing the credit card data, which takes it outside of the actual merchant’s environment. Depending on how it’s set up technically, it could take PCI out of scope for the merchant.

Scott Ellis: Okay, so it’s quite possible that, as a merchant, if I have one of those vendors — and nobody should take this as a blanket statement — but it is possible that, as a merchant, I may not need to worry about the PCI compliance issue if I’m not personally on my site capturing and processing those cards. Did I summarize that right?

What Happens If You’re Not Compliant or Security Gets Compromised

Sean Mathena: Somewhat, yeah. It doesn’t absolve you completely from PCI, but it would severely lessen what you have to do.

Scott Ellis: Okay.

Sean Mathena: If you’re accepting credit card transactions under your merchant ID, then you are responsible to meet PCI requirements. By having a client-side redirect, if you’re taking it over e-commerce, that takes a lot of your environment out of scope.

Another thing that we’re seeing a lot of really small businesses do is using something like PayPal or Squarebecause they process the transaction under their merchant ID. Then the merchant ends up getting a check. It’s all about what happens if you’re compromised.

If you’re identified as what they call a common point of purchase for fraud where a number of people have made a purchase at your establishment and they’ve determined that fraud has been taking place, then you’re going to get contacted. They’re going to say, “Hey, we’ve identified you as a common point of purchase, and you need to have a forensics investigation done.” They’ll have a certified forensics company come out, do a forensics investigation to find out if you are actually compromised, and if that data was compromised at your location.

If you’re using a vendor such as PayPal or Square, then that would never get to you. They’re going to look at the merchant ID that it’s processed under. By doing that, you’re pushing that risk off to that vendor rather than holding on to that risk yourself.

Scott Ellis: Got it. Again, it’s important for everybody listening to keep in mind that this is really about protecting our customers and their information, their data, and their credit card numbers, and trying to prevent that fraud from happening. If I am a merchant, let me ask, is there a validation of some kind that I can show to people, on my website, for example, that lets them know that I am compliant?

How to Show Proof of Compliance on Your Site

Sean Mathena: There is. A lot of the QSA companies will provide a badge on your website that says that you’ve been validated. In order to get that, obviously, you have to hire the QSA company. They’ll either, if you’re a larger merchant, come out and do that assessment, or they’ll do the scanning, or they’ll accept your SAQ, review it, and get that badge on your website.

Scott Ellis: Got it. Again, the SAQ is the self-assessment questionnaire?

Sean Mathena: Self-assessment questionnaire, yeah.

Scott Ellis: Okay. Anything else in particular if I’m a merchant and maybe I’m just getting started or I’ve been taking PayPal, I want to start taking credit cards, that I should be aware of, that I should be thinking about as I’m going down that path?

How to Further Reduce Risk

Sean Mathena: I always tell, especially, my larger clients, there’s a few things that you need to do to really be successful. You need to identify where all your credit card data is — where it’s coming in, where it’s going out, what happens to it when it’s in your environment. Once you identify that, you need to take and get that credit card data to as few locations as possible.

If you have a flat network, which means that you don’t have any segmentation in place, you need to segment that credit card data off into its own little island of goodness, so it doesn’t infect the rest of your environment. Then, once you’ve got it all contained, then you need to try to get rid of as much of the credit card data as you can.

Just like I mentioned with the e-commerce merchants where you could do a client-side redirect where you never actually receive the credit card data, for brick-and-mortar merchants, you can use an end-to-end encrypting solution where, as soon as you swipe that credit card, it’s encrypted. It gets sent off to your bank or processor, and you never see that credit card data there.

There are a number of things that are out there in the marketplace that allow you to essentially get rid of that credit card data, thereby reducing the risk.

Scott Ellis: Okay. What about selecting my gateway or my processor? I’m looking for somebody that’s going to handle my credit card transactions. What are the things that I need to be looking for when I go out and I’m considering who I’m going to use to process those things so that I know I’m compliant in that respect?

What to Ask When Selecting a Payment Processor

Sean Mathena: Right. The first thing is money. How much are they charging you? After that, you want to talk to them about how much support they give for PCI compliance. Do they have someone that you can call with questions? Do they offer any of the solutions that I mentioned? Do they have a model that can take the credit card data out of your environment?

A little bit more background on PCI, the merchant can’t ever have anything done to them. Any of the fines are sent to the acquiring bank. Then the acquiring bank has to pass that on to the merchant. If the acquiring bank is providing a solution that is saying, “Hey, we’re taking this credit card data out of your hands,” then, obviously, they’re not going to pass fines down.

Scott Ellis: Right. Who levies those fines from the top?

Sean Mathena: The card brands.

Scott Ellis: The card brands do?

Sean Mathena: Yeah, and the processors or the acquiring banks are member banks, and they have the agreement with the card brands.

Scott Ellis: Got it. Okay. Again, anything else in particular I should look for with the vendor as I’m choosing somebody? Key words, red flags, or anything like that?

Sean Mathena: Obviously, you’d want to make sure, especially if you’re not going directly to acquiring bank, you would want to make sure that that vendor is PCI compliant. All of the gateways, they’re required to be PCI compliant as a service provider. You can find out if they’re PCI compliant online on the service provider list that Visa maintains. I’m sure we can get the link for that as well.

Scott Ellis: Yeah, we’ll definitely link out to that.

Sean Mathena: Then, like I said, just ask about the support, PCI compliance, from their end.

Scott Ellis: Okay. Yeah, I would think it would be clearly in the best interest of all of those providers to be PCI compliant.

Sean Mathena: Absolutely.

Scott Ellis: For anybody listening, it’s probably a pretty safe bet if you’re using somebody reputable like an Authorize.Net, a Stripe, or somebody that they’re going to be PCI compliant, but it’s a trust but verify type situation as well. Okay, Sean, that was very insightful. Thank you very much.

Sean Mathena: Sure.

Scott Ellis: Anything else you want to leave us with before we move on to any questions that people have? Any last thoughts on PCI compliance? If you could give people one or two bits of advice, what would it be?

Sean Mathena: I think I mentioned it earlier. PCI compliance is nice, but PCI does not equal secure. It’s good to be PCI compliant, but it’s much more important to keep the data secure. You don’t want to end up on CNN with your brand up there saying that you’ve lost a lot of credit cards.

Scott Ellis: Contrary to popular belief, not all press is really good press. That would definitely be one of those.

Sean Mathena: Exactly.

Scott Ellis: Okay. Sean, thank you very much. I appreciate your time today.

For anybody that wants to learn a little bit more, definitely just jump out to TechnologyTranslated.FM. On this episode, we will have show notes and links to all the things that we’ve mentioned today.

If you’ve got any follow-up questions after you hear this episode, as always, you can just Tweet, Facebook, Google+, LinkedIn, whatever you’d like. Just make sure you use the hashtag #asktechtrans. We will find your questions and answer them.

Thanks again, Sean.

Sean Mathena: Great. Thanks.

Scott Ellis: Technology Translated is brought to you by the Rainmaker Platform, the complete website solution for content marketers and online entrepreneurs. Find out more and take a free 14-day test drive at Rainmaker.FM/Platform.

 

Protecting Your Digital Business: A Primer on Small Business and The Law

Litigation isn’t something any of us want to think about, but having to put a plan together when the time comes isn’t an option. Here’s a short primer on handling electronic records, like email, so we can be prepared …

Johnny Lee is a Managing Director at Grant Thornton, forensic investigator, and licensed attorney. He shares his expertise with us to help small businesses gain a better understanding of what eDiscovery and records retention is, and why — from a legal perspective — it’s important for us to have a basic plan in place to protect our businesses.

In this 20-minute episode Johnny Lee and I discuss:

  • What is eDiscovery
  • If I’m an SMB, why should I care
  • Understanding your risk profile
  • How does email put my business at risk in litigation
  • How does eDiscovery impact a company who is vendor to a company being sued
  • What happens if I find out I’m being sued and start deleting email I don’t want discovered
  • How do I put some protection in place
  • How can I use automation to make managing my records easier
  • Johnny’s two pieces of advice for any SMB

Listen to Technology Translated below …

The Show Notes

If you’re enjoying the show would love for you to leave us a rating and review on iTunes. If you have a question you want answered on the show, give me a shoutout on Twitter @vsellis and use the hashtag #asktechtrans.

The Transcript

Protecting Your Digital Business: A Primer on Small Business and The Law

Voiceover: This is Rainmaker.FM, the digital marketing podcast network. It’s built on the Rainmaker Platform, which empowers you to build your own digital marketing and sales platform. Start your free 14-day trial at RainmakerPlatform.com.

Scott Ellis: Welcome to Technology Translated, episode two. I’m your host, Scott Ellis.

Today’s guest is Johnny Lee. Johnny is a managing director for Grant Thornton, forensic investigator, and licensed attorney. Johnny and I used to work together once upon a time, and he has agreed to join us today to teach us a thing or two about eDiscovery and records retention.

What should we do in the event we get sued with our electronic records and documents which may be relevant to that lawsuit?

How do we protect ourselves?

What are the things we need to think about?

This isn’t a topic that a lot of SMBs have probably spent a lot of time thinking through or planning for, but it is definitely one with big implications for business. Let’s go ahead and get into it and hear what Johnny has to say.

Johnny, welcome to Technology Translated, and thank you for carving out a little time to chat with us today.

Johnny Lee: Thanks for having me.

Scott Ellis: Today, we’re going to talk about eDiscovery and records retention, which is a topic that a lot of SMBs don’t know much, if anything, about and probably don’t know why they should even care. Why don’t you dig in and give us a little bit of a background on what eDiscovery is and why this is, or is not, relevant to SMBs.

What Is eDiscovery?

Johnny Lee: Sure. eDiscovery is really just an elaboration on an older established thing, the discovery process in litigation, the mechanism by which parties exchange information of a trial. The eDiscovery component is really just a modern aspect of that, where electronic information, or electronically stored information, which is the terms that are bandied about quite a lot in the literature, brings with it a host of attendant concerns and nuances and complexities and is, of logical necessity, deserving of a little bit more explanation, case law, and clarification.

eDiscovery, technically speaking, is not new. It’s been codified Federal Rule of Civil Procedure for almost 40 years now, actually, over 40 years. What’s really changed in the last 10 years in particular is the courts struggling to keep up with all of those nuances around the day-to-day handling of data and how those things need to be preserved, culled, and produced when there is a litigation event.

Scott Ellis: This sounds like something that, on a day-to-day basis, most SMBs aren’t going to need to be overly concerned with. However, litigation is an unfortunate reality of business. It’s all too common. There are things that SMBs can, and probably should, be doing to at least protect and prepare themselves moving forward. Is that fair?

Why You Should Care, If You Are an SMB

Johnny Lee: Yeah, I think that’s well said. What I would tell you is that I’ve given talks all over the country on the notion that records retention and eDiscovery are flip sides of the same coin. Your record retention practices are driven on business necessities, on the practicalities of keeping your doors open, keeping your customers happy, and selling a product or delivering a service — or both.

Nobody goes into business thinking about how they’re going to keep regulators happy or compliance obligations met. Those things are usually secondary to the operation of a business. Records management is certainly in that camp. No one’s suggesting that you should invert that business model and focus on eDiscovery, especially if your risk profile doesn’t necessarily warrant that kind of shift in focus.

Understanding Your Risk Profile

Johnny Lee: To your point, if you’re a small or medium business and you’re not a serial litigant, your eDiscovery readiness can and, of logical necessity, will be quite different than if you were a heavily regulated entity with a lot of statutory compulsions around the way you keep data and you’re frequently dragged into court. That’s going to be a very different profile.

Those practices are going to vary quite a bit based on your industry, your size, and your frequency of appearance in front of a judge.

Scott Ellis: If I am an SMB with a low-risk profile, is this even something that I need to be concerned about, or is it something that I just deal with when it comes up?

Johnny Lee: I think it’s dangerous to just be strictly reactive. I’ll say it this way. There needs to be enough awareness of what the demands would be if you were subject to an eDiscovery request, but those, in many ways, are not different than if you were subject to any other discovery request or regulatory inquiry. That is, things that are kept in the regular course of business that are, in fact, business records need to be maintained in a way that allow you to meet your statutory requirements and to meet your business needs.

There’s nothing revolutionary in that sentiment. It’s very often a distant afterthought for companies who think all of their key records are in email and email alone, so they don’t really take as much attention as they might in their shared folders, or their archives, or their off-site physical storage –because all of those things may be implicated in an eDiscovery exercise.

Scott Ellis: Okay, so you touched on email. I’m glad you went there because that’s a particularly interesting and, in some cases, sensitive topic. Email is pervasive in business use, but it also can lead to people getting themselves in a fair amount of trouble because so much stuff is kept in email. As a business, what are the things I should be thinking about with respect to email to protecting myself, retaining the records I need, getting rid of the things that I don’t? If I am getting rid of things, is there an additional risk associated with that from a legal standpoint?

How Email Puts Your Business at Risk in Litigation

Johnny Lee: It’s a good question, and I’ll go back to part of the answer that I gave earlier. I would tell you if you were a broker dealer in a financial company you would have a very different way you would have to answer that than if you were the franchise owner of six stores in the state of Texas alone in a non-heavily regulated industry. Studies indicate that as much of 75% of an organization’s intellectual property is resident email and email alone.

It is different in many regards than most records, in that email is a mechanism for exchanging content. It is not in and of itself a record. What’s important is for you to have some measure of attention. Again, if you’re heavily regulated and a serial litigant, this attention needs to be in the form of memorialized policies and procedures that are tested with some frequency and audited on occasion. If you’re on the other end of that bookshelf and you’re a small or medium business, and not dragged into court, and not subject to a lot of regulation, that’s something that maybe you’ve thought through from a design perspective, and you archive your email in a regular way.

It really will vary. Just to go back to the bookshelf metaphor, the SEC regulates broker dealers in a very prescriptive way relative to email. It not only explains and enumerates the kinds of things that you must keep, it actually goes so far as design and define the specific technology you must use to keep it in a ‘write once, ready many’ format.

Nobody’s suggesting that your normal mom and pop shop has the same standard of diligence because they’d be out of business trying to comply with that. At the same time, you don’t want to be in a strictly reactive footing if you do get a discovery request.

How eDiscovery Impacts a Company Who Is a Vendor to a Company Being Sued

Johnny Lee: Very often, the small and medium businesses are brought in under Rule 45 Discovery, which is, basically, they’re not even a core party to the lawsuit, but they may have documents responsive to the underlying matter. So they have a discovery obligation. If they can’t produce records, that may or may not put one of their trusted suppliers or good vendors in a bad way.

Scott Ellis: Okay, so if I understood that correctly, it sounds like even if my company has a low-risk profile and I am doing work with another company which is being sued, or is in litigation, my communications with them are potentially a part of that discovery process. Is that correct?

Johnny Lee: Yeah, broadly stated, that’s fair. There are a number of exceptions there. One of the things that’s important is that email in particular, once written, is imminently discoverable. Not only do you want to be professional and diligent about what you commit to paper, but you may be creating an obligation to preserve those things if, in fact, that’s the only memorialization of, say, an approval that is required under the contract — a written approval for change orders, or changes in scopes, or changes in delivery states or contract prices, or what have you.

You may have such a relationship with your vendor or you may be such a vendor where email is acceptable in that medium, but in that place, that becomes a pretty crucial record for disputes that may arise from that kind of discussion later on.

Scott Ellis: I know one of the questions that people are going to have going through their minds right now is, “If I find myself in a position where I think I’m going to be sued, or involved in litigation, or I am given notice that I’m going to be sued, can’t I just go into my email and delete any emails that I don’t want to be discovered that might implicate me in some way, that I don’t want to have out there?”

What Happens If You Find Out You’re Being Sued and Start Deleting Email You Don’t Want Discovered

Johnny Lee: There’s two principle dangers in that. One is assuming that whatever you delete is truly gone. Remember, there are the recipients and the senders, so you’d have to literally obliterate every touchpoint it had along its path. That assumes that it’s not resident in any backup or recovery regimen as well. That’s a very dangerous assumption just as a matter of logical reality.

Even more so, there is a notion in the law called ‘spoliation,’ the spoiling of evidence. Here’s where the important part of records management comes in. There is a regular and routine practice of records destruction that is not only conducive to good business, it’s necessary. Otherwise, we’d be swimming in even more data than we’re swimming in now. The point of a record retention policy isn’t that it helps you keep stuff. Most companies don’t struggle at all with retention. What they struggle with is destruction.

To your point, if you have a communication, a contract, a writing, even a somewhat sarcastic instant message record, and you have been served with papers or there is some trigger that requires you to now preserve data related to an underlying matter, to delete it is to run afoul of that spoliation concept and to risk sanctions in the court proceeding. There is a real and material danger to trying to cure the record, especially if there’s already a triggering event that causes you to preserve those data.

Scott Ellis: The lesson is, if you do get served, don’t go into your email and just start deleting things at will because you could probably get yourself into some serious trouble.

How to Put Some Protection in Place

Johnny Lee: Consider the source. You’re talking to someone who does forensic technology for a living, but the best advice is to be careful what you commit to writing. The next best advice is to have a policy. It doesn’t take that long to establish a good practice here. A policy need not be 40 pages, but have some policy for your executives and your employees that talk about the fact that email is a professional communication mechanism and try not to be committing things to writing that could be misinterpreted down the road, however innocent they may be at the time. If you’re going to rely on email as a key business repository of records, those policy stances, and the enforcement of them, become that much more important — for all the reasons we’ve talked about to date.

Scott Ellis: I was hoping we would get to the policy question because, as a matter of business process, in particular, as an example, we use Google Apps for business, and as a business customer, we have the ability to set policies in place — so they are documented — which are automated. We’ll go through and delete email after a certain period of time or based on some other criteria.

Does a situation like that — where I have a policy, and I follow it — help me out or put me in a better position in the event that I am sued and have to produce records?

How to Use Automation to Make Managing Your Records Easier

Johnny Lee: Yeah. If the case law tells us nothing else, it’s that policies that are works of fiction generally tend to frustrate the judiciary. They tend to take it out on the parties that don’t follow their own policies. In many ways, as a practical matter, it’s better to have no policy and to be able to demonstrate a consistent process than it is to have a very well-written policy that is a fantasy that nobody follows or understands.

Scott Ellis: Which I’m sure is rather common.

Johnny Lee: Which is rather common. And, again, if you’re a small or medium-sized business, there’s no mandate that you have to have a bulletproof policy. The standard here is not perfection against some weird objective criteria. It’s reasonableness. What is reasonable relative to data preservation for your organization based on what you’re doing in the market, based on how you’re regulated, and based on what your litigation profile is.

Here, to your point about using an enterprise platform to automate some of those things, the only cautionary I’d throw out there is that automating something that’s broken only means that it will break faster and in less visible ways. Provided that you have the practice, over time, of deleting things on, say, a 90-day rolling cycle — and here’s a kicker — and you are able to suspend such deletions when needed, when you have an affirmative data preservation obligation, then that automation can be a tremendous benefit to the business and should be pursued. It’s incredibly cost-effective, and it addresses all of those operational concerns, which ought to be the focus in the first place.

All the courts ask is that you be able to stop deleting things in an automated fashion when the requirement arises to do so.

Scott Ellis: Okay, that is sound advice. Let’s go out on this. If you could give any two pieces of advice to SMBs with respect to our topic today of eDiscovery and litigation support, what would those things be? What would you suggest they do that is reasonable and helpful, but not too much of an encumbrance?

Johnny’s Two Pieces of Advice for Any SMB

Johnny Lee: One on the recommendations that would be at the foremost of that is identifying what your current practices are today. The time to learn how inconsistent your practices are is not when your key employees are being deposed. That is way too late and much too problematic for you, so I would start there.

This doesn’t have to be $100,000 effort to get your arms around what your practices are, some understanding of how routine operations work, what that means. That adjective ‘routine’ has a big weight in the case law and under the Federal Rules of Civil Procedure, which serves as the model for many state courts as well. So understanding what your practices are, simply put, is definitely the place to start.

Then, the second would be try to identify what level or rigor you need to apply to that routine operation so that you don’t deviate over time from that routine. That may require memorializing a policy. It may require ongoing monitoring. It may require a third party coming in to do an audit every year or other year, or what have you. That’s going to vary on your risk profile. That’s much more of a judgement call.

But if you could establish the assessment side of things by understanding what your current practices are, and then you could establish what controls are ‘appropriate.’ I use that word deliberately. What controls are cost-effective? Which controls are relevant to your industry? Which controls are required under the laws and statutes governing your business model?

Those two things are going to keep you in good stead. Probably 90 percent of the problems that we see relative to sanctions and eDiscovery are hemmed and hedged by those two things. If those are in place, you’re going to not run afoul of a lot of the problems we see in those sanction cases.

Scott Ellis: All right, again, solid advice. Johnny, thank you so much for joining us today.

Johnny Lee: My pleasure, Scott. Thanks for reaching out.

Scott Ellis: For anybody that wants to learn a little bit more about the topic, I will definitely be linking some things up in the show notes, including some things, some references that were not necessarily mentioned on the show. Be sure to check that out if you want to educate yourself a little bit more.

We didn’t really get into the forensic side of things. There’s a whole other show on that that maybe we’ll come back to in the not too distant future. We’ll pull Johnny back onto the show to talk to us about that. Again, Johnny, thank you for joining us. We appreciate your time, and we’ll talk to everybody next week.

Johnny Lee: Take care.

Scott Ellis: Technology Translated is brought to you by the Rainmaker Platform, the complete website solution for content marketers and online entrepreneurs. Find out more and take a free 14-day test drive at Rainmaker.FM/Platform.

 

How to Pick the Right Hosting Company for Your Website

Website hosting seems like such an easy decision. But not all hosting is created equal. In this episode we’re going to teach you what you need to know so you can make a better hosting decision for your business.

John P. is the host of GeekBeat.TV and is a former telecom executive and CMO for a datacenter and hosting company Layered Technologies.

I’ve found no one better at explaining the nuances of hosting than John. We’re going to give you a behind the scenes look at how hosts operate and think.

You might rethink your hosting choice after listning to this …

In this 31-minute episode John and I discuss:

  • They basic types of hosting
  • The cost of different types of hosting
  • The advantages and disadvantages of different hosting types
  • What types of sites to put on what types of hosting
  • The SEO impact of hosting and why good hosting drives more traffic
  • Where we host our sites
  • Why you should avoid cheap dedicated servers
  • What to do when your traffic explodes and one server isn’t enough

Listen to Technology Translated below …

The Show Notes

If you’re enjoying the show would love for you to leave us a rating and review on iTunes. If you have a question you want answered on the show, give me a shoutout on Twitter @vsellis and use the hashtag #asktechtrans.

The Transcript

How to Pick the Right Hosting Company for Your Website

Voiceover: This is Rainmaker.FM, the digital marketing podcast network. It’s built on the Rainmaker Platform, which empowers you to build your own digital marketing and sales platform. Start your free 14-day trial at RainmakerPlatform.com.

Scott Ellis: Today’s guest is my good friend, Mr. John P. Most of you know John as the host of GeekBeat.TV, a show that I also take part in and occasionally host, but John is also a former telecom executive and was the CMO of Layered Technologies, which is a host and data center provider here in the Dallas area.

John has a knack for explaining the topic of hosting in a way that makes it interesting and easy to understand. The importance behind this episode is that hosting is something that many of us get wrong. You’d think it’s an easy decision: I go out, and I find a plan, and I put my website on it. I don’t have to worry about it, right? They do all the backups.

Well, there’s a whole lot of other things that come into play with hosting that can have very serious implications for your business if you’re doing any kind of business online or aspire to.

Some of the things that John is going to share with us today may get you to rethink your approach to hosting. If you happen to be a technologist, and maybe you do something like I do, building websites for a lot of clients, you probably have the hosting discussion pretty often. It’s not always easy to walk your customers through the things that they need to know. This episode is going to arm you. If nothing else, you can just send them this episode and let them hear about it from a true expert.

Let’s get in and see what John has to say about hosting.

I’m here with Mr. John P. How do you say your last name?

John Pozadzides: Pozadzides.

Scott Ellis: Pozadzides.

John Pozadzides: Just ‘P.’

Scott Ellis: That’s why we call you ‘John P.’

John Pozadzides: Even Greek people refuse to say my last name.

The Basic Types of Hosting

Scott Ellis: We’re going to talk a little bit about website hosting today. This is the Technology Translated podcast, so our entire goal is to put this into terms that anybody can understand. This is a technical podcast for non-techies.

John Pozadzides: Wait a minute, you want me to explain web hosting to people who don’t understand web hosting?

Scott Ellis: That’s exactly what I’m asking you to do, and I don’t know anybody that does it better, because I’ve heard you talk about this stuff before.

John Pozadzides: That is a sad state of affairs.

Scott Ellis: You’ve done a good job of making it easy to understand, so we’ll put you to the test again today.

John Pozadzides: We shall endeavor to do our best.

Scott Ellis: Do not let me down.

John Pozadzides: Yes.

Scott Ellis: You do a lot of things. You’re probably most well-known now as the host of GeekBeat.TV, out of retirement.

John Pozadzides: Yes indeed.

Scott Ellis: A very short retirement. I hope it was fun. But you were, once upon a time, also the Chief Marketing Officer for Layered Technologies.

John Pozadzides: I was indeed, and also before that, I spent a better part of a decade doing all manner of infrastructure-related stuff for companies like GTE and SAVVIS Communications, so I do have quite an extensive background when it comes to things like data centers and Internet connectivity, security systems, et cetera. Basically, all the underpinnings — the things that make the Internet actually work — I grew up with that stuff.

Scott Ellis: You’ve known that stuff for a long time, and you have a knack for explaining it in very easy-to-understand terms.

John Pozadzides: That’s just because I can’t understand it myself, so I make smart people tell me, and then I just regurgitate.

Scott Ellis: There you go. Well, get ready to throw up all over the microphone.

First of all, let’s go into talking about the different types of hosting, because there are multiple different types of hosting that people can choose from. The price points are all over the place. If I don’t know what to do here, I don’t even understand my options.

John Pozadzides: Let’s just start off by saying, hosting — there’s really just one kind of hosting in the universe, but you can get different sizes of it. Wherever you host your website, you’re basically putting a bunch of HTML pages on a server that’s connected to the Internet. How big of a server you get, how old of a server you get, that’s going to determine how responsive the site will be, how fast it will be, and your costs.

It’s just like having a desktop computer. My grandmother might have an old 286 laying around that barely functions.

Scott Ellis: Does she still use that?

John Pozadzides: I don’t know. Some people have a Commodore 64. That’s okay. And then some people go out and buy the latest, greatest thing, and obviously the newer stuff is going to work faster and better with less waiting than the older stuff.

The question is, what’s the difference between, let’s say, a free or almost free website hosted at GoDaddy or HostGator or one of these guys versus a big server farm that Google uses? Really, the difference is that instead of getting an entire computer dedicated to yourself, you’re just getting a little timeshare on one. You’re getting a little tiny piece of one.

We categorize different types of hosting as shared hosting, meaning that instead of having a server all to yourself, you’re going to share it with other people. Then, you could get virtual servers, which means that you could take one physical computer, and you can run virtual machines on it. Those are like a fake computer running inside a real computer, but it allows you to have multiple instances of an operating system on one computer.

Scott Ellis: It’s like having your own computer, but there’s a bunch of them on the same hardware.

John Pozadzides: That’s right. Because if you think about it, if you are just using your computer at home and you’re surfing the web or manipulating some images or things like that, most of what you’re doing is sitting there reading the screen, and the computer’s waiting for you to give it input. It’s got a lot of spare cycles.

So if you could find a way to let multiple people run across the same hardware platform, then everybody uses the CPU and the RAM at different times and the hard drive at different times, so they’re sharing it. That’s the way virtual machines tend to work.

Then you could get your own dedicated server, so now you’ve got a box all to yourself. No one else can touch it.

And then, beyond that, you would scale into a situation where you have multiple servers, so you would employ additional technology — for example, a load balancer. A load balancer would allow you to take two or three different servers, and using a box that sits in front of those servers, you send the request to that box, and then it round-robins or distributes the load between multiple servers.

The Cost of Different Types of Hosting

John Pozadzides: As you can imagine from the things that I’ve just described, every step up is more costly. What people don’t know is if we go back to our shared server situation, these things may cost $2 or $3 a month for hosting your website. That sounds really attractive.

Scott Ellis: That’s pretty cheap.

John Pozadzides: I mean, I’d like to host GeekBeat for $2 or $3 a month. That would be nice.

Scott Ellis: Good luck.

John Pozadzides: The problem is that when you get into one of those very low-cost hosting situations, you actually have not tens of other people on the server, not even hundreds, but usually thousands. It’s not uncommon to see, let’s say, 2,000 websites hosted on a single server.

Scott Ellis: That’s getting crowded in there.

John Pozadzides: Yeah, but if you think about it, you want to be that web host. It may cost you a couple hundred dollars a month to run that server, but if you’re collecting 2,000 times $2 or $3 a month, that is a high-margin business to be in.

Scott Ellis: It’s a very high-margin business to be in. And most of those websites are probably not getting that much traffic, right?

What Types of Sites to Put on What Types of Hosting

John Pozadzides: That’s the thing. If we have a website that gets five or 10 page views a day, and it’s on a server with 2,000 others, what are they getting — 20,000, 30,000 page views a day? That’s nothing for a server to handle. That’s really not much. A well-optimized server can handle a million or more page views a day, so they really load them up.

But what happens is, when you have your site hosted on a machine with 2,000 other sites at any given time, it only takes one of those sites having a really popular article of some sort to bring a killer amount of traffic and crush that server and take down 2,000 websites, essentially.

If you’re going to host something on a $2, $3, $5 a month shared hosting plan, just make sure that it’s not anything critical. If you want to put your family’s personal website that only you and your relatives look at on one of those cheap ones, go for it. It’s a great place for that. But if you want to put a business on there, don’t plan on being in business very long.

The SEO Impact of Hosting and Why Good Hosting Drives More Traffic

Scott Ellis: I will say that, from the standpoint of working with a number of clients who have web hosting on a variety of types of servers, that usually we see in those shared instances that sites do not perform as well. That does have some downstream impacts, as well, because Google can see how your site performs. Now, granted, we don’t really get to see behind the curtain of Google’s algorithm, but what we’ve been told is that site performance is definitely a factor in SEO.

John Pozadzides: It is, absolutely. Not only do you care about placing business accounts on servers that are going to be reliable and stay up so people can visit your website, but the faster your page loads, the better it performs in search results. Google has been very, very clear about that, and that’s a principle that’s been going on essentially since the beginning of time. And there’s a very practical reason for it.

If you think about it, if you’re Google, and you send someone to a website and they can’t even load the page — let’s say that you’re on a little shared web server and you write a really good article and 10,000 people want to read it all at once — Google knows that that shared web server will go down. It cannot handle that traffic. So they’ll start sending traffic to it, but as they see people bouncing back to Google, they’ll figure out that the site’s not up, and they just stop sending traffic.

The faster the site responds, the more Google trusts that site’s ability to handle essentially any amount of traffic you send to it. We all want to have a ton of visitors come to our website, right? It’s like, “Oh, it will make me feel really good if I write an article and 100,000 people read it. It feels good, warm, and fuzzy.” You probably didn’t make any money off of it. Who cares? You feel good.

But you don’t think about the fact that you have to have underlying infrastructure to support that number of visitors. It’s like saying, “I’m going to build a bar out in the middle of the woods, and I’d really like to have 300 people come drink at my bar, but there’s just a muddy dirt road getting to it.” You can’t get 300 cars down the road, okay? You can have a dream, but if you’re going to have that dream, you’ve got to put the infrastructure in place to support it.

The Advantages and Disadvantages of Different Hosting Types

Scott Ellis: The other concern I have with shared hosting is — and we’ve actually seen this happen in a couple of instances — if a site becomes infected with malware. Depending on how that server is configured, it can become easier for other sites on that same server to also become infected, and it can run away very quickly. I’m speaking directly from experience of having to clean up some sites where that was exactly what happened.

John Pozadzides: Yeah, unfortunately, no matter how good the host is — there’s a lot of very reputable hosts that handle shared hosting — 1and1.com and Bluehost and DreamHost, there’s a lot of them. But the problem is that there are always people discovering new vulnerabilities within the underlying software architecture that the server itself runs on.

If one flaw is found in the OS, one security hole, then it doesn’t take much before somebody hops on that server and does actually do damage to thousands of sites, all at once. And they do it because it’s fun. They do it because it’s a challenge.

One way of protecting yourself from that is to step up from the shared hosting space into a virtual machine of some sort. You can actually do searches for ‘virtual server hosting,’ and now you’ll see a different set of price points. But usually, these price points will start in about the $20 range. One of the cool things about virtual machines is that generally, they actually run on equipment that’s higher-end, so they’ll put up a much bigger, meatier server, and they’ll run these virtual machines on it.

You have the ability to start off with a certain level of hosting, and then as you need more power, you can go into the website and turn up the juice. If you need more RAM or need more CPU, you go into a control panel, and you say, “Give me some more.” Then it takes five minutes to reconfigure, and you don’t have to move to another host. You just get more power with the existing host by running a virtual machine.

Also, you have your own dedicated operating system instance, so if there was some kind of vulnerability, then they would have to attack your virtual machine specifically, which is a lot less likely. A single site sitting on a virtual machine is not going to be generally as big a target as going after a machine that has thousands of sites on it, unless your site is big and popular. GeekBeat, it doesn’t matter where we put it. It’s going to be a target, so we have to stay on top of the security aspect.

That actually brings up one other factor here, which is, are you actually capable of running this thing yourself? Do you know how to configure the actual underlying operating system, and are you able to harden it and protect it? Are you keeping up with all these things? Most people are not, and I can’t do it.

Scott Ellis: Nope, me likewise.

John Pozadzides: Really, then, you have to start considering a managed hosting infrastructure, where you place the responsibility on someone else for keeping up with updating your operating system and making sure that they’re doing security audits and you don’t have holes.

For businesses, this is, I believe, the only way to go. If you’re very small, if you’re a one-man shop and you’re just getting started, that’s a different story. But once you get to a point where you have a sustainable business and you need to have a professional web presence, you need to have it being managed and monitored by somebody. Do we want to talk about who’s doing ours?

Where We Host Our Sites

Scott Ellis: Yeah, we definitely want to talk about who’s doing ours. That would be Synthesis from Copyblogger. All of our stuff resides with them. VSELLIS.com actually lives on the Rainmaker Platform. We’ll come to that in a little bit. But the situation you just described is what Synthesis does, but they are specialized in WordPress-only sites. They won’t host anything else.

John Pozadzides: Yeah, what I like about them is that if there’s ever an issue, we just open a trouble ticket, and they take care of it. You think about it: what’s your time worth? Our site’s gone down once or twice, and it’s because of stupid things we do to it, not that they do to it.

Scott Ellis: John ‘fixed’ it again.

John Pozadzides: Yeah, but it doesn’t matter. Even if I ‘fix’ the website and take it down, I just put in a trouble ticket, and I say, “Hey, guys. Sorry, the site’s down. Can you fix it?” A few minutes later, it’s back up.

Actually, there’s tremendous peace of mind with that. If you think about what your time is worth, the additional cost of having them run and manage that, maybe it’s $50 a month or $100 a month more than we would have to pay anyway just for the infrastructure required for our site.

That is nothing, especially when you have an outage. Oh my God, you would pay anybody $100 to get it back up at that point. Just pay them the $100 a month or the $50 a month or whatever it takes to take care of that from day one, so it never does go down. Then don’t think about it like, “Well I’m wasting that money.”

You’re not wasting that money. They’re keeping it up. You’re getting exactly what you paid for.

Scott Ellis: I would guarantee anybody that thinks it’s a waste of money, all you need is for your site to go down one time, and you don’t have anybody to call, and you have no idea how to fix it. You’ll pay 10 times that much just to make the pain go away.

John Pozadzides: It’s easy to pay $1,000 or $2,000 for emergency website repair, easy.

Why You Should Avoid Cheap Dedicated Servers

John Pozadzides: We talked about shared hosting. We talked about some virtual machine-type hosting, and then the next thing is when you step it up and you need an even bigger infrastructure. You go with a dedicated server.

At this point, the sky’s the limit. You could buy a server starting at $80 a month, maybe.

This is going to be an older server, not very high-powered, and truly, I do not recommend those. Here’s why: a little known fact people don’t realize about the hosting industry — I happened to notice because I was in it — most of those servers that you pay under $100 a month for, they are old servers sitting in a data center. They are old servers that have been sitting there for years and years and years, and they’re just charging $100 month for them because those servers were paid off long ago.

Why do you care? A server’s a server, right? Except for one very important detail, which is that usually, those old servers also have old hard drives in them to match. That means a four- or five-year-old hard drive sitting in a cheap server in a data center, with your website on it, is going to give up the ghost eventually. When it does, I hope you have backups, and I hope you know exactly what you’re doing to get it back up.

Scott Ellis: We wouldn’t have ever experienced something like this firsthand, would we? Even kind of recently?

John Pozadzides: We are talking from experience. There is no doubt about it.

Generally speaking, if you’re going to go looking for a dedicated server host, one of the things that I would highly recommend you do is make sure that the server you’re getting placed on is relatively new.

One of the other things that you can do is, if you option up to an SSD drive in the server, it’s going to do two things. First of all, most hosts have only recently begun putting SSD drives in, so you know it’s going to be fairly new. And secondly, it’s also going to speed up your machine a lot, which is going to go a long way toward, again, helping with your Google performance metrics and higher search ranking for the content you’re hosting on that machine.

Scott Ellis: What do you think somebody would expect to pay for a dedicated server that isn’t the old dusty box in the corner that’s just waiting to die?

John Pozadzides: Probably $200 to $250 a month will get you started with a pretty decent server. You could run a lot of websites on it. You could do a lot of other stuff with it, if you’re so inclined. Even a couple hundred dollars a month, you should be fairly safe, but you always need to have backups going on, always, always, always. Just keep that in mind. You may want to invest in some other stuff like an Amazon account, where you back up your machine to the Amazon cloud, things like that.

Speaking of performance, and not to get off of our hosting topic, but on a related note, one of the things that we do in order to speed up the performance of our websites, is we use distributed caching of our media files, and we use Amazon to host our media files.

There are WordPress plugins that you can drop into a website that will mirror every media file you upload on to Amazon’s cloud and then essentially change the code in your webpage so that the webpages load from your server, but the images and media files load from Amazon’s cloud. Doing so speeds up your website dramatically, because it takes a lot of load off your server. Amazon has much more bandwidth than your one server does, and they can distribute those files all around the world.

Scott Ellis: They don’t have more than the Geek house, do they?

John Pozadzides: No they don’t. We’ve got a lot of bandwidth here. That’s a little side note, but I would highly, highly encourage everyone, no matter how small your website is, to set up an Amazon account and use one of these plugins to mirror your content.

By the way, they only charge you based on usage. Even for us, I think our total charges on Amazon, they average around $100 a month and that’s for all the media files we cache between OneMansBlog.com and GeekBeat.TV, and we’re talking about well over 1 million page views a month. A hundred dollars a month for all that. If you’ve got less, you could literally be paying pennies per month.

Scott Ellis: A side benefit of that is that you get this built-in backup already happening because now, all your files, they’re going to live on your WordPress server, but they’re also going to get sent out and mapped to the Amazon server. So if your website suddenly disappears, I think it’s the whole WP content, or at least the uploads under that, is going to get mirrored up there. You can go get access to that again very easily.

John Pozadzides: The media files and things like that definitely get mirrored, and then what you can do is you can run a different little plugin that will back up your database and your theme files and things like that, so you would have the entire thing backed up to Amazon.

Like I say, it’s very, very cheap relative to the amount of benefit you get, which is another reason that Google rewards people for using CDNs, content distribution networks, and other types of caching. They know it doesn’t cost much. It’s just an extra step and the sites that take that step get rewarded with additional traffic. In essence, it pays for itself.

Scott Ellis: It does, because you will definitely get more traffic. I have seen this repeatedly with my websites. Every time I have moved it to a better server, upgraded the caching, started using a CDN, even if I did nothing else different, I would almost always see a little bump in traffic, directly from Google Search.

John Pozadzides: Every time we’ve ever improved our web hosting, we’ve seen traffic increases, anywhere from 20 to 50 percent every single time.

Scott Ellis: That’s not insignificant.

John Pozadzides: No, it’s a noticeable bump as soon as you get to a faster host. Like I was saying before, Google knows when you have crappy hosting that they can’t send you much traffic, or they will not only hurt you, they’ll hurt everybody else you’re hosted on the server with.

Believe me, they know when you’re on a shared server, because they see the IPs. They see the IP address that your domain is hosted on, and they see 2,000 other websites hosted on the exact same IP address. In fact, there are tools out there — you have to do a search for it, I don’t remember one right off the top of my head — that will look up that will tell you how many sites are hosted on one server, and you’ll be shocked.

Scott Ellis: You probably don’t want to look that up because it might depress you.

John Pozadzides: Yeah, you’ll be thinking, “Wow, I’m in the wrong business because they can get 2,000 sites on that server for what I’m paying them, they’re making a killing.”

Scott Ellis: If I was in the real estate business, I would look at opening data centers because the revenue per square foot has got to be through the roof.

John Pozadzides: It is. It is. You just have to have the people that can support it. That’s a big deal, but you can make good money on data centers, no doubt.

What to Do When Your Traffic Explodes and One Server Isn’t Enough

John Pozadzides: The last little step that we glazed over earlier was, if you grow beyond a single server, then what you can do is you can do a few different things. You can set up multiple servers, and you can do this in two different ways.

You can set up multiple servers in a single data center using a load balancer, which I talked about earlier. We would then have a load balancer that’s connected to three different servers, and what you can do is you can set those up so that they send traffic in different ways. You can have them do round robin, where it just says, “Okay, this request, send it to server one. This next request goes to server two. The next request goes to server three, and repeat forever.”

Another way that you can do it is you can do it based on the load of the existing server. Let’s say you send a visitor to server number one, and that visitor’s doing something really, really intensive, and it puts a lot of load on that server. Then you send really light visitors to servers two and three, and those two are finished really quickly, but server one is still busy. Then it could essentially see that server one is busy and go back to number two or three. That’s a more sophisticated type of load balancing, but you can do that as well.

Then, if you really want to do some better load balancing, in my opinion, what you do is you begin using multiple data centers. So we might put a server in Washington, DC, and put a server in San Francisco. Then we can use something like a distributed DNS type of load balancing, where you find a DNS provider.

Scott Ellis: Anybody you’ll recommend on that?

John Pozadzides: We use Amazon Route 53 for ours, but they don’t do this particular thing that I’m describing. It’s something I hope they get into, but there are a number — I don’t recommend any of them, because I just don’t have any experience with the others — but there are some very reputable ones that will do this.

What you do is you put one in, let’s say, London, one in Tokyo, one in DC, and one in San Francisco, and it’s going to do geographically based load distribution. The DNS looks at where the request is coming from.

By the way, I didn’t really clarify what I mean by ‘DNS’ earlier. Every website is hosted on the server, and that server has an IP address. That IP address is like the phone number of that server, and DNS is like the phone book. If you know somebody’s name but you don’t know their phone number, that’s the same thing as knowing someone’s website URL but you don’t know the IP address. If you want to go to GeekBeat.TV, that technically doesn’t exist in the digital world. But an IP address associated with GeekBeat.TV does exist.

You type in ‘GeekBeat.TV’ in your web browser, and it goes and makes a request to a DNS server. It says, “Hey, I want to visit GeekBeat.TV. What’s the IP address?” Then, this DNS server tells you the IP address, and then you go to that server. There are DNS services that are smart enough to see that we’re sitting in Dallas, Texas, and it would say, “Well I’m getting a request for GeekBeat from Dallas. What’s the closest web server that I have in my little rotation here.”

And maybe let’s pretend — we’re right in between DC and San Francisco, but let’s say it was San Francisco — then it sends us to San Francisco. But someone in New York, it sends their traffic to DC. And someone in Europe, it sends them to London. And someone in Australia, it sends them to Japan. It looks at where people are and sends them to the closest server.

In that case, if you have servers and data centers all over the world with DNS routing to the closest server, then what you’d do is you just set up a little script that allows you to upload your content to one server, and it automatically replicates to all the other servers.

In that case, one of the other benefits of the geographic load distribution is that the system can usually tell that if one of the servers is down, instead of it just being down for everyone, it takes it out of the rotation. It just says, “Well we had one in New York, and we had one in DC, but the one in New York is not working, so we’re going to send everybody to the one in DC.”

Scott Ellis: Very good. It helps distribute all the traffic to wherever is the most appropriate, both geographically and based on that server’s ability to respond.

John Pozadzides: That’s correct.

Scott Ellis: Good stuff. I’m guessing this kind of big infrastructure though, distributed CDN, DNS, there are a few more TLAs in there — this is a little bit more expensive, though. We’re really stepping up now into something that’s fairly sophisticated and is going to cost them some bucks, right?

John Pozadzides: That’s the thing. Generally speaking, yes. However, lately with the emergence of, for example, these distributed DNS service providers, you actually could do something fairly inexpensive. In fact, we have done that with GeekBeat.

Instead of setting up dedicated servers all over the world and doing the distribution between them, you can actually employ the technique of setting up virtual machines in multiple locations and then load balancing between those. You might be able to get a virtual machine for $30, $40 a month.

Even though there may not be a huge amount of traffic, let’s say, in Europe, if you put a virtual machine hosted in a European data center and you do it very cheaply and then you mirror your content onto it and you use distributed DNS to send European visitors to that one, the difference in their page load time means instead of European visitors having to cross the Atlantic to get their data from somewhere in the United States — that will take hundreds of milliseconds of round trip time for each request — but by putting it over in the European data center, you can probably lower that to tens of milliseconds.

It doesn’t sound like a big deal, but 500 milliseconds is half of one second, and for every single request to be delayed by half of one second, Google will penalize you for that. You may be getting US traffic just fine because the performance is fine here, but in Europe, Google’s penalizing you.

You’re not getting European traffic because the roundtrip times are too long. People’s abandon rate is higher because they don’t want to wait for pages to load and it feels sluggish. You put a $20, $30 a month website over there on a virtual machine in Europe, and you use the distributed DNS to send European people to it, and that’s really not that expensive for a big performance gain, a potentially big SEO improvement and lots of other benefits.

Scott Ellis: That’s substantial, and I had no idea we had a European office.

John Pozadzides: We’re working on it.

Scott Ellis: I’ve got to go visit. It sounds like fun.

I’ve got one question that came to us, and I’m glad that we got this because this is an important consideration when you start to host your website, and that is about email. The question is, “Should I host my email on the same server with my website, which I think is what a lot of people do, or not?”

John Pozadzides: I would say ‘not.’

Scott Ellis: I would agree, for some very good reasons, but John, this is your show.

John Pozadzides: We’ve been down this path the last 15 or 20 years. I guess I’ve been doing stuff online now for something like 17 years, longer than most. We’ve been down this path in every format possible.

There are a number of problems with hosting your own web server, but not the least of which is when your web server goes down and you need to be contacting people and doing things like opening trouble tickets and stuff, they tend to want to send you an email. You have email notifications going on, but when your server that’s down is hosting your mail, you lose that primary method of communication.

That alone is enough reason to just end this conversation. But there are other problems with hosting your own server, and one of them has to do with spam and the way spam is handled — not only the way it’s handled on your server, but your server has to talk to all the other mail servers everywhere.

One of the challenges we’ve had, actually — and we’ve dealt with it in different ways — but with the Geek Beat domain fairly being popular, we get a lot of spam here. We were doing some things where, for example, some of our folks who had email boxes wanted to forward the mail to their Gmail account so that they could just check everything from one common box. That’s a very common thing to do. I recommend it.

It’s great, with one exception. When your mail server is doing its thing and working just fine but you are getting a lot of spam and you are forwarding your spam from your mail server to Gmail, guess what? Google starts thinking that your mail server is a spammer. This is not good, and that will cause problems.

In that case, one of the techniques you can employ — and this is what we’re currently doing, and I guess this is probably about the best thing that I can recommend to anybody at the moment for this sort of situation.

If you want to forward your email to a Gmail or any other primary email provider out there that you have a free account, what you do is you go into your domain name registrar — in our case, we’re using GoDaddy — and you use GoDaddy’s free email hosting to set up redirects for your email boxes with their mail servers. We’re hosting our own website. We’re hosting it at Synthesis, and it’s hosted across a distributed network of servers, but the email actually stops at GoDaddy’s mail servers, where if you send an email to John@GeekBeat.TV, their mail server forwards it to Google’s Gmail servers.

Here’s why it’s important. Even though they’re forwarding the exact same mail that our little mail server was forwarding, Google knows that GoDaddy’s mail server is not a spammy server.

Scott Ellis: They’ve got a relationship and an understanding, and they’ve validated each other.

John Pozadzides: That’s right.

Scott Ellis: They’ve done the dance.

John Pozadzides: They don’t care about Mail.GeekBeat.TV, but they know that GoDaddy is not spamming them, and so they’re not going to shut it off. This flood of forwarded messages coming to John@GeekBeat.TV to my Gmail account doesn’t get marked as spam, doesn’t penalize our domain, et cetera. If your site goes down, your mail server still works. GoDaddy’s mail servers are a lot less likely to go down than our server.

Scott Ellis: I also host all of my business email on Google Apps, which is also an option.

John Pozadzides: Absolutely. If you don’t mind paying $5 a box for that, then you actually get a lot of benefits from going with Google’s hosted options.

Scott Ellis: Yeah, there’s a lot of benefits with it. You get, obviously, all the other applications that come with it, the calendar and a whole bunch of other things.

John Pozadzides: More storage, everything else too, right?

Scott Ellis: For the reasons that we talked about before, truthfully, even as technical of guys as you and I are, we’re not going to go manage our own mail server. One, who wants to do it? Two, that is a whole different level of geekiness that I just can’t even approach.

John Pozadzides: It’s just something that requires full-time people on it. It’s not worth it. Even if your website itself is not that critical to you because it’s your personal family website or something, I guarantee you that when your mom’s email stops working, you’re going to hear … it’s not worth it. Just don’t mess with it. Use your domain registrar to do that.

Scott Ellis: Keep it simple.

John Pozadzides: Keep it easy.

Scott Ellis: All right. Hopefully, that has clarified the myths around hosting and the things that people probably don’t understand that will help them make a better decision in choosing a web host for their site.

John Pozadzides: Hopefully we didn’t just confuse everybody even more. That’s a lot of info.

Scott Ellis: It was a lot of info, but it was very nicely laid out. Well done, Mr. P.

For the rest of you, if you have any other questions, if we glossed over something that didn’t quite make sense or you need more clarity or you just want to ask us a question that we didn’t get to on the show, by all means feel free to drop us a line. You can reach me @vsellis on Twitter. I am +Scott Ellis on Google+, VS Ellis on Facebook.

Where are they going to find you online, John? Are you actually online?

John Pozadzides: I try and stay off as much as possible, but you can always Tweet me @johnpoz. On Google+, I’m just John P., and John@GeekBeat.TV gets the email right to me.

Scott Ellis: There you go.

John Pozadzides: Thanks to GoDaddy.

Scott Ellis: Thanks to GoDaddy, and go check out GeekBeat TV at GeekBeat.TV.

John Pozadzides: That usually gets you there.

Scott Ellis: That will get you there. All right, guys. Thank you very much.

Technology Translated is brought to you by the Rainmaker Platform, the complete website solution for content marketers and online entrepreneurs. Find out more, and take a free 14-day test drive at Rainmaker.FM/Platform.

Giovanni Gallucci on Images as Content and Understanding Usage Rights

Giovanni is one of the most generous people I know when it comes to sharing his knowledge, and he’s been teaching about image usage and optimization since 2008.

Sponsors & Promotions

Not Just Another WordPress Website.

Discover why over 201,344 bloggers, podcasters, affiliate marketers (and many others) trust StudioPress to build their websites.

Launch your new site today

Giovanni is a successful social media consultant and practitioner, videographer, and photographer. He also has a knack for pushing the boundaries of SEO. He stays on the “light side” of SEO, but by pushing the edges is able to find opportunities and gain an advantages that most people don’t know about.

Let’s dig in…

In this 45 minute episode Scott & Gio discuss:

  • The importance of images in your content
  • The image as content
  • Image SEO and EXIF Data
  • Where you can find images you can use on your site
  • Image usage rights
  • Audience Q&A
  • Above all else… what’s most important
  • What constitutes Fair Use?
  • DPI Standards

Listen to Technology Translated below …

The Show Notes

If you’re enjoying the show would love for you to leave us a rating and review on iTunes. If you have a question you want answered on the show, give me a shoutout on Twitter @vsellis and use the hashtag #asktechtrans.

The Transcript

Giovanni Gallucci on Images as Content and Understanding Usage Rights

Voiceover: This is Rainmaker.FM, the digital marketing podcast network. It’s built on the Rainmaker Platform, which empowers you to build your own digital marketing and sales platform. Start your free 14-day trial at RainmakerPlatform.com.

Scott Ellis: Welcome to the first full episode of Technology Translated. I’m your host Scott Ellis. My guest today is Giovanni Gallucci. Many of you may already know Gio if you’ve ever run into him online. He is frequently out speaking on topics around social media. He has taken a little hiatus and then recently come back.

We all know the importance of images, embedding them on our blog post, using them in social media posts, and the things that we share because they draw more attention. Gio’s going to help us get into some really good, nitty-gritty details on better image optimization, on better image SEO, on the usage rights of images.

This is something that I want you guys to pay very close attention to because I know some of you out there will still go out to Google, grab an image that you want to use, and stick it on your site. Got to stop doing that, guys, and we’re going to tell you why. Not just because it’s bad or it’s wrong, but what are the other implications behind that?

Without further ado, let’s get into it with Giovanni Gallucci.

This is the first episode of Technology Translated. Our whole goal here, Gio, is to make this as easy as possible for non-techies.

Giovanni Gallucci: That’s what I’m here for, sir.

Scott Ellis: We are going, today, to talk about images on your website.

Giovanni Gallucci: Can we first spend about 30 minutes talking about me?

Scott Ellis: Sure. Why don’t we talk about you? I was actually going to cue that up first.

Giovanni Gallucci: Jump cut in the audio world — I don’t know what that would be called. Okay, now to the interview.

Scott Ellis: Okay, so now I’m really going to start talking about you. Images on the web is a topic that I am very passionate about because it’s something I see a lot of people do very badly. I think it’s just because they don’t understand. Back in, I want to say 2008, 2009, when I first really started paying attention to how I was using images in my web content, I heard a great talk from a guy named Giovanni at a WordCamp.

Giovanni Gallucci: He sounds incredibly handsome.

Scott Ellis: He is, and he’s so smart. He kind of opened my eyes to a lot of things around image SEO, how images are used on your website, and all that good stuff. Do you remember that talk?

Giovanni Gallucci: I do remember that talk. I gave it about 64 times.

Scott Ellis: Well, it was a good one. I think a lot of people learned a lot from it, so today, we’re going to relive some of that and share our knowledge with the audience out there. The first thing I want to talk about is just the use of images. I think by now most people understand that images are important. They draw attention. But how important is it really to include images with your content?

The Importance of Images in Your Content

Giovanni Gallucci: I would even take it a step further and consider, not just using images with your content, but whether or not images should be the primary source of your content as opposed to creating lots of text-based content that happens to be accentuated with imagery or videos.

I’ve got one client that I’ve been working with for about three years now. Actually, I’ll back up. I’ll say about two years. They had no footprint in the United States when they started here. We’ve launched social media for them for a brand that didn’t exist, and it has been probably 80 percent nothing but pure imagery — 70 percent original content, 30 percent content curated from our fan base. The brand is as strong as I could ever of dreamed it being.

Now, the brand has got a really high-quality product. We were able to communicate the kind of a brand that we want to communicate to the audience through imagery so much more effectively than we could by trying to write blog posts and trying to interest people that way.

The short answer is extremely important, and the extended answer is could you possibly consider building a brand primarily with all images as opposed to the old days where it was you’re writing blog posts, and then somebody woke up and said, “Hey, if you throw an image on top of that, more people will look at it.”

Scott Ellis: That’s interesting, and that dovetails nicely with a lot of what we’re seeing right now with the rise of popularity of things like Pinterest and Instagram. The visual marketing of image heavy marketing is really taken off big time all of a sudden.

The Image as Content

Giovanni Gallucci: That’s where we’re strongest with this brand. It’s Pinterest and Instagram. We essentially pay attention to Facebook just because you can’t afford not to be there, but we really don’t put any energy into that audience. A lot of that’s because of what they do to the algorithm there. I’m just not going to put energy into any platform where, organically, all I can do is reach six percent of the audience that has opted into my communications. That’s a personal decision of mine, and probably a terrible one from a business standpoint, but so be it.

Then Twitter, Twitter is great for imagery as well, but Instagram and Pinterest is where we’re just completely on fire. Like I said, it’s so much easier, at least for me as a creative, to communicate a lifestyle and communicate a theme and a storyline through imagery. I hate writing, and I don’t like my writings. These are not business decisions. These are I’m just lazy and don’t like to write.

Scott Ellis: I think a lot of people are like that though, right? They don’t really want to take the time. It’s worth it to me to take the time to do a lot of writing, but a lot of people don’t want to, and they need other options to explore.

Giovanni Gallucci: Absolutely. If you’ve got the skills yourself or available on your team, then you should absolutely take advantage of them. It’s funny because doing things through imagery, it’s not that it takes less time.

For me, it takes less effort because it’s more natural for me to go and do photography and video. It’s more of a chore, if I want to use that kind of word, for me to sit down and write something that I think is as effective as taking a shot from say a stage, and you’ve got 30,000 people in an audience that are cheering on a band. That, to me, speaks to a lifestyle in a way that I never could write and communicate for a brand.

Scott Ellis: For everybody that doesn’t already know, Gio does a tremendous amount of photography and videography, and you can find a lot of that at LiveLoudTexas.

Giovanni Gallucci: Yes. I’ve tricked companies into paying me.

Scott Ellis: Imagine that. It’s because you’re a smart, handsome guy.

Giovanni Gallucci: I’ll take that.

Scott Ellis: What is the proper domain name? I want to make sure I get this right.

Giovanni Gallucci: It’s LiveLoudTexas.com.

Scott Ellis: Okay. That brings us into the conversation about image SEO, which was something that was really what I was learning when you were first giving the first of your 64 talks on that. Well, first of all, let’s talk a little but just about the important things to do from an image SEO standpoint. How different is it now than it was seven years ago?

Image SEO and EXIF Data

Giovanni Gallucci: The nice thing is that the image SEO on the files is the exact same as it’s always been. I will pull back the kimono here and be completely honest. Whenever I was a lot heavier into the technical side of SEO – today, I do more communications and creative stuff — but back in the day when I did more programming and technical SEO, I discovered the things that I taught at that talk because I tended to play on the fringes of gray and black hat SEO. I was very aggressive about looking for ways to be one step ahead of the general SEO expert so that I could get my clients above them in the search rankings.

Even back then, SEO was so well-known and so many people were doing it that you could do all the best practices in the world and still make no headway. You had to find ways to step outside the normal frame of thinking and figure out ways that you could … I’ll be honest. I bumped right up against black hat SEO, but I would always make sure that the stuff that I did, did not infringe upon the terms of service for the services that were worked on. I tell you what, I definitely broke the spirit of a lot of the rules, if not the rules themselves. That’s where image SEO comes in, too.

When I started moving away from the technical aspect of SEO and started doing more creative stuff, I was looking at when I was editing images in Lightroom and Apple Aperture and Photoshop. I noticed that all the EXIF, or the metadata was associated with these files. At that time, I didn’t know what the search engines read and what they didn’t read, so I started doing tests.

I would go in, and the basic way I do a test is this. I will go to Google, and I’ll put in a nine- or 10-character string of random characters that returns back no search results in Google. I will then take that character set, and I will put it inside of whatever I’m testing and then wait for a few days and see if that shows up in Google.

Scott Ellis: Okay, question. You’re putting that into one of the metadata fields?

Giovanni Gallucci: Yeah. You can put it in the title. You can put it in the description. You can put anywhere inside that file. This isn’t limited to imagery. This is limited to if it’s a PDF file, if it’s a video file. Any kind of file you put on the Internet, if you want to identify what parts of the file that Google will search and actually catalog and use as an element to return back in search results. You find something that you can search in on Google that returns zero search results. Then you add that to your content. Then you wait a few days.

Back in the day, you used to have to wait two or three weeks. Today, sometimes, especially if you take an image and post it to Google+, it will show up within an hour inside the Google database. It’s a lot easier to test now.

Back then with the images, sense I started posting more images on behalf of clients, I would start doing those tests, and I found out that every single thing inside that EXIF data, which is essentially metadata inside those images, every single one of those, somewhere Google was picking it up. It was registering as an element inside the search results and the algorithm to show up. It wasn’t the case that I was thinking.

I felt like I was onto something new, but I didn’t think that it would give me that big of an advantage because, from the standpoint of having someone go from a search result and finding a picture to going to a call to action page or something like that, they still had to click into somewhere to get to that spot. But what it allowed me to do — and this was the biggest part of that — it allowed me to push other people outside the search results.

There’s many different ways to play the search game, and one is offensively. You’re going out there and trying to rank the best you can. Number two is defensively, making sure you don’t make mistakes, so you don’t get kicked out of the search engines. Number three where you can play dirty. It is a tough world out there. No one’s going to give you the search results for free. We’re not talking about whether or not we’re going to heaven or hell. We’re not breaking any laws.

We’re talking about you look at those rules, the rules are in place, and if you follow the ‘rule of law’ for the terms of services for one of these sites, you look for every opportunity you can to break the algorithm and break the spirit of the rule. I have never, ever had a situation where I’ve had a client or myself banned from a site because I broke the spirit. I’ve been banned from a site for breaking the rules, several times on tests that I was pulling to see how far I could go. Never, ever had a client put in jeopardy because I found a loophole in the system. In this day and age, you’ve got to find a loophole.

To bring us back to EXIF data, what that allows you to do, it allows you to get more brand impressions inside of Google. Especially today, when Google is looking at social status and engagement as a way to integrate into their search algorithm, the more images I can have show up in social media that have my brand name and hyperlinks in them, the better off I am in the algorithm. Make no mistake, those hyperlinks inside the EXIF data are hotlinks as far as Google is concerned.

Scott Ellis: This podcast is called Technology Translated, and we’ve gotten reasonably technical with respect to editing EXIF data.

Giovanni Gallucci: I’ve got to go, I’m done. I think I’m in the wrong room.

Scott Ellis: Do you? No, you’re in the right place. You’re not going anywhere. What do you recommend as an application for people who are actually wanting to go in and edit that EXIF data? Before you go into that, let’s reiterate exactly what the EXIF data is.

Giovanni Gallucci: EXIF is a fancy word for, or acronym, I don’t even know what it means. It’s the title. It’s the description. It’s the location. It’s keywords. I look through Aperture, before Apple demoted Aperture, there were over 10 different complete info screens full of a couple of dozen different elements that you can fill in that are text-based elements. The reason why there’s so many is that there’s so many standards for you to cover them all. There’s a lot of repeating of information.

They’ll have one thing you can fill in called a ‘description,’ and another thing called a ‘caption.’ You have to fill both of them in because Flickr will pick one up. Facebook will pick up a different one. Google+ will pick up a different one. You’ve got to go and do your tests and figure out what’s required and what’s not required.

There’s categories, tags, and keywords. Why there’s three different ones I don’t know, but you put the same stuff in all three of them. Because, depending on what’s reading it, they have a different element or name for each of those one of those types of things. My brother used to think he was so smart because he would say, “Metadata is data about data,” and he would laugh like a nerd. That’s what EXIF is. EXIF is information about the information around the image.

Scott Ellis: Right. For anybody that’s head is still spinning a bit, this is basically information that is literally embedded in the image. You would look at 100 images and never know it’s there. It’s not something that shows up. You have to have a special application of some kind to open the image in, and then it will show you what that embedded information is. That’s typically a part of every image that’s out there. What application do you use to edit the EXIF data?

Giovanni Gallucci: Today, I use Lightroom, primarily. Apple, again, we’re talking in a time when Apple has depreciated Aperture, which was what I’ve used for years ever since they launched it. I moved over to Lightroom. They’ve just now come out with Photos. They used to have an app called iPhoto that came with the operating system. It still works if you have it.

When you click on an image on any image editing application you have, there’s always a place where you can get access to what they call ‘info.’ When you click on the info menu anywhere and you look at the preferences, those preferences that pop down are all editable, and they’re available for you to either add to them, change them, edit them, delete them — whatever you want to do.

Whether you’re in Photoshop, and I’m making a huge leap, but I cannot imagine they wouldn’t have it in Photos in the new Apple application. Any respectable and even amateur pro editing application is going to have some access to that stuff. Especially at the level of folks that are listening to this, my assumption would be that if you’re using a basic windows editing application, Photoshop Lite. What are they calling the lite version of Photoshop now?

Scott Ellis: I don’t remember.

Giovanni Gallucci: Any of those you’re using, whenever you click on info and it asks you to give it a title, a description, a caption, that kind of stuff, you’re editing EXIF data now. Depending upon what application you’re using, you will have more or less access to that.

Scott Ellis: My next question is on the image information that people can already see. The obvious things, the file name, for example, what recommendations do you have there? One of the things that really drives me insane is when I go to work on a client’s website and all their images are called IMG_007.jpg. We know that, that is not really a good practice. What do you recommend?

Naming Image Files

Giovanni Gallucci: What I do, and it’s weird whenever you have these conversations, cause a lot of the stuff, I’m sure when you’re programming, there’s a lot of things that you do that have become second nature and are part of your DNA now. You don’t even think about being good practices and being something that you have to step outside of yourself and think about doing it. When you say that, the first thing I think is, “What do you mean what do I do?” — and now I realize what it is.

On the Mac, and I’ll give you links to these applications if I’m butchering the names, there’s an application, I think it’s called Photo Rename or File Rename. It’s basically a script or a snippet of code. I do music photography. I do live events, experiential stuff, so everything I’m doing is associated with an event or a brand. What I’ll do is whenever I go and shoot a three-day festival or something like that, when I come back, I may have anywhere from 500 to a couple of thousand images. I take all those pictures and put them inside of a folder on my computer. I name that folder the name of the event.

Let’s say it’s Lalapalooza. I’ll name it Lalapalooza. Then I click on that folder, I drag it to an icon on my desktop, and I let go of it. That application goes inside that folder, renames every single file with the name of the folder and then a date time stamp. It’s all unique names.

Scott Ellis: You just made my day. I need that application.

Giovanni Gallucci: I used to go back and do my editing, and then go back from an SEO perspective and hand rename all this stuff. It’s funny when you ask that, I’m like, “The very first thing I do before I touch anything is the file renaming.” I don’t even think about it anymore. It’s just part of my workflow. I come in, I put my card in the computer, I go to my external drive that has all of my photos on it, I name the event, drop the photos in there, drag the folder onto there — boom, and I walk away.

If you’ve got 2,000 images, it will take a minute and a half to rename them all, but you come back and you don’t even have to worry about saying, “Lallapalooze 2013, Lalapalooza 2014.” It’s got a time date stamp, so organizationally, I can have 10,000 images from one event, and they’re all time stamped. I don’t have to have multiple folders for the same event over different times. That’s a nice time saver. That’s the first thing you do.

You’ve also got an application, made by the same company, that will batch copy a set of EXIF data for you, so for that type of event, you can go in and specify “Austin, Texas. These are the sponsors. These are the artists inside this batch.” Again, whenever I’m shooting at events like this, if I’m shooting a particular artist around a certain event, all those pictures are together. It may be 300 pictures in a block, so I select them all and drag them over to this application. It inserts the proper EXIF data with artist information, relevant hash tags around the events, and relevant brands.

Scott Ellis: Are you adding the artist’s name as well to the file?

Giovanni Gallucci: If the artist allows, absolutely. For South by Southwest this year down in Austin, there was an event with Iggy Azalea sponsored by Samsung. I hope I’m right. I was free to use her name through all our stuff. Samsung encouraged that we use the name Samsung. In my situation, typically what I’m doing is I’m shooting and posting live while the event is happening. They’re handing us hash tags they want us to use to promote what they’re doing.

Iggy certainly wants to be associated with South by Southwest and with Samsung, so that stuff works really well. Whether it’s hash tags, rights, naming rights, any of that kind of stuff — anything that you get approval for that is going to lift your brand up, you always attach those complimentary brands to the images that you’re posting.

Scott Ellis: To circle back on the image-naming piece and kind of round that out, the real question, ultimately, is how far do I go with naming the files themselves? I could end up with file names that are more like a sentence than a file name.

Giovanni Gallucci: I limit them to pick the primary element I’m promoting, and that’s it. I have a general rule that nothing that I put on the web anywhere is causing itself to compete with other things to the extent that you basically cannibalize your own efforts. Maximum I will ever promote, whether it be a keyword, a hashtag, some kind of event, is three items period. Those three items have to be completely different. I was trying to think of a super smart word.

Scott Ellis: We don’t like big words around here.

Giovanni Gallucci: Disparate. They have to be different from each other. I wouldn’t go out and promote a vodka and a tequila in the same post even though they were completely different companies. I would promote a vodka, an artist, and the name of a venue. That’s what I would do. You’ve got to really think about the fact that you don’t want to be hitting your head up against the wall by sending a mixed message to the search engines and, in turn, to users.

Scott Ellis: You might rename a file ‘Iggy Azalea South by Southwest,’ but you’d put both of those elements in there, the artist name and the event name.

Giovanni Gallucci: In the file name, yeah.

Scott Ellis: There you go. That’s some good advice.

Giovanni Gallucci: I could have answered that in four words, sorry.

Scott Ellis: The power of the editor.

Giovanni Gallucci: Six minutes later.

Scott Ellis: That’s okay. It’s a good conversation. Now I want to get into a really big topic around images, and that is usage and rights. I hear this question from clients all the time. The hardest thing for me to get from them typically is content and imagery. I would say 50 percent of the time they are going to ask me, “Can’t we just go grab some images off of Google?”

Now, you and I know what the problems here are, but this question still crops up all the time. I want to help everybody who’s listening to really understand why you just can’t go grab images off of Google.

Image Usage Rights

Giovanni Gallucci: Let’s start with the pain first. Here is the cold, hard fact. If you use an image and it doesn’t belong to you, I don’t care what the circumstance is, if you use an image and it does not belong to you, whether it’s on Twitter, on a T-shirt, or on your website, every single instance of that misuse carries a fine of $7,500 with it.

You do the math. The answer is super simple. Is that picture worth $7,500 to you, or not? Chances are, and I’ll tell you right now, chances are you won’t get caught. When you do, there is no defense for it. It is theft, period.

There are different types of usage out there. Everything I put up on the web is under a non-commercial creative commons license. Anybody in the world is free to go out — I have gone back and forth on this. I don’t think I will ever put a watermark on any of my images again. I think it mucks up the picture. The reason why you put watermarks on pictures is to “try to keep people from stealing it from you.” They’re going to take it. They’re going to crop it and take it. The nice thing about the watermark, though, is that adds $12,000 onto the penalty, onto the $7,500.

If you have an image that’s watermarked, if you take a watermark off, or if you take identifying information off of an image, that’s an additional $12,000 per instance.

Scott Ellis: That stock photo you find on Google that you really like and it’s got the watermark from the company that’s selling it.

Giovanni Gallucci: In the bottom right-hand corner that’s easy to take off.

Scott Ellis: Or it’s in the middle, but you’re like, “I can probably erase that in Photoshop pretty easily,” that’s a $12,000 fine?

Giovanni Gallucci: That’s a $12,000 edit.

Scott Ellis: Ouch.

Giovanni Gallucci: It’s tough when clients come to you and ask you about that kind of stuff because your role is to facilitate and to make things easy for them. Especially guys like you and me, I think that we get paid well for what we do, but we certainly don’t get paid agency prices where we’re paying for four people in the background that nobody sees, right? Our blended rates are much more reasonable, and people come to us because of that.

When they come to you and say, “Can’t you just take a picture?,” it’s usually because they have budgetary constraints. That’s their problem, not yours. The way that I — and it’s not even a push-back. It’s just here’s the situation. “It’s going to be on your website. I won’t go out and find them because I’m not going to be held liable for it because I don’t want to be a party to that, and I don’t want to put myself at that risk. If you present me with images to use, that’s your call because I’m a contractor, but here’s the ramifications.”

I go through monetarily what the ramifications are, and then I say, “But the bigger price is going to be reputation.” There’s one website called StopStealingPhotos.com. All this guy does, he has got a white hot passion for people who steal photos from photographers. He does nothing but spends all his time calling people out. It is brutal. He tears companies down. Ironically, wedding photographers are the absolute worst about it. They’ll go and take images from some other photographer and represent them as their own.

Scott Ellis: You’re kidding me.

Giovanni Gallucci: Oh my god. They do it all the time. Go look at StopStealingPhotos.com. You will waste six hours going through that site being aghast and laughing at the same time. When they come to you and ask, the easiest answer is straight up, “It’s theft. We can’t do that. Two, if you’re going to go ahead and do that, I’m not going to do it. If you present me with images to use, that’s your decision. This is what it’s going to cost you if you get caught.” And leave it at that.

Scott Ellis: Everybody out there that wants to take images off of Google or if your clients are asking you to do that, be aware. You are very liable for doing so. That said, not everybody’s going to go out and shoot their own pictures for every time they need an image. We want to queue up a couple of options for people.

Where You Can Find Images You Can Use on Your Site

Scott Ellis: Obviously, you can go out to any number of stock photography sites. Some of them are better than others. In general, to me, stock photography just looks all the same, and it’s incredibly boring. On the other hand, and this is something I learned about from you back in the day, was the creative commons license. Now, all of my images, everything I put out there I do the same thing. It is all free for anybody to use, all I want is credit back that I made the image and a link back to my site.

Giovanni Gallucci: Here’s the thing. There’s two things that are nice about that. Number one, 99.9 percent of the people out there aren’t smart enough to go in and look at your EXIF data to see what’s in there. Part of the benefit of utilizing that and putting your copyright information in there and stuff like that is that, if someone steals your stuff and uses it commercially, Google’s crawling that image and that data, and you’re still getting credit back for having an image on a separate website. That’s number one, and it’s going to be very rare that someone’s going to go in there and even notice that that data’s in there. That’s number one.

Number two, the nice thing about that is that, if someone goes in there and changes EXIF data, it’s the same penalty as if they took off a watermark. You cannot change ownership information on a file. On the creative commons side, you’d be really surprised at the kind of quality you can find these days. If you look at 500px.com, super high-quality stuff. There’s not as much creative commons on there. The photographers on there sell their stuff. If you’ve got something for web usage, you can get a nice hero shot for maybe $25, $50. Even to someone who’s got a company now, sometimes people will balk at $50 per picture. The perceived value of photography has gone through the basement these days.

Cameras are everywhere. I love the democratization of photography because there’s a lot of people that have bonafide skills that, in the past, couldn’t afford the equipment. Now, they can exercise that creativity. You can find plenty of creative commons stuff that can be used commercially on Flickr.

The other thing that I’ll tell you that I do with my clients — I have to be fair and honest about the fact that the clients I tend to work with, whether they’re beverage brands or whatever kind of brands they are, they’re always associated with music, TV, and entertainment, so it’s easy for me to get high-energy stuff from the community.

But one of the things that I do all the time is I’ll find an image on Instagram that I like, and I send a note to the person saying, “Hey, I work with this brand, and saw you got a picture of the brand, would you mind if we used it?”

I have never, ever been turned down. It’s just giving someone the courtesy of asking them before you use it. Number two, making sure that you do it in an email, so you’ve got a paper trail. Depending on the situation, I can’t imagine being declined. If someone declined and wants money, I’d say, “Sorry, I don’t have it. I’m just asking for permission.”

A lot of photographers get worked up and PO’d because, “How dare you ask for my photography and not want to pay me.” They can have that battle. I could care less. While I am a social media marketer, 60, 70 percent of my livelihood is based on creative elements. I could care less. I basically charge by the hour. It’s a different model than what most creatives do.

I used to be a programmer, and that’s how I think. If I’ve got 100,000 images that have been stolen, I’ve got 100,000 images with metadata that point back to my website on the Internet. I’m totally cool with that. I’ve got other things to worry about than to try to fight those battles about getting into contests about whether or not the usage is proper or not.

Scott Ellis: There are actually several sites out there. You mentioned Flickr and 500px. There’s a few others. We’ll put some links in the show notes to different sites that have images that are licensed under the creative commons. You have to be sure to do the creative commons search. Not just every image out there is necessarily a CC image.

Giovanni Gallucci: There are several different creative commons licenses.

Scott Ellis: And there are different licenses. We’ll add some show notes to that to help you guys out in finding images for your blog posts.

Giovanni Gallucci: I just want to be clear that my licenses don’t allow for commercial use in the license itself. What I’ll do is, periodically, I will go four times a year and look on Flickr and on Instagram and find my images that have the most likes on the most engagement. Then I’ll go do an image search on Google for those, and they’ll pop up on five or six different websites. If any of those sites are commercial-based or if they’re advertising driven, I’ll send them a note saying, “Hey, you’re not adhering to the license.”

If it’s blatantly commercial, I’ll send an invoice with it for $150, which is reasonable. It’s the going rate for stock photography. Half the times I just get a check in the mail. The other half the times they hem and haw, and I have them take the photo down. But it’s a little bit of mailbox money, and I can generate $2,000 to $3,000 four times a year by just doing some Google searches and sending out invoices unrequested.

Those people know that they’re wrong, and their two options are either to pay the fee … and I send very nice letters. It’s like, “Hey, you’re using this. It’s not licensed. My stock fee is $150. Here’s an invoice. If you don’t want to pay the invoice, I understand. Please remove the image from your site.” It’s totally cordial. I’ve never had anybody ignore the letters.

Scott Ellis: That’s a great little tip for somebody that has a lot of photography out there and wants to make some money off of it. It is surprisingly easy to find out if somebody else is using your image. If people don’t know, there’s Google image search. You can literally drag an image into the search bar. It will search for that image elsewhere on Google.

Giovanni Gallucci: It will flip it upside down, and backwards, and search for it black and white. It will find all kinds of permutations of your image.

Scott Ellis: You’ll just be able to click on them and see who’s using your stuff. I have caught several people using some of my Michigan dock photography that have just grabbed it and used it. I typically write to them and say, the same thing — I’ve never sent anybody an invoice — but I say, “Hey, this was licensed under the creative commons, at the very least, you need to link back or take it down.” They usually link back.

Giovanni Gallucci: I’m surprised how many people pay the invoice. To be honest, the reason why I started to send the invoice is that it was a negotiation tactic. What I really wanted was either the credit or the image taken down. You send something that’s a terrible solution so that they think you’re compromising with what you really want. What I found out is that, half the time, they just pay the invoice and leave the image up.

Scott Ellis: All the sudden there’s a couple grand in the mailbox. Daddy’s got a new computer.

Giovanni Gallucci: Funding the laptops.

Audience Q&A

Scott Ellis: All right. As a part of every show, we’re going to ask the audience for questions, and we’ve got a few that have come in for Gio about images. We’re going to just jump into this. Gio does not know what these questions are. We’re going to put you on the spot. Hope you’re okay with that.

Giovanni Gallucci: I’m super excited about this.

Scott Ellis: On Google+, Lisa Robertson asks about images. She says, “John says they each need four keyword centric things, a title tag, alt tag, file name, and something else. I always forget the fourth, so what is it?” Anything else from an image SEO standpoint, that really needs to be there?

Giovanni Gallucci: Keywords inside the metadata certainly help. The keywords need to be focused on what that page is about. It’s really critical. Whenever I start showing people, opening up that metadata editor inside the image apps, people’s eyes get big and they think about the stuff.

The first thing you have to caution with is this stuff’s like heroin. You’ve got to be careful about not going and overdoing this stuff. You can literally add 1000 words to a description if you want to that will never be seen by the human eye. It’s only information that’s stored in the file that search engines and bots crawl and read.

It’s super critical that the description and keywords describe what’s in the picture accurately and that they describe the elements that are on the page accurately. For Lisa’s question, I could go through all kinds of things. For me, geography is super critical. All of the events I am doing are regional or local events, and that’s a huge element in the search.

Scott Ellis: Local search in general is a big deal.

Giovanni Gallucci: For me, the GPS data, the latitude and longitude is critical. I would just say that anything that you can add to that image — again, this is like any other SEO best practice. Do not spam. Do not go overboard. Be respectful of the craft, and put in a description that’s three or four sentences long. Put in a caption that is seven to 10 words long.

Scott Ellis: No keyword stuffing, please.

Giovanni Gallucci: No stuffing. It’ll end up biting you just like it bites you whenever you stuff it into a blog post.

Scott Ellis: There you go, Lisa. Your fourth answer was metadata. Start adding it in.

Giovanni Gallucci: Keywords.

Scott Ellis: How important are alt tags, really? From an SEO standpoint?

Giovanni Gallucci: From an SEO perspective, not at all. They have no impact. They may have 0.0001 percent. Alt tags are important for accessibility. I will say that accessibility is important for SEO. From a tertiary standpoint, Google is going to like you and the search engines are going to like you more by having alt tags that are descriptive. Stuffing keywords in them benefit you not at all.

Scott Ellis: Title tags same thing?

Giovanni Gallucci: Same thing. Title tag is something that may or may not display up in a search result. It’s not going to have a big enough impact. This is for images. Title tags on an individual page are still the most important element to have. On images themselves, this is one of those things that there’s not a single thing that if anybody says, “Is it better to do black and white, or color images?” That is in a bucket of stew that has 840 ingredients in it.

Above All Else … What’s Most Important

Giovanni Gallucci: You get these questions all the time where people say, “Is this one thing important?” That one thing itself, if I go in and cut my thumb is that important? No, I’m fine. If I get 1,200 cuts, I’m going to bleed to death. It’s the same thing with SEO. There’s not one thing that if you don’t do it you’re screwed. It is a general habit of having best practices, knowing what the rules are, and it’s super critical that you’re respectful of what Google expects from you.

This sounds counterintuitive, but at the same time, you’re looking for the edges to see what you can do that’s not going to tick someone off. Someone, I mean the Google engineers. You don’t want to tick them off, but you want to push hard enough that it does gain you an advantage. Things like the hashtag thing on Instagram. Just putting metadata inside the images gives you a leg up. Everything else you’ve got to do, the answer is, “Is it important?” It’s all important, and none of it is important.

Scott Ellis: There you go.

Giovanni Gallucci: Best practices are important. And this is so cliché, but it’s the content. It’s the content that matters. All the technical stuff is important. This is what I learned about when I started doing marketing through photography and through video. If you’re so heavily focused on the technical part and you’re not taking care of just creating good content, you’re completely missing the point of it.

Scott Ellis: Yeah, it’s self-defeating.

Giovanni Gallucci: Absolutely.

Scott Ellis: Yeah. All right. Let’s move on because we’ve got two more questions.

Giovanni Gallucci: God, this is taking forever.

Scott Ellis: I know. I talk too much. Lee Piney, also on Google+. He said, “I have often wondered how GBTV,” that’s GeekBeat.tv, not Glenn Beck TV, “uses Hollywood footage in their episodes. Is it a ‘use it ’til we get caught scenario’?” Just real quick, GeekBeat.tv is an online video podcast that Giovanni and I are both involved with as well.

What Constitutes Fair Use?

Giovanni Gallucci: This is touchy.

Scott Ellis: It’s a little bit sensitive, but historically, clips have sometimes been edited into some of the episodes. If you’ve seen an episode, you’ve probably seen little movie snippets in there. I don’t think we’ll be doing that moving forward. It’s not because we were doing anything that was necessarily illegal, but what are the guidelines around that?

Giovanni Gallucci: The guidelines is that you shouldn’t do that.

Scott Ellis: Well, there is that.

Giovanni Gallucci: For the sake of being a little bit transparent, that is something that some people on the team have very strong opinions about, and other people that have control over editing that used to be here were the ones that were just editing and putting the stuff out there. My personal opinion is that you’re just walking through a minefield with that.

I will say that, if at some point in time NBC Universal or Sony Pictures comes out and says, “Hey YouTube, take those 43 videos off the Geek Beat channel,” I wouldn’t be shocked or surprised about that at all. The position that we take is that we’re a news and information channel.

There’s something to be said about that. I think that, because it’s kind of undecided law at this point, I would be a little bit more hesitant than what some other folks in the past have been, putting that content up there. I think that’s easier for me to say because I produce video and photography. I can generate that stuff.

Sometimes, some of the stuff that we need, if we’re doing how to’s and reviews and tech news and stuff like that, PR companies will give us the footage we need for that. Even for movies, you can go to a PR company and say, “Hey, I need a series of clips from this movie,” that they’ve pre-approved that we can use for stuff.

I don’t know all the nitty gritty about how we sourced that information, but Lee’s got a very valid question. The thing that saves us today is that, in the past before we had DMCA, you would just get your face sued off the planet. Today, YouTube has an agreement with all those content holders that they’re the moderator in the middle here.

What they do is, they get a complaint, they just take the video offline. They send us a note saying, “This video is no longer available unless you can prove you have access.” We get those from time to time from stock music and stuff like that, and we have to respond in kind, or we have to pull the video down. The nice thing about it from our perspective is, if it is a do-it-until-we-get-caught scenario, getting caught is not painful like it used to be.

Getting caught is a request to take it down, and Google doesn’t give us the choice. They just take it offline. They’ve got an audio footprint of that episode now, and they won’t allow us to upload it again until we either justify the usage or re-edit it so the offending content is out.

Scott Ellis: Well, there you go, Lee. There’s your answer, and thanks for watching the show. Keep tuning in. There’s going to be more good stuff coming.

Giovanni Gallucci: God, it’s going to be so much better. Did I say that?

DPI Standards

Scott Ellis: I’m not editing that out. All right, last question. From a good friend of mine, Stuart O. — we could really go off on this one for a long time, but we’re going to have to curtail this a little bit. He said, “Is 72 dpi still a relevant standard, or has that changed with broadband, higher resolution screens, and responsive designs?”

Giovanni Gallucci: My short answer would be that with ultra-high def these days, that’s changed. Anything that I would be doing, I always do in 300 dpi, even in the past. Then what ends up happening is that if you’re working in that — and I would assume he’s talking about a photograph — it’s easier for me just from a workflow standpoint to work at 300 dpi.

So we don’t get too much into the weeds for the listeners and the folks that understand that, 72 dpi is the size of image you need to have it show up in a good quality for the Internet for a digital screen. 300 dpi is what you need for your basic format for printing because it requires a lot more information in an image to print an image.

So he’s asking, “Can we still be using 72 dpi, or should we get higher?” Even when you’re looking at things like phones, when you’ve got retina displays on Apple devices, the quality of those things is insanely detailed to some extent. We have a 78″ Samsung in there, and we had people comment that, that TV, the image looked better than real life. It was so vibrant, and the lines were so crisp on that image.

I would suggest that if you have the space and have the processing power, I would do everything as 300 dpi. Save that way. When it gets rendered to the web, you upload that thing to a Squarespace or, if you’ve got the right plugins, a WordPress site or to Flickr or Facebook or anywhere, they’re rendering that down to the highest quality they need or the lowest quality that’s acceptable already for you.

You’re not going to be sending information, especially on the WordPress and Squarespace sites, you won’t be sending images that are too big if you’ve got it configured correctly. You’re always better off having the highest quality to start with and letting the web mush it up and do the damage that it’s going to do in the process. Short answer is I’d go with 300 dpi.

Scott Ellis: I’m not going to get into this. I’m going to link a blog post that I’ve already written on this topic. It can get really long and involved, but there’s a lot of confusion around — and we use it interchangeably because, typically, we’re talking about digital imagery — but there’s dpi versus ppi, print standards versus web standards. There’s a whole bunch of different things that this gets really hairy, really fast. So I’m just going to refer people to a post that we’ve already got out there.

Giovanni Gallucci: My short answer is that I’m looking to generate sufficient quality and to minimize the workflow. I’m not going to go create 14 versions of an image for 14 different uses. I make one, and I send it out. It either gets used properly or not. I don’t have the time to mess around. I don’t have a staff that’s going to sit around and produce multiple versions of an image. That’s why I work just 300 dpi all the time.

Scott Ellis: All right, there you go. Guys, thanks for the questions. Gio, thanks for being on the show today.

Giovanni Gallucci: This has been more fun than I ever could have imagined.

Scott Ellis: Yeah. You’ve never had a better use of an hour of your time.

Giovanni Gallucci: And I’ve never felt closer to you.

Scott Ellis: With that, we’re going to end the show. Thank you, guys, very much. You can find Giovanni at LiveLoudTexas.com. You can also see some of his stuff on GeekBeat.tv. Search him out on the social medias. He’s all over the place, and he does some really good stuff.

Thanks, guys, and we’ll talk to you next week.

Technology Translated is brought to you by the Rainmaker Platform, the complete website solution for content marketers and online entrepreneurs. Find out more and take a free 14-day test drive at Rainmaker.FM/Platform.

Introducing Technology Translated: A Tech Podcast for Non-Techies

This episode of Technology Translated originally appeared on Rainmaker.fm on June 17, 2015

Welcome to “Episode Zero” of Technology Translated. This one’s all about what we’ll be talking about, who this show is for, and what you can expect.

Sponsors & Promotions

Not Just Another WordPress Website.

Discover why over 201,344 bloggers, podcasters, affiliate marketers (and many others) trust StudioPress to build their websites.

Launch your new site today

I’ve been in the technology trenches since 1996. In that time I’ve watched trends ebb and flow, and taken an active roll in using technology to transform the way businesses operate.

In 2008 I decided it was time to hang out my own shingle. I left corporate America and started a consulting business to help small and medium businesses tackle the web. Since then, my guiding mantra’s have been to always be learning, and to be generous with my knowledge.

Through Technology Translated I look forward to you and I continuing (or starting) that journey together.

In this 6-minute episode I’ll discuss:

  • What Technology Translated is going to be
  • Who this podcast is for
  • The show format
  • How to get your technology questions answered
  • What you’ll learn in the first 3 episodes

Listen to Technology Translated below …

The Show Notes

If you’re enjoying the show would love for you to leave us a rating and review on iTunes. If you have a question you want answered on the show, give me a shoutout on Twitter @vsellis and use the hashtag #asktechtrans.

The Transcript

Introducing Technology Translated: A Tech Podcast for Non-Techies

Scott Ellis: This is Rainmaker.FM, the digital marketing podcast network. It’s built on the Rainmaker Platform, which empowers you to build your own digital marketing and sales platform. Start your free, 14-day trial at RainmakerPlatform.com.

On this episode of Technology Translated — we’ll call it episode zero — I’m going to give you a little introduction on what you can expect on the Technology Translated podcast.

What Technology Translated Is Going To Be

What is Technology Translated? It’s a weekly podcast hosted by me, Scott Ellis, delivering technology insights for your business. Basically, I’ll be having on guests and we’ll be walking you through different aspects of technology — how they apply to business — and explaining them in a way that is meant for business people.

Who This Podcast Is for

We’re not really here to explain technology for techies. We’re here to explain technology and applications of technology for business owners and non-techies. The goal is to help you understand things that you may not already understand well enough. To remove myths and misconceptions about technology and things that touch on technology. And to do everything that we can to give you as unfair an advantage in your business over your competitors as possible.

The Show Format and How to Get Your Questions Answered

Coming up, I’ve got several good guests already lined up. The format of the show will be nice and simple. We will basically be doing two-person interviews. At the end of it, we’re going to have a little Q&A session. If you become a fan of the show — if you like what you hear and you’re getting good information out of it — be sure to follow us on social media. You can follow me @vsellis on Twitter. +Scott Ellis on Google Plus. I am also VSELLIS on Facebook and just about everywhere else. We’ll queue up the next week’s guest so that you have a chance to ask questions and get them answered on the show.

What You’ll Learn in the First Three Episodes

Coming up, right out of the gate in episode one, we are going to have @Giovanni Galucci talking about images. Now, you probably already feel like you have a pretty good grip on using images in your content, using them in your blog post. You know that images are important. We’re going to go a little bit deeper on why and where images are important, marketing with images, image SEO and, most important, usage rights.

There are some really interesting tidbits in this interview coming up with Gio about when you can use images. Where to find images you can use. What are the ramifications of using images that you just find on Google or somewhere else if you don’t have the rights to them. You might be surprised. It can be pretty stiff and pretty steep if you get that wrong. You definitely want to tune in and hear what Gio has to say about images.

He’s going to throw a whole bunch of other interesting little nuggets at you too about image optimization. The SEO stuff is particularly interesting. Again, we’re going to put all this stuff into terms that anybody should be able to understand. If we don’t get something right, feel free to call us out on it and we will correct that.

In episode two I have an old friend and co-worker, Johnny Lee, who is now a managing director and forensic investigator at Grant Thornton. He’s going to be talking to us about e-discovery, records retention, and protecting your business. This is going to get a little deeper and a little heavier in terms of the topics that we’ll cover. But it’s going to teach you a few things about a topic that most people don’t really know much, if anything, about.

While SMB (small to medium-sized business) owners don’t typically need to have a huge e-discovery litigation support plan in place, it is something that we should all be aware of and at least understand some of the best practices. In the event that you find yourself in a lawsuit, what are you supposed to do? What can you do? What should you definitely not do? Johnny is a super-nice, super-smart, very articulate guy. He’s going to walk us through some of those things as they pertain to SMB’s. If you’re interested in protecting your business, don’t miss episode two.

Coming up on episode three, my buddy John B is going to join us. John is going to be talking about website hosting. While this is not necessarily the sexiest topic out there, it is one that has huge implications for any business that operates online. You guys know, if you’re fans of Copyblogger, that most of us have our stuff on the Synthesis Network or on the Rainmaker Platform.

John’s going to walk us through a myriad of options. When to choose which option and make sure that we all understand 1) how the hosting game really works, and 2) how to make the best choice for our business or the type of website that we have and make sure that the host that we choose is providing the best solution for us. He’s got some interesting insights. There’s probably going to be some things in here that you don’t know about hosting that may make you re-think the hosting decisions you’ve made. I would definitely tune into that one as well.

Beyond that, we’ve got a whole lineup of guests. We’re going to be coming at you once a week. I hope you guys can join us. I hope you enjoy Technology Translated. Tell me what you want to learn more about. I will find the guests. I will grill them on the show for you. As always, we’re going to be queuing up the next week’s guests so that you have a chance to ask questions and get an answer on the show.

I’m your host Scott Ellis. Look forward to seeing you guys online.

Technology Translated is brought to you by the Rainmaker Platform, the complete website solution for content marketers and online entrepreneurs. Find out more and take a free, 14-day test-drive at RainmakerPlatform.com.