Business thinking not ICT thinking should be driving your business.

capsuleIt is the old chestnut, an all inclusive chicken or egg scenario.

Is business driving ICT or is ICT driving business?

If you look around the business world there are combinations of both, there are groups who swear by one version over the other, but which is the better way to go.

From our perspective and experience, the most successful business are the ones who are driving their ICT investment and making sure that that investment has a decent return. A relatively short return on investment (ROI) will ensure better productivity, better revenue and higher profits.

There is a special breed of people in the work force who have been trained to understand both the business components required for business success and the ICT infrastructure that needs to be put in place to make it happen.

These people are the ones who can take a successful business from scratch and promote it into the stratosphere.   These people, whether they have been formally trained through degrees and diplomas, or have learned in the school of hard knocks on the street are worth their weight in gold.

They analyse the business requirements prior to implementing any ICT requirements.   These people are hard to find and from a small and medium business and not for profit organisation perspective can be exceedingly expensive and very had to justify.

We work heavily in the not for profit area within our managed services portfolio.   We understand that they have little money to spend, little expertise in the ICT requirements area, but they need a higher ROI than most businesses.

The mantra for most NFP is to bring money in and then spend as much of it as possible on the cause that they are passionate about.   We understand this mantra and work around it to bring in innovated ideas and support packages that are tailor made for their business.

Talking from experience, you can not put forward a managed services proposal to an NFP that has lots of zeroes without justifying their investment.   You cannot say that they need to replace everything with the newest, fastest, or shiniest because that is how YOU make your money.

You can however, justify a one monthly cost, all inclusive managed services contract that will benefit their business, but you have to prove it with testimonials.  A well thought out proposal that includes initial investment, monthly cost and quantifiable deliverables will ensure a CEO or director at least looks at it.

On the other side of the coin there are businesses out there who have invested heavily in technology but have not had a definitive direction to go in.   These business are the ones who jump into new technology because it is the newest bleeding edge system, it has the computing power of a low level data centre but when used in their business is probably only being used for basic calculations and email.   Yes it is faster at these processes, but why the significant investment.

These are businesses who invest in cloud computing without an decent ICT strategy, they spend money on technology without the benefit of a defined ROI and they wonder why they do not have the money to make payroll.

There is also a third group of companies, these are the ones who have invested heavily in technology because they are improving, programming and then on selling this improvement to their clients.   These businesses have a need to invest in the required technology because it is a part of their business.

They invest in it, hopefully, because it has been though through and they have a definitive ROI for the investment.   For them it is no use delivering the best database product if it has not been tested on the newest and best systems available just because their clients have made that investment.

So to refine what I am saying, yes, you need to invest in your business technology but that technology has to fit your business requirement, it has to have a definitive ROI and furthermore it has to be part of your business plan and your future.

Don’t let your ICT and technology drive your business otherwise it could drive it into the ground.

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   Rapid Restart Appliance Creator.   He is a Speaker, Author, Teacher and Educator on cybercrime and how to protect yourself from the digital world. 

Just relying on security technology can damage your business!

Man standing with laptop and wifi antennaNearly every day you hear about another security threat spreading across the internet. As a small or medium business, or a not for profit organisation (SME) how vulnerable are you to these threats?

SME’s are connecting to the internet in record numbers to support improved and greater market opportunities, to increase productivity and to strengthen communications with staff, management, customers and suppliers. The problem is, the more you open your network and business to the internet the more your confidential business information and data is at risk.

So you think you are too small to be a target?

Think again, if you use Microsoft software then you are a target by default. Microsoft is not bad but it has the largest market share, therefore any released virus, worm or application created by a hacker can achieve more with less. These programs spread rapidly and inflict damage on a global scale and you, as an SME can be caught in their net.

Security threats are constantly emerging and evolving, the job of securing your business information becomes all consuming. Little jobs take time – updating and checking anti-virus, patching and updating operating systems and applications, checking firewalls with renewed rules and policies are a critical requirement of your business risk analysis.

They still have to be done regularly.

The importance of checking these components in a timely manner cannot be underestimated. Consider the cost in lost productivity, reputation and non-compliance penalties that a breach could visit on your business. Effective security can be costly, time consuming and difficult for SME’s to implement successfully. Skilled security people are often difficult to find and cost prohibitive to have on staff. As a result the job often falls on the technologically savvy staff member who is already snowed under with other ICT matters or their own job to implement security features properly.

Today’s security threats are business size neutral. They leave a SME with the same security challenges as large corporations. The trouble is that SME’s do not have the depth of resources to handle them. This is where a Managed Services Security Providers (MSSP) can be of benefit to your business.

What are the benefits to your business of outsourcing your security?

You can focus on your core business

Outsourcing allows all of your staff to concentrate on revenue generating business initiatives instead of computer, security and infrastructure issues. Having limited IT resources on staff takes business resources away from your core business.

Reduced Cost

Outsourcing security sources provides your business with access to “big business” security protection at an affordable price. The expense is more cost effective than hiring or contracting a security expert and the consistent monthly billing helps ensure security services that you need are available without unforseen hassles and expenses. An integrated and comprehensive solution that can help reduce the expenses of maintenance, upgrades and add on security solutions is a benefit to any business.

24 X 7 (always available) expert security staff.

You’re on staff, in house expert is normally available only during working hours. In most cases your outsourced Security Company can act as an always available security and ICT management department. They can also provide your business with access to an internet security expert without incurring the cost of hiring, training and retaining highly skilled staff.

Gain Customised Service

All MSSP’s have service plans and you can select the service plan that will fit your requirements.

Receive up-to-date protection

Technical security solutions such as firewalls, antivirus software, content filtering solutions, and virtual private networks (VPNs) are far more effective when they are maintained regularly with the latest system updates. Changes to your business resilience and regulatory requirements can also have a detrimental effect on your business stability.

Why R & I ICT Consulting Services is right for you!

How do you know you are getting what you paid for?

  1. Company reputation – see what our clients are saying about us. We have references and referees that you can ask.
  2. Plans and services – we have a comprehensive assortment of plans and services depending on your business requirements and size.
  3. Service Level Agreement – all of our plans and services have a service level agreement incorporated into them so that you know what will be delivered in protecting your business.
  4. Guarantee – We guarantee all of our technicians work with a 100% money back guarantee. We also stick to any pricing that we put forward to you. All projects are priced on a per project basis so that no matter how long it takes it will not cost you anymore. No more “time and materials” projects based on how long is a piece of string that have costs blowing out uncontrollably.
  5. Monthly Reports – we supply monthly reports that are delivered with your next month invoice. We like to prove how much we have done for your business in the last month.

 

Starbucks, free wifi and the bigger security picture!

Recently I had a holiday in Malaysia, the holiday was great but I realised that there is a severe problem with security and the attitude of people in regards to security when we were sitting down for coffee in Starbucks.

Like the rest of the world the Starbuck franchise in Malasia has free wifi, free in such a way that you do not even need to know a username or password to use it.   Now for most people this is great and don’t get me wrong I sometimes use it with a lot of restriction on myself because I know the dangers that can come from it.

While we were having coffee and I was thinking about the problems associated with this level of access these 2 characters walked in and sat down.   I was only taking limited notice of them, but my focused changed when they started to pull out some interesting equipment.   Apart from the laptops, high end HP systems, something that would set me back $4 or 5 K, they also added a couple of USB devices and started to run them up.

I ignored them for about 20 minutes as we were in a family discussion about what and where to eat (very important in our family for some reason) but I glanced over at the screen and all I saw was a graph that looked very similar to wire shark, not only that but it was also logging everything that was going through the WiFi.   I normally use wire shark to track rouge access points within client networks and what I was looking at was similar.

This bought this idea to me

One of the easiest ways for someone to steal all of your corporate information, personal information and client information is for you not to be thinking clearly in this type of environment.   Those two characters would have picked up any information that was transmitted to any website, share-point environment, mail server or CRM that was not SSL protected.   That information is in plain text.  Easy to track and even easier to use.

All information concerning Facebook, LinkedIn, even twitter would have been captured, that included the username and password to get onto the sites.   That information although may not seem important could be used very efficiently as a social engineering play to gain more information and create an in depth profile of you.

Yes free WiFi is great but if you do not have one that is locked down with a pass code then be very carefully with where you are going on your device.

Who is going to keep australia safe online?

Small and medium business and not for profit organizations (SMB) are becoming an easier target than previously understood when it comes to cybercrime. One of the largest problems for these businesses to understand is that they are a very easy target because of their size.

SMB’s do not have the resources or the financial support to spend large amounts of time and money on the protection of their business.   This lack of investment means that they have a “just enough is good enough” attitude to the security of their business, this I am afraid, is false economy.   No matter what the business, the theft of money, clients and / or Intellectual property will have a detrimental effect on the business if not actually putting it out of business.

The introduction of IPv6 in the near future will make the protection of SMB business that much harder.   IPv6 is the next transmission protocol for the Internet and although it is understood by most technical people the basic understanding of the protocol is lost on 99% of the Internet user population.

The introduction of IPv6 as a transmission protocol will make it so much harder to protect your business and your users from the Internet.   The introduction that HAS to be done, IPv4 has already run out of addresses, is being delayed partly because of the security implications of the new protocol.

I really hate it when i have to put calculations into a post, but the primary difference of the transmission protocols is the number of addresses IPv4 has 2 to the power of 32 ( 2 x 2 x 2 (32 times) where IPv6 has 2 to the power of 128 (number of stars in the galaxy plus a couple of billion).

The address pool is huge, but the management of that address pool is going to require some serious computing power and management.   Is that management going to fall on government, industry or someone who is neutral?

I am not going to go into all of the difference but some of them are profound and will have major implications for all users but it will have the biggest effect on Government Departments, defence systems and business infrastructure.   From a technical point of view it will be a vast improvement and some believe that it will speed up the Internet but the down side is also profound.

Security is going to be a major problem.  The proliferation of attack vectors, spyware, malware, viruses and SPAM will mean that SMB’s will be under constant attack.   Is that protection going to fall directly on the shoulders of business to find more expensive or prohibitive security systems, processes and compliance requirements or is there going to be some level of Government  intervention.

I am sorry but I do not have the answer to that question and at the moment, to tell you the truth, I don’t believe that anyone else has either.   Hopefully the powers that be will have an answer in the near future, definitely prior to the global switch, so that everyone is playing on the same field.

MANAGED SERVICES – TAKING OWNERSHIP OF YOUR PROBLEMS

3D Small People - AngryIn business the greatest threat to the information and data within your business is the speed to which you and your staff have access. Problems like everyone’s email not working are a big decision, but it is easy to delegate the repair to either internal teams or external companies. When things go wrong you want them fixed NOW and fixed FAST.

What about the niggly things?  Your user wants to print to the third tray on the printer and cannot, your receptionist wants to send out a letter but the mail merge database is no longer connected.

As a business owner or management level executive you don’t want to triage the problems.  Most of the time the management or staff does not have the time or the expertise to look at and resolve the problem, and often the person with the problem is told to “get over it”.   This is not a good state of affairs.   The problem then festers and grows till it does have a major impact on the business.

The best solution for these problems is to get them fixed.   How can you do that without additional cost to the business?   What you then have is a catch 22 situation.

Wouldn’t it be better just to contact your support company and know that it is all covered under the managed services agreement?
The business world is full of computer support and managed services companies that want your money, now don’t get me wrong we are a managed services company, and a good one at that, just ask our clients.   The difference between the other MSP’s and us is that we take ownership of any and all of your technical problems.

So what is the benefit of being one of our clients?

If you have signed up for out 5Nines support program, especially the platinum plan – trouble free technology – then all of your problems are our problems. Your problems are our problems, we take ownership of any problems or complaints that are generated by your staff during working hours that are related to computers, printers, internet, and email… practically anything.

Unfortunately we have no control over the coffee in the lunch room but for a taste of the problems we will fix:

• My mail is not working = our problem;   solution – remote in or send technician onsite;     Cost to you $0 (covered as part of the Service Level Agreement (SLA)).
• How do I create a mail merge document in word 2003 or 2007 = our problem;  Solution – remote in and talk user through problem and show what needs to be done;               Cost to you $0 (covered under the SLA)
• Helpdesk has noticed that one of the computers is reacting sluggishly = our problem; Solution – remote in and fix problem and then report to management;                  Cost to you $0
• System reports problem with a service on the server = our problem – Solution – dispatch technician;          Cost to you $0
• My computer is not working = our problem; Solution – dispatch a technician with a “loaner computer” then replace and repair;               Cost to you $0

The SLA dictates when they will be seen and response times to problems associated with your network.   They are an agreement between you and the MSP to ensure that you and your technology is protected 24/7.

Service levels should relate to items like these but they also depend on a triage process to ensure that a small problem is not related to a bigger unidentified problem .

• Server crash  = our problem – Technician onsite within 60 Minutes;           Cost to you $0
• Workstation Crash = our problem – Technician onsite within 60 Minutes;           Cost to you $0
• Service down = our problem – Technician working on the problem remotely within 30 Minutes;       Cost to you $0
• Printer problem = our problem – Within 4 hours;          Cost to you $0
• User problem = our problem – Next business day;        Cost to you $0

Finally, for any business there needs to be metrics that are measured and reported on. This is also true about your managed service provider. Daily, weekly and monthly reports on the condition of your infrastructure are important for decision making. To improve your business and ensure that the technology is correct and directed at your business, a quarterly report and meeting should also be included as a standard for your managed service.

As you can see not all managed service providers are the same and it is a case of choosing the right one for your business. R & I ICT Consulting Services can help manage and solve these important IT decisions and leave you with more time to get on with the day to day running of your business.