Emoji test: ?
It’s snowing. On April 6th. This is _not_ April weather. ❄️
Cross-post test.
Hello Micro.Blog
This is the second installment in a periodic series about my efforts to launch RelaNet, my business that provides websites for accountants, along with other online services like email and client portals.
First things first: I have my first RelaNet customer! And I must say, the exclamation point at the end of the last sentence doesn’t do justice to my excitement. In addition to providing my first bit of revenue (sweet, sweet revenue!), this first customer should provide my plans for RelaNet with a healthy reality check. As they say, no business plan survives first contact with the customer, and I’m sure that my plans for RelaNet will be no different. I expect that my conversations with this first customer will prove educational as I discover what was important (and not important) to his decision to buy.
So how did my new customer learn about RelaNet? Turns out he found it through some ads that I placed on Facebook. I’ll write more about my advertising efforts in a future blog post, but today I want to write about the email marketing effort that those Facebook ads support.
Email Marketing
I made the decision early on to rely on email marketing as my main form of customer acquisition for RelaNet. I may in the future use other forms like cold calling, but email marketing provides a few advantages that make it appealing.
First and foremost, once the structure for email marketing is set up, it doesn’t require constant tending. The ads keep running, the downloads keep delivering, and the autoresponders keep responding. Once set in motion, the machine sort of runs itself, which frees me to attend to other business functions.
Second, because my email marketing effort is opt-in, it gives potential customers a sense of control. (I might in the future use targeted cold emails to reach potential customers, but if someone gets more than one marketing email from me, it’s because he or she requested it.) This sense of control, I think, puts recipients of my email in the proper frame of mind to be receptive to my marketing message.
Finally, the nature of email marketing gives me repeated opportunities to make contact with prospects before asking for the sale. With these repeated contacts, I have the chance to establish the beginnings of a relationship with the prospect, educate him or her (establishing my expertise and authority), and provide repeated value (building trust). I also get the chance to teach the prospect’s email provider that my emails don’t belong in the spam or promotions folder (since the prospective customer is opening and hopefully replying to my emails).
Technology
In order to use email marketing you need at least two things: a list of email addresses, and an email service. We’ll save list building for a future post, but I do want to talk today about email providers, because I’ve tried several different services over the years.
I started, as I think most people do, with MailChimp. For reasons I won’t get into here, I’ve had bad experiences with MailChimp in the past, but their service is perfectly suitable for a simple mailing list where you periodically send the same message to your entire list.
As I learned more about email marketing and what you can do with it, I sought out a more sophisticated tool with greater capabilities, which led me to ConvertKit. ConvertKit is an excellent tool that makes it easy to deliver downloadable content, segment your list with tags, and then deliver content based on those tags. I never found anything that I couldn’t do with ConvertKit, but at the same time nothing was quite as easy as I thought it should be. In particular, there was a lot of friction in setting up email workflows like “If the user has Tag X, send Email A; but if he doesn’t, send email B.” It could be done. It just wasn’t easy.
With that as background, I went searching for a new email automation tool to use for RelaNet. The tool I decided on is Drip. I chose Drip because it has an excellent reputation and has the same sophisticated tagging and segmenting capabilities of ConvertKit, but also has a truly remarkable visual workflow editor that makes it easy to take actions based on criteria of your choosing. The workflow editor is the “secret sauce” of their service. It essentially provides a primitive programming language that makes it easy to create different sequences of emails for different members of your list. I’ve been using Drip for several weeks now and I’m really impressed. If you have plans to do anything more than send the same email to your entire list, I recommend you check it out.
So that’s the strategy and technology. Next time I’ll get more into the actual sequences I’m using and how I’m segmenting subscribers to my mailing list.
In case you haven’t seen me mention it on Twitter or heard me talk about it on Release Notes, RelaNet is my new business that provides domains, websites, email, secure client portals, and more to small accounting firms. I call it “managed online services,” but you might just think of it as a full-service one-stop-shop for all the services a small accounting firm needs to market themselves online and protect their clients’ information.
I’ve been working on RelaNet for several months now. I have all the technical assets prepared, and I had a soft launch in February, so Stage 1 is complete. Today I begin Stage 2 and make a concerted effort to find customers and achieve profitability. Easier said than done, I know, but I do have some plans to help me reach my goals.
First and foremost, I plan to apply some of the lessons I’ve learned by studying independent web businesses over the past few years. Small bootstrapped software-as-a-service (“SaaS”) companies and infoproduct businesses have developed a lot of strategies to effectively use email marketing that remain relatively unknown and unused in the iOS circles that I usually travel in. I hope to apply some of those strategies to convert people on my mailing list into paying customers.
Second, I plan to take advantage of my expectation that the average RelaNet customer will be more than an order of magnitude more profitable than my most profitable iOS customers. Price points on iOS are relatively low, and the resulting low lifetime value of my iOS customers has limited my options in acquiring new customers. Since the expected lifetime value of a RelaNet customer is much higher than my iOS customers, advertising has become a reasonable proposition for this new business. I plan to take advantage of this by launching Facebook ads immediately, and I might even consider other advertising options like Google AdWords or event sponsorship in the future.
Finally I plan to try something I’ve never attempted before: a true sales effort. Not marketing, mind you, but real sales. Identifying prospects, making cold calls, the whole nine yards. I’ve never done anything like this before, so I have a lot to learn. After I learn a more, I’ll have to evaluate how (and whether) to implement this part of the plan.
So I’ve got a lot of ideas for marketing RelaNet and attracting new customers. My plan is to blog my progress in these efforts over the next weeks and months, explaining what I did, why I did it, what worked, and what didn’t. My hope is that these blog posts will prove both interesting and valuable to other bootstrapped business owners who have little experience with marketing, but know they need to learn more.
Next time I’ll share my progress on what I’m working on at the moment: preparing lead magnets to attract people to my mailing list, and setting up email auto responders. Wish me luck.
P.S. If your accountant’s website sucks, or if your accountant tries to share sensitive information in an insecure way (like email), do me a favor and tell him or her about RelaNet. Thanks.
While I was busy setting up my new router for my whole home VPN, I took advantage of that opportunity to make a few other changes to my network in order to make it more secure. In particular, I created a new WiFi network to be used exclusively by so called “Internet of Things” (IoT) devices in my home.
If you’ve been paying attention to tech news, you’ve probably seen reports of IoT devices being hacked en masse. Everything from thermostats, to lightbulbs, to electrical switches, to refrigerators have been reported as hacked and turned against their intended purpose. Results have reportedly included a refrigerator that is used as a spam gateway, electrical switches that have been turned into a botnet for DDOS attacks, and lightbulbs that expose their owners WiFi passwords.
To put it mildly, IoT devices have a horrible security reputation and are generally regarded as some of the least secure devices likely to be attached to a home network. To make things worse, once one IoT device is compromised on your network, it often begins probing other network attached devices looking for weaknesses that it can exploit. That’s bad enough when those other devices are other lightbulbs, but it could be catastrophic if your desktop computer was compromised. In that case, sensitive personal information saved on your computer could be exposed, and your personal contact list could be used to further propagate malware to everyone you know.
Despite their horrible security, IoT devices are really handy. I like being able to check my thermostat while away, and have lamps automatically turn on at sunset. So if I’m not willing to get rid of the IoT things in my home, how can I at least mitigate the damage they can do? It turns out that there is one thing you can do that will dramatically improve the security of your home network – segregate IoT devices from other computers on your network.
Segregating your IoT devices doesn’t have to be something as complicated as creating a separate subnet and messing with routing tables. In fact most modern routers have tools built-in to segregate untrusted network devices onto their own “guest network.” So what I did was create a separate guest WiFi network for the exclusive use of IoT devices. Now if one of my devices gets hacked, at least they won’t be able to reach really important devices like my desktop computer and backup server. At worst, they will be able to infect other IoT devices on my network.
If you follow this advice on your own network, I suggest you enable “AP Isolation” mode on your guest network, if it is available. This mode restricts devices attached to the network from being able to talk to each other. Instead, they can only reach the Internet. This further protects devices on your network and prevents your lightbulb from hacking into your electrical switch, for example. (Lightbulbs hacking into electrical switches – What a world we live in!)
A few days ago, I was browsing Twitter (as I am wont to do) and came across a tweet from the ACLU publicizing their statement opposing a Senate resolution that would allow Internet service providers (ISP) to sell customer browsing data without the customer’s permission. Unsurprisingly, selling your browsing data is something that the big ISPs have been wanting to do for years. This proposal would give them that ability and more, since they wouldn’t even have to ask the customer’s permission. Instead, they could just comb their logs for browsing data, sell it to the highest bidder, and reap the profits. Easy money.
Now I’m not going to dive into the politics of all this. You may feel it’s perfectly OK for ISPs to engage in this sort of behavior, and that’s fine. I, however, am totally creeped out by the prospect. Although SSL/TLS (aka “HTTPS”) may keep the content of my browsing secure from the prying eyes of my ISP, they still know which websites I visit – they have to in order to route my packets to their destination – and they can learn a lot from just that information. My ISP knows about that vacation I’m planning from my research of area attractions. (I’m sure airlines, car rental companies, and hotels would love that information so they could target me with ads.) My ISP learns about that unfortunate medical diagnosis from the sudden uptick in visits to medical websites like WebMD. (I bet my insurer and potential employers would be interested in that.) They can even tell my political leanings from the candidates I research and news outlets I frequent. (Truly dangerous information in some parts of the world.) So, long story short, I realized that although I may not be able to keep my ISP from tracking my packets, I can make that information worthless by using a virtual private network (VPN).
A VPN acts as an encrypted data tunnel connecting me to a remote server. I basically become part of the VPN provider’s network. Of particular interest to me, a VPN effectively hides the destination of internet traffic travelling over it from intermediaries. In other words, my ISP knows that there is traffic leaving my home, but it can’t see where it is going. All it can know is that the data is going to my VPN provider, and from there it doesn’t know to where the packets are routed. And since VPN traffic is (almost always) encrypted, a VPN also prevents my ISP from examining the content of my traffic – even traffic that isn’t protected by SSL/TLS.
So I knew that I wanted a VPN service, but I also knew that I didn’t want it to be a hassle. I didn’t want to have to log in, or flip a switch or do anything else every time I wanted to jump on the web, because I knew I wouldn’t do it due to the inconvenience. And as I discovered, the best way to do that was in the router. Now lots of modern routers will act as a VPN server, allowing you to create a VPN from the coffee shop you’re sitting in to your home in order to protect your web browsing from the untrustworthy barrista that just served you. Significantly fewer routers will act as a VPN client, routing outbound traffic to another VPN server. The distinction may seem minor, but it’s significant. I needed a router that has a VPN client mode.
The decision to use the router as a VPN client also imposed some other requirements upon me. As I mentioned above, VPN connections are typically encrypted, and although the overhead attached to encrypting and decrypting traffic isn’t too taxing for the CPU of a desktop or even mobile device, routers typically have CPUs that pale in comparison. So I needed a router with a (relatively) beefy CPU and plenty of of RAM.
After some research, what I settled on is the RT-AC88U router from Asus. It’s got 802.11ac wifi, gigabit ethernet, and is universally praised in reviews for its excellent wireless range. (It’s also ugly as sin, but we can’t have everything.) Of particular importance to my application, it has a fast dual-core CPU (by router standards) and double the RAM of many other models. Both of which help it stand up to the task of encrypting and decrypting a house-full of Internet traffic. The RT-AC88U also has a VPN client mode built into its firmware, which is a plus since I didn’t really want to have to flash it with custom firmware like DD-WRT. (DD-WRT is great, but I’m at a point in my life where I like my technology to just work without all the fiddling.)
So – step 1 – I bought an RT-AC88U and set it up like a regular router. I got the wifi set up, I mapped the few static IP addresses that I needed, and generally got my network back to a working state (without worrying about the VPN for the moment). The only big surprise at this step was how awesome this router is with wifi coverage. It completely puts the 5th generation Airport Extreme that it replaced to shame. Seriously, I can’t emphasize enough what a difference this made to areas of my home that previously had borderline signal quality. I am totally impressed by this Asus router.
If step 2 of my plan was getting the router set up as a VPN client, then step 2a was to select a VPN service, because it does no good to have a VPN client if you have nothing to connect it to. I did some more research, I read reviews from The Wirecutter, PC Magazine, Ars Technica, and more. The only consensus I could find for the best VPN service, is that there is no consensus on the best VPN service. I ended up going with Private Internet Access (which I will from here on refer to as “PIA” because their name is annoying) because it was recommended to me, it generally receives pretty good reviews online, and because it covered all the features I was most interested in, namely reasonable cost, speed, provided protocols (specifically OpenVPN), and a “no logging” policy for traffic crossing its network. (Permitting peer-to-peer file sharing and geo-masking wasn’t really an issue for me since I don’t download torrents and I don’t need to trick Netflix into thinking I live somewhere else. They might be issues for you, though.)
Once I had subscribed to PIA, it was time to actually set up the router to use the service. And this is where it all went pear shaped. You see, despite thoroughly researching routers, and thoroughly researching VPN services, I had failed to do any research at all on combinations of routers and VPN services. Turns out that was a mistake and it cost me lots of time. As I learned, most VPN services are geared towards consumers that want to connect their laptop to a VPN while they are at a coffee shop. Most VPN services have easy-to-use software for both desktop and mobile operating systems that makes it a breeze to connect a single machine to their VPN. But a router is most definitely not a general purpose computer. The software that makes it easy to connect your laptop to a particular VPN service won’t do you any good at all when it comes time to connect your router. In fact, many VPN services don’t bother documenting or supporting router connections to their service. Of those that do, most (including PIA) only support the most common third-party firmware like DD-WRT and sometimes Tomato. In particular, very few VPN services support connecting from routers running the stock Asus firmware that came loaded on my RT-AC88U, even though it was capable of such a connection. (A notable exception that was brought to my attention after the fact: Express VPN which offers setup tutorials for a number different stock router firmware.)
After much searching, I found very little information about setting up stock Asus firmware with PIA. In fact I found so little that I was resigned to installing DD-WRT. So then I started researching how to use the DD-WRT firmware with my RT-AC88U and found that recent builds of DD-WRT were having various stability problems on the RT-AC88U. Since an unstable router sounds like just about the most frustrating thing I can think of, I kept looking, and discovered Merlin.
The Asuswrt-Merlin project (which I will from here on refer to as simply “Merlin” because “Assuwrt-Merlin” is quite a mouthful, and because “Merlin” is a much cooler name) is an enhanced version of the stock Asus router firmware. Based on Asus’ opensource code, and enhanced with bugfixes and other minor features, Merlin strikes a very nice middle ground between the ease of use of the stock Asus firmware and the complexity (and flexibility) available in custom firmware like DD-WRT. Consider it Microsoft PowerToys for Asus routers.
Merlin is very easy to install. I just downloaded the most recent build for the RT-AC88U from the Merlin download page, verified the file’s SHA256 signature, and uploaded it through the router’s administration panel. About three minutes later, my router rebooted with the new, enhanced firmware.
As for configuring the router’s VPN for PIA, I found very little help. PIA has an explicitly unsupported help document that’s a few versions out of date. I also found a helpful thread on SNBForums that appears to be periodically updated, but was still out of date as of this writing. For the benefit of those that find this post through the magic of Google, I am including below a screenshot of the final settings that got Merlin (Asuswrt-Merlin version 380.65) working with PIA. Note that after setting all options on main page, you need to click the “Content modification of Keys & Certificates” link (in the Authorization Mode row) to enter PIA Certificate Authority cert that you can download directly from PIA.
After configuring and enabling the VPN, I appeared to the various IP address geolocation services online as coming from somewhere in Kansas, rather than my own home in Indiana. They also report my ISP as Choopa, LLC rather than Comcast. So mission accomplished.
You might wonder how installing the VPS affected my Internet speed. I wondered too, so I did a little comparison. Without the VPN enabled, I get 89 Mbps down and 12 Mbps up. With the VPS enabled, I get 48 Mbps down and 11 Mbps up. (All speed scores are from Ookla Speedtest.) Most of that loss in speed I attribute to the overhead of my router handling the VPN encryption, however I have no data to back that up. In practice, I find that the speed hit is not noticeable in everyday web browsing, so I find it a small price to pay for privacy. (Although I may eat those words next time I have to download a large Xcode beta.)
So that’s it. I hope that others out there find this helpful. If you end up using this post to connect your own router to a VPN, I’d love to hear about it.