Our forum for small business managers with IT woes and queries this month includes on the panel:

Roger Horam, UK online for business adviser based in the Edinburgh Chamber of Commerce;
James Tennant, security consultant at Mason Group; Jon Russell, technical director, Aspect Group;
Simon Brown, director, Scalable Networks;
Etienne Greeff, professional services director at MIS CDS,
Dino Wilkinson, solicitor with Kimbells LLP;
Phil Wilcock, CTO, 1E Consulting & Software.

Business Solutions welcomes queries from readers with IT difficulties and will endeavour to publish as many as possible, answered by a varied panel of experts.

I want to trade internationally and and customers for goods. Is there anywhere on the web that can help?

RH: Without knowing your market sector, it is difficult to give a precise answer. The imprecise answer is that the internet is a powerful tool that provides a low-cost "gateway" to global markets. The three areas I would select where the web can assist are: Knowledge: sites such as the Institute of Export can give advice on markets. Sales leads: there are a number of online services providing sales leads specific to your industry. Customer research: there are numerous directories and databases available. Two sites to check out are www.trade partners.gov.uk and globaledge.msu.edu.

· I'm thinking of installing a wireless Lan and shared internet connection for my small office but I've heard people can "piggyback" these and use your network for their own purposes. Before I consider action to take, could you tell me what harm this actually does?

JT: It's true that wireless Lans have several weaknesses which can provide a "way in" for unscrupulous individuals. Not securing your network could be as dangerous as leaving your office door unlocked. Hackers could access the shared connection to obtain free access to the internet or, in extreme cases, access confidential shared files from your network. It's also possible for malicious hackers to launch virus attacks causing undesirable results such as deleting essential data, depriving users of crucial files or even attacking websites. However, by understanding a WLan's vulnerabilities, it is possible to implement security measures to protect your business network and information.

· I have a website but nobody is looking at it and I hear that the old tricks like meta tags don't work any more because of the way search engines work. What can I do?

JR: Meta tags still count but only as part of your site optimisation program. You will also need to look at search engine registration to drive more visitors to your website. However, it is worth noting that both need regular updating to keep ahead of the search engines' changing ranking methods. Page title optimisation, along with good copywriting, also ensures higher scores in search engines' ranking. We also recommend paid-for submissions to at least the top 10 search engines and reciprocal linking where other companies link your site on theirs and vice versa.

· Am I liable for any losses incurred as a result of a virus/hacker attack?

SB: If your firm has been the victim of a "cyber attack" that breaches the Data Protection Act, company directors are personally liable and can face a hefty law suit. The best way to protect against this is to ensure that your company has taken reasonable steps to be secure, for example carrying out regular open standards based security testing.

In terms of monetary losses to your company following an attack, dedicated cyber insurance is available and is specifically designed to cover losses caused by network downtime etc. Very few standard policies cover such risks, so this dedicated cover is highly recommended.

· How can I best protect my company's network from future viruses like the Slammer?

EG: Viruses have traditionally targeted workstations. Slammer wasn't a virus at all in that sense: it targeted a server, then compromised that server and used this as a base to find other vulnerable servers. To ward against application server attacks like the Slammer, the best thing to do is not to connect application servers directly to the internet without a security device. However, if there is no choice the servers should be patched as part of a regular preventative maintenance procedure. This can be complex, as patching often has an impact on the operation of servers, an issue we have seen with a number of our very large customers. In addition, companies should do a much better job of separating their critical infrastructure from the internet. This is very simple to do with firewalls and well set-up routers.