Tips for Selling to Higher Ed

Posted on May 16, 2013 by mike — 4 Comments ↓

or: selling to any customer; or: a post where I get to use a large amount of GIFs

I had a vendor call me this week, hawking their CMS product.

That in itself is nothing new. I’ve always received vendor and sales calls in my role as running the web at several different institutions. When I got a promotion last year to manage our creative team, the calls increased tenfold. For the most part, I try to be polite and friendly, listening to at least a bit of the pitch and being honest.

If you want to sell to me and people like me in not just higher ed, but in any role, here are a few tips I’ve found to be helpful.

Don’t slag my current product

You know nothing, Jon Snow.

When this starts, I say “oh, I’ve got another call, can I call you back?”

We didn’t pick our current CMS by accident. We knew its pros and cons before we made a choice. We tested, reviewed and examined just about every CMS in the market. We made our choice, we built our sites. We’re committed. We obviously have figured out your perceived “scalability and security” concerns, otherwise we wouldn’t be using the product.

@mrichwalsky but how else will they be able to tell you that their CMS is better?

— Donald White (@donbwhite) May 14, 2013

You’d also know from your Salesforce.com notes that I told a different salesperson at your company months ago we had no intentions of switching when we’ve barely finished our conversion.

Tell, better yet, show me how your product will make my life easier.

I’m most likely to pay attention to your product when you show me how it will make my life easier or will solve a need I have.

Attention For example, I’m really interested in mobile products, and we need one, but a whole new platform that doesn’t connect with any of our existing content and will need all sorts of new content generation and content strategy isn’t high on my radar of things to tackle now.

You had my curiosity.

But if your product has lots of nice API backend tools that will plug into my existing content, like Kurogo, now, you have my attention.

Understand our business cycles

Understand there are times of year that are better for us to not only listen to your pitch but actually get funding approval to buy your product.

If you’re selling to admissions, avoid the Spring, especially the time from February 1 to May 1. We’re all laser-focused on getting students to come to our school.

The summer’s slightly slower in higher ed, but know there are fewer people around in general, and approvals, especially if any faculty members are part of the process, are going to take for. ev. er.

If you can, avoid August 1 to September 1. Back to school is nuts. Same goes for Thanksgiving to Christmas. Not only am I running the end of year gauntlet, I so badly want to survive to that holiday break in one piece.

To recap, the best time to reach me is September 1 to November 1. On Tuesdays. From 2-3 p.m.

We can make the government look efficient

Understand that higher education is a land of bureaucracy and red tape.

Take that amount of red tape, and add in some red duct tape and red masking tape, and you’ll start to understand the levels of nightmare we have to live in sometimes.

If we worked in a small digital agency, or a mom-and-pop brick and mortar shop, we would be able to make quick decisions and get something funded.

When it comes to selling to higher ed, it’s the exact opposite.

There’s paperwork and budget approvals. There are capital requests and depreciation and all sorts of things I don’t understand.

Basically, if I need an approval, assume I will need approval from everyone and then a few more people. If you’re product costs more than $100, assume it’s going to take three times longer than usual.

A quick equation:

TL/DR;

Selling products is hard. Don’t criticize my software choices to help you sell your software. Give me time to get all the approvals on my end. Know there are better times of year to sell me stuff.

Posted in Marketing, Sales

5 Great Commencement Speakers

Posted on May 10, 2013 by mike — No Comments ↓

Photo By Shimer College

It’s Commencement season in higher ed, and while we all scramble to complete the last minute preparations and get our live streams ready to go, I thought I’d take a moment and look back at some great Commencement speakers and their addresses to students.

For the most part, Commencement speakers are boring and often drag out an already long ceremony. I don’t remember my Commencement speaker. I think my wife had the guy that invented “The Club.” Remember that thing?

Here are a few people that gave interesting and thought-provoking addresses.

1. David McCullough – Wellesley High School

Ok, it’s a high school graduation, but a great message.

“None of this day-seizing, though, this YLOOing, should be interpreted as license for self-indulgence. Like accolades ought to be, the fulfilled life is a consequence, a gratifying byproduct. It’s what happens when you’re thinking about more important things. Climb the mountain not to plant your flag, but to embrace the challenge, enjoy the air and behold the view. Climb it so you can see the world, not so the world can see you.”

2. Neil Gaiman – University of the Arts

3. David Foster Wallace – Kenyon College

This one’s different because it’s been taken from its original form and made into a movie that really puts guts behind Wallace’s words. You can listen to his full address here or purchase a book version at Amazon.

4. Randy Pausch – Carnegie Mellon University

His “Last Lecture” will go down as one of the most moving speeches ever, but this commencement address given in 2008 is still powerful and touching.

5. Steve Jobs – Stanford University

This is Jobs at his most reflective and contemplative. I wish he was still around.

HighEdWebTech named top 50 higher ed IT blog

Posted on May 6, 2013 by mike — 1 Comment ↓

Thank you, EdTech magazine, for naming this site of the top 50 higher ed IT blogs. I very much appreciate the honor. From their site:

At EdTech, we strive to create the most valuable resources for higher education technology professionals. One of the ways we do that is by highlighting the smartest and most innovative education tech bloggers on the web.

My title may say creative director, but I’m a tech guy through and through and I really appreciate this. Now that admission season was wrapped up and we’ve launched our $100 million capital campaign, I’ll have more time to blog. Promise.

Tagged with: EdTech
Posted in Marketing

5 ways to secure WordPress easily

Posted on April 15, 2013 by mike — 3 Comments ↓

If you haven’t seen the news, there’s a massive attack going on against non secure WordPress sites. Sites are being hammered with requests to log in and once a match is found, the site becomes part of a massive botnet. From the Ars story:

The unknown people behind the highly distributed attack are using more than 90,000 IP addresses to brute-force crack administrative credentials of vulnerable WordPress systems, researchers from at least three Web hosting services reported. At least one company warned that the attackers may be in the process of building a “botnet” of infected computers that’s vastly stronger and more destructive than those available today. That’s because the servers have bandwidth connections that are typically tens, hundreds, or even thousands of times faster than botnets made of infected machines in homes and small businesses.

So, what can you do to build a secure WordPress installation? A few things.

1. Get the Better WP Security plugin
This plugin by Chris Wiegman gives you a ton of options to better secure WordPress, including interesting features like turning off your WP admin area during certain parts of the day. Grab the plugin from the WordPress repository here.

2. Use strong passwords
WordPress likes strong passwords, but make sure you have many users or a multisite setup, you should require all levels of users to use strong passwords. If you are generating passwords when you add a new WP user, use a strong one. I use this site often to generate random keys and passwords.

Why are strong passwords important? Let’s look at three potential passwords: doctor1, 6TrSB45aO6 and bl+4NF=(N35+ixq.

We should immediately not use the doctor1 code as its based on a dictionary word. If we use WolframAlpha to analyze this password, it returns that it’s a very weak password and this data:

number of passwords | ~~ 2^36~~78.36 billion time to enumerate | ~~ 9.07 days (at 100000 passwords per second) password entropy | 36.19 bits

For the password 6TrSB45aO6, WolframAlpha calls this password very strong.

number of passwords | ~~ 2^57~~174.9 quadrillion time to enumerate | ~~ 55456 years (at 100000 passwords per second) password entropy | 57.28 bits

55,000 years to enumerate compared to 9 days on the last password, that’s pretty good. Let’s run the last one.

WA calls bl+4NF=(N35+ixq a very strong password and gives this data:

number of passwords | ~~ 2^98~~3.953×10^29 time to enumerate | ~~ 125.3 quadrillion years (at 100000 passwords per second) password entropy | 98.32 bits

Where it took 55,000 years last time, now it takes 125.3 quadrillion years. Can you even comprehend that number, and that’s trying 100,000 passwords a second. That’s a strong password.

3. Use a password manager
But Mike, you’re saying, how can I remember a password like bl+4NF=(N35+ixq? Easy. Use a password manager. This one isn’t directly related to a secure WordPress, but if you create yourself a 40 character password, you’ll be safe. How safe? Let’s run one through WolframAlpha. Let’s use this one:

FJpJi28pcAafzrt:Z9RSeb0kfRhszb.(0P]cN9LV

At 100,000 passwords a second, that one would take 2.669×10^66 years. I’m not even sure how many zeros that number would have. A lot.

I use 1password and all my passwords are 50 characters, for everything. It’s a bit pricey, but I was able to find a half-off coupon on the web pretty easily. What’s nice is that you can store your passwords securely in Dropbox and have all your passwords at home, the office and so on. LastPass is another good alternative.

4. Remove your admin user and change your database prefix
Many times, when you set up WordPress, the admin user is made by default. This is fine at first, but immediately create a new user, give that user administrative powers and remove the admin user. That’s a common target for hackers.

It’s good WordPress security practice to rename your tables from the default titles, because hackers often look for installs that haven’t been changed, and can write their malware to look for tables named in most cases the default, such as wp_usermeta.

The best time to change it is when you’re first installing WordPress, but it is possible to do it after. I’d recommend using a plugin like Better WP Security. It will do the heavy lifting for you. But if you’re feeling adventurous, you can do it manually, by adding this line to your wp-config.php file:

$table_prefix  = 'wp_2f2fss_';

You can make it whatever you like, just make sure you end it with an underscore. The next step is to rename your real database tables. This is slightly more tricky if you don’t have access to the database itself or something my PHPMySQL admin. You can learn more about this process here.

5. Add another layer of authentication to your site
For several months, I’ve used Google’s Authenticator app to sign into all of Google’s products as well as other sites that support it like Dropbox.

While it’s a pain to enter in one more piece of data, it’s as easy as copying the information from your phone, which is something we all have with us 24/7. When you login to Google, you’re asked for a 6 digit code, which you can have texted or called to you or use the Google Authenticator app, which gives you the code to enter.

On your phone, it looks like this:

There’s a WordPress plugin you can install to add this level of 2-factor authentication to your blog. The setup takes just a few moments. That screen looks like:

That QR code there? Just take a picture of it with the Authenticator app and it knows all it needs to know to start generating keys for you. Once you’re all set, your WordPress login screen will look like this:

That, friends, is a pretty secure WordPress setup. Chances are very slim to none someone is going to crack both your strong password and the code generated by Google.

Posted in PHP, Security, spam, wordpress

What Can Higher Ed Learn from JC Penney’s Failure?

Posted on April 10, 2013 by mike — 1 Comment ↓

I was reading Dan Frommer’s blog today and read this thought he had on the (failed) turn-around at JC Penney, led by a veteran of Apple’s retail program.

He said something about big box retail and big business that we in higher ed would be smart to heed. From the post:

Instead of trying to rescue a dying American heritage brand — one that probably deserves what’s coming to it — he could have spent the last year building his own. Instead of trying to fix Honeywell, he could have built Nest. Instead of trying to make a gauche mall store cool again, he could have rented out a few empty Blockbusters and done something interesting.

This easily applies to higher ed as well.

Are we spending too much energy to fix the legacy issues and challenges associated with higher education and missing out on the new opportunities?

Sure, some of our higher ed institutions are involved with MOOCs and Coursera, but thousands and thousands of smaller institutions are not.

What are they going to do? Are they going to try to fix the dying brand or build Nest?

Tagged with: Coursera, JC Penney, MOOC, online learning
Posted in Communications