Skip to content
Archived content. You are viewing v2 of SME Digital Advisor — the four-page terms reference (Terms, Translation, Asking, About). Go to current site →

From the community

What SME owners are actually asking about digital.

These twelve topics come from real owner conversations in communities like r/smallbusiness and r/Entrepreneur. They're ranked by how often they come up. Some fall squarely inside this site's scope. Some don't — and we'll say so.

01

SEO and local SEO

Outside our scope

“Is SEO worth it? Why am I invisible on Google? Should I hire someone or is Fiverr enough?”

SEO is a marketing question, not a security one, and we won't pretend to be experts. What we will say: if someone promises you page-one rankings for £200/month, they're probably doing things that will hurt your site long-term. Ask for specifics. If they can't explain what they'll do in plain English, walk away.

02

Google Business Profile / Google Maps

Outside our scope

“Does my Google profile matter more than my website? How do I appear in Maps?”

For local businesses, your Google Business Profile often matters more than your website. It's free, it takes an hour, and it's the first thing customers see. Not our lane — but it's the single highest-ROI digital task most owners haven't done properly.

03

Paid ads vs organic marketing

Outside our scope

“When should I pay for Google Ads? How do I know what's actually driving growth?”

The honest answer: most SMEs should get the basics right (website, Google Business Profile, email follow-up) before spending on ads. When you do spend, track everything — if you can't tell where a lead came from, you can't tell what's working. See topic #9 below.

04

Website basics and conversion

Partially covered

“What kind of website do I need? Does design affect leads? How do I get visitors to actually contact us?”

We don't cover website marketing or design — but we do cover the security side. If your website takes card payments, handles customer data, or has a login, there are baseline security questions you should be asking your developer. The TLS, XSS, and rate limiting entries in the glossary are a starting point.

05

CRM and customer follow-up

Outside our scope

“Do I need a CRM? Which one? How do I stop leads falling through the cracks?”

CRM selection is a business operations decision. The only thing we'd add: whichever tool you choose, make sure you understand who owns the data, whether it's backed up, and what happens to your customer records if you stop paying. Those are the questions most owners forget to ask.

06

Email marketing

Partially covered

“Which platform? How do I automate reminders? How does email fit with everything else?”

We don't cover email marketing strategy. But if you're sending marketing emails from your business domain, the security side matters: SPF, DKIM, and DMARC records are what stop your emails landing in spam — and what stop criminals impersonating your domain. Most SMEs have these misconfigured or missing entirely.

07

AI tools and AI automation

Covered

“Where do I start with AI? Are AI receptionists worth it? What about automating admin?”

AI is useful. AI is also where data leaks, hallucinated answers, and unaudited decisions live. Before adopting any AI tool, know what data it sees, whether it trains on your inputs, and who's accountable when it gets something wrong. The glossary covers LLMs, hallucination, prompt injection, RAG, and AI agents. The EU AI Act entry explains the incoming regulation.

08

Cybersecurity basics

Covered

“Am I too small to be targeted? What are the basics? Where do I start?”

No, you're not too small. Attackers don't target — they scan. If your email has a weak password and no MFA, it doesn't matter whether you have 5 staff or 5,000. This is what this entire site is about. Start with the Terms page and the Translation page. If a technical report has just landed on your desk, the translation examples will help you read it.

09

Marketing attribution and ROI

Outside our scope

“What is actually helping the business grow? I'm spending money but I can't tell what works.”

Attribution — knowing which activity produced which lead — is one of the hardest problems in marketing. At a minimum: use a CRM with a “source” field, put UTM tags on your links, and review monthly. If your marketing agency can't show you a lead-to-sale number, that's a problem.

10

Tool selection and tech stack overwhelm

Partially covered

“Wix or WordPress? HubSpot or Zoho? I have too many tools and no idea what I actually need.”

Every new tool is a new login, a new data location, a new supplier relationship, and a new thing to back up. Before adding a tool, ask: does someone own it? Can we get the data out? What happens if it goes away? Those questions matter more than the feature list. The SaaS, shared responsibility, and tenant definitions cover the concepts behind these decisions.

11

Reviews, reputation, and Maps ranking

Outside our scope

“How important are Google reviews? Can competitors leave fake ones? How do I manage reputation?”

Online reputation is a marketing topic. The only overlap with our world: fake reviews and competitor sabotage occasionally cross into fraud territory, and review platforms are a form of third-party risk. If your business depends on a platform you don't control, that's a single point of failure worth thinking about.

12

The monthly digital dashboard

Partially covered

“What numbers should I actually be looking at every month?”

On the marketing side, that's leads, source, cost-per-lead, and conversion rate. On the security side — which is where we live — it's: how many users are on MFA, when backups were last tested, how many devices are managed, how many old accounts are still active, and when the last phishing simulation ran. If your IT supplier can't produce those five numbers on demand, that's a conversation worth having.

The four questions behind all twelve topics.

“What should I do first?”

For digital marketing: Google Business Profile → basic website → lead tracking → follow-up. For digital security: MFA → backups → patching → incident plan. Both sequences cost almost nothing to start.

“What's worth paying for?”

Owners are rightly wary of agencies, freelancers, and tools that feel overkill. On the security side, the answer is usually: Microsoft 365 Business Premium, a password manager, and — when you're ready — an independent review by someone who isn't your IT supplier.

“How do I know it's working?”

If you can't measure it, you can't manage it. For marketing, that's attribution. For security, it's evidence: dated test results, logs, and a dashboard your supplier sends without being asked.

“What can I safely ignore?”

More than you think. You don't need a SIEM. You probably don't need ISO 27001. You don't need to be on every social platform. Focus on the basics, do them properly, and ignore the rest until the basics are solid.

Where this comes from. These topics are drawn from recurring threads in UK and US small business owner communities (Reddit r/smallbusiness, r/Entrepreneur) during 2024–2025. They are not a statistically representative survey — they're a pattern. The ranking reflects how often each topic appears, not how important it is.

Last reviewed: May 2026.