Tom's Analytics

Did I mention that I am afraid of heights?

MarketingSherpa just published a free mini-case study that looks at how Mountain Hardware was able to successfully launch a social network as a supplement to their website.  The article can be found at When a Blog Isn’t Enough: Expanding Customer Interaction with a Branded Social Network.

Although the article is light on details and doesn’t contain any numbers regarding ROI, it does highlight some key practices that are in line with my personal experiences in building social networks:

Find a good partner: Mountain Hardware teamed up with White Horse, a digital marketing agency out of Portland.  Judging by their methodology, creative samples (located at the tail of the article and worth reviewing), and reported outcomes, this firm clearly understands how social media works and was able to translate the culture of the Mountain Hardware brand to an extended online audience.

Don’t reinvent the wheel: Mountain Hardware used Ning as their main social networking platform (See the actual site here).  They also leveraged an existing blog, Facebook page, YouTube Channel, Twitter account, and Flickr stream to promote and reinforce the Ning-based social network.  There was no reason for Mountain Hardware, to develop, host, and maintain a codebase that drives a social networking platform.  With Ning, Mountain Hardware has an out-of-the-box solution that is easy to customize, popluate with content, promote, and leverage all of their exisiting online resources.

Spend a few bucks promoting the network: “If you build it, they will come” is not a viable social media strategy.  However, building a highly-targeted PPC keyword campaign to topics and sites that you know your core visitors follow is a cheap and easy way to seed your network.  I like how the article implies that Mountain Hardware used keyword marketing to promote properties outside of their own web site – more organizations should do this!

Content development is more about process than anything else: I’m sure Mountain Hardware generates a lot of content from their product managers, internal bloggers, marketing/PR people, and all of their other external communicators.  Combine this with content that they generated as part of the social network launch and the question becomes one of organization, timing, and flow.  Making sure that content gets placed on appropriate venues and cross-promoted is something that takes a bit of project management.

Email: Mountain Hardware recognized that their email was key component of establishing its online community.

So read the article, check out their properties and creative samples, and get a feel for the mechanics of launching a social network.  Now if only they would publish some statistics that illustrate the impact of this intiative…

As someone who predicted Obama’s victory really, really early (based on U.S. demographic shifts, without any other evidence), yet didn’t publish the prediction anywhere (although I did make a killing on the WSJ’s futures game and was briefly in first place in the Fall of 2008), I want to be sure to publish this prediction here, now (6/7/09):

Twitter gets bought or enters into a major partnership with another firm this Summer (2009), probably by the end of July.

Why? Not monetization, but infrastructure.  They can’t keep the lights on because their platform doesn’t scale.  You can’t hang ads on the Fail Whale.

Who? Obvious money goes on Google.  Nobody does infrastructure as well as they do.  I think a partnership with LinkedIn would also make sense, but then again, my perspective is off because I use Twitter professionally much more than I use it personally.

I know that I am about the 10,000th blogger to speculate on this, but I want to be able to point to this post in the coming weeks when Twitter sells out.

Twitter was hacked this past weekend, and it was a simple as going to http://www.twitter.com/admin/ with the username of “admin” and the password of “Happiness”. “Happiness”? Are you kidding me?

Twitter’s back-end system allowed an unlimited number of attempts and also allowed such a weak password, so Twitter’s development team is partially to blame.

A share of the blame should also go to Twitter’s web analysts. Much like you should set up some type of custom reporting based on server error messages (404′s and 500′s), setting up an alert system and analytics on administrative systems, particularly when it comes to access to those systems, should be a priority for the launch of any site.

However, the majority of the blame should be paced at the feet of the administrator.  Whoever did this is not alone.  A number of years ago I was involved in a site security audit where we essentially ran the following SQL statement (it wasn’t this simple, but you get the idea):

select password, count(password)
from users
group by password
order by count(password) DESC

The results of this on the site (and, I imagine every site) were shocking.  The top positions were held down by passwords such as “password”, “12345″, and the names of cartoon characters.

Factoring in proper nouns, capitalization differences, and prefixes and suffixes, there are only a couple of hundred million passwords that are based on the English language. If the hackers were able to brute-force attack the form at the rate of 10 tries per second, they could exhaust every iteration of every word in English in a month.

If you look at using random letters, numbers, and symbols in a password, the possibilities balloon. A six-character password of this type has over 200 BILLION combinations. At the same rate, it would take a brute-force attack over TEN YEARS to exhaust the possibilities. An eight-character password would take over fifty thousand years! So you can see the power of strong passwords.

To avoid a screw-up of such magnitude with your personal and professional applications, try the following two sites to generate strong passwords (and avoid ones that are actual words):

Automated Password Generator Online: This allows you to set criteria for your potential passwords such as length and character set.

GRC’s Ultra High Security Password Generator: This site generates three types of truly random strings with each page refresh. It also goes into the math of 512-bit encryption.

Good luck and stay safe!