The Voice for the St. Louis Construction Industry

 
 
Category archive

Technology

All For One Monthly Payment: Beware of the All-You-Can-Eat Buffet of Managed IT Services

in Technology
Joe Balsarotti

A business called me last month, unhappy with their present information technology provider. The why of it isn’t important. What is important is that the business is contemplating a switch – its second such change in three years.

The present tech company signed them up for a “managed service” plan. We’ve discussed that buzzword before; it’s a laundry list of tech bundled together for a monthly fee. In many cases, it’s really a list of things that probably shouldn’t be bundled together. Security software, firewall, backup equipment and cloud storage tossed in with equipment maintenance, software updates and help desk services all in a neat bundle, tied up with a bow and “all for the low monthly price of $$.” It may be a great deal for the vendor, but absolutely not for this client…and probably not for you, either.

As we looked into the business’ setup we found that it doesn’t own its backup appliance and it doesn’t have control of its cloud-based backup data. The business also assumed its firewall was up-to-date. Not so; the vendor had only enabled the basics, not the data-filtering options available on the device that required a subscription to enable. It is relevant to note that even though the customer had been hacked a couple of months ago, it had not engaged the advanced firewall features. Even the endpoint software (formerly known as antivirus software) is billed monthly and the license isn’t in the customer’s name. In other words, the customer’s livelihood is dependent upon rented products and services from its current IT company.

How can a customer disengage from a vendor who isn’t to its liking? Unfortunately, the business customer has to throw money at the problem – unfortunately a lot of money in this case. In order not to get stuck like this again, the business will need to buy endpoint licenses a second time. The initial buy is more expensive than a renewal, but this vendor advised the business customer to cancel its existing licenses, assuring the client that the vendor would simply bundle in the cost with the client’s contract. This probably made for an easy initial sale, but like that old FRAM oil filer ad, “You can pay me now, or pay me later.” In this scenario, the later is a much bigger bill when the customer’s honeymoon with its tech vendor is over.

Because of the bundling, the customer had no idea that its firewall wasn’t being used to its capacity, nor did the client know how involved getting its backup data moved to a device it owns and a service it had control over would be. All of these issues are solvable, but it results in a sizable up-front cost. This story illustrates that the customer’s hands-off approach to the IT firm left it vulnerable because everything moved behind the scenes. Without those pesky old, internal discussions about replacing aged equipment or buying new versions of this or that, as the customer write a monthly check to the tech vendor thinking it was covered, the customer lost touch with the infrastructure its business depends upon.

All in all, we calculated more than $4,000 for this twenty-something-member company, just to undo the mess created by the “all for a low monthly fee” shtick. Beyond that lies the cost to audit the client’s IT network to see what other problems may exist with software licensing, security or network setup and to document and onboard these issues. If the business customer hadn’t been sold on the monthly contract, it would have been in a far better position when it chose to switch tech providers because the software licenses, services and equipment would have been in the customer’s name and it would have possessed keener insight as to what it was paying for.

I understand that managed service is all the rage in the IT world. At conference after conference, managed service is unabashedly sold as how to make money for not doing much. In theory, the vendor automates everything; once an IT vendor creates the defined set of services for its first customer, the pattern is copied for all the rest. If your business is basic, managed services may be a good fit as it does offer predictable costs and basic technology needs are well met. Unfortunately, it can also mean that customers with unique needs, custom software or equipment – or for whom time is more valuable than for an average business – aren’t going to get the level of response they require since those businesses don’t fit the cookie cutter approach.

The nightmare begins when the customer discovers that its vendor is not a good fit, or worse, doesn’t fulfill its obligations. What happens if the IT company goes out of business or is bought by an out-of-town firm and local support evaporates? Is easy budgeting for technical services more important than getting the best product or service for your company’s particular needs? Or, do you need to retain the keys to your own kingdom?

Is your business prepared to pay significant money to move on if something goes badly? Be wary of the all-you-can-eat buffet of managed IT services. Know what elements your business has control over and what you don’t. Know the costs involved beyond the monthly fee and how much a breakup could set your business back.

I welcome your questions or comments at businesstech@software-to-go.com.

Joe Balsarotti is President of Software To Go and is a 37-year veteran of the computer industry, reaching back to the days of the Apple II. Balsarotti served three terms as chairman of the National Federation of Independent Business’ (NFIB) Missouri Leadership Council, as chairman of the Clayton, Missouri Merchant Association for a dozen years, chaired Region VII of the Federal Small Business Regulatory Fairness Board and currently serves on the Advisory Panel of the ASCII Group, an organization of more than 1,000

What’s All This Talk About Encryption?

in Columns/Technology

By Joe Balsarotti

What does the Apple­–FBI fight and the ransom paid by a Hollywood area hospital have in common? Encryption.

The data stored on the Syed Farook’s iPhone and the data at Hollywood Presbyterian Medical Center are both encrypted, the former by design and the latter by malicious hackers.

The lure of privacy and keeping prying eyes away makes encryption a tempting solution, even if no encryption scheme has ever been foolproof. The federal government, through the HIPAA (the Health Insurance Portability and Accountability Act), even wants most patient data encrypted, and yet the FBI wants to break the encryption on mass-murderer Farook’s iPhone.

Encryption is a two-edged sword. It can be used to protect a company’s information, but it can also block a company from getting its own information. When a hard drive fails due to a hardware problem, encrypted information is rarely recoverable. If backups fail, there could be irreparable damage to a business because of the loss. Or, the hardware could be fine, but a disgruntled employee can use readily available tools to encrypt a business’s data and leave the company high and dry.

International organized crime has found encryption to be a very lucrative tool, hence the rise of Cryptolocker and like viruses and malware. “Pay us and you get your data back”; don’t pay and you or your business are at the mercy of having backups with enough versions to extend past when the infection first hit your systems. Of course, that assumes your business *has* backups which have been tested and verified.

Without getting to far into the weeds of the Apple vs. FBI saga, suffice it to say that battle isn’t over encryption, it’s over the iPhone’s setting to destroy it’s data if ten incorrect passcodes are entered. Since today’s computers can easily crack any passcode within a couple of days by trying every combination, the illusion of security in Apple products lie in the balance. Give the FBI a way around the self-destruct and the Apple products are no more secure than anything was before the digital age.

Now, back to the encryption conundrum. Until the digital age, nothing was truly private. Any safe or vault could be picked and any code could be broken, eventually. In the digital age, encryption has become both a blessing and a curse, but there’s no denying that it enables a level of privacy that didn’t even exist  fifty years ago. Those who’ve only lived in the digital age take this privacy as a given and don’t want to see it’s power eroded. Those who remember ‘loose lips sink ships’ know that no information was truly safe in the past, and breaking the other side’s code often meant the difference between life and death.

For a company, encrypting data on mobile devices such as notebooks, tablets, and phones is a prudent move as those devices are easily lost or stolen. However, your data should never be only on such devices. Mobile devices should either have to connect to access the data, via a VPN (Virtual private network), remote access tools like Teamviewer, LogMeIn, or Remote Desktop, or to one of the secure cloud based services. In other words, either store the data stored elsewhere, but have it accessible to your mobile device, or encrypt the mobile copy.

Once important data is encrypted, the key to that data is invaluable. If you as a business owner, encrypt your company data and something happens to you, who on your staff also has the key? If you get hit by the proverberial bus, and no one has the decryption key, how does the business survive without the data you deemed important enough to encrypt in the first place? Restoring a backup won’t help as those backup files would be encrypted and also require the key to be readable. In your personal life, does you family have the keys and passcodes to get into your digital files if you’re incapacitated or no longer around?

Everyone can agree that you should have multiple levels of backups for your business. Whether to encrypt some, all or none of  your company or personal data is a much harder question.

If you’re interested in the specifics of the incidents I mentioned, here are the links:

http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html

http://mashable.com/2016/02/25/apple-vs-fbi-stakes/#3e3nDPE1hsqd

I welcome your questions or comments at businesstech@software-to-go.com

Joe Balsarotti is president of Software To Go and is a 36-year veteran of the computer industry. He served three terms as chairman of the National Federation of Independent Business’ (NFIB) Missouri Leadership Council, served as chairman of the Clayton, Missouri Merchant Association for a dozen years, and chaired Region VII of the Federal Small Business Regulatory Fairness Board. He currently serves on the Dealer Advisory Panel of the ASCII Group, an organization of over 1000 independent computer and technology solution providers in North America.

Do You Have A Plan to Refresh Your Technology?

in Technology
Joe Balsarotti
Joe Balsarotti

It’s hard to believe any business nowadays not being computerized. After all, without a website or at least email, it would be invisible to the vast majority of the public. Even businesses that get their customers solely from referrals have to be able to communicate in a way that customers and prospects prefer.

Those of us old enough remember the switch to computers. It usually started with an accounting system, maybe BPI, Great Plains, Timberline or Accpac. The time spent on finance and accounting went down significantly as adding machine and ledger paper were replaced. Then came word processing and the days of carbon paper were gone. CAD/CAM drastically reduced time to design and reduced errors. Local area networks started becoming commonplace in even small offices and everyone had access to the data without having to wait for someone to get done with ‘the file.’

Back in the very late ‘70s to the early ‘90s, it was easy to justify the expense of computer technology. The benefits went almost immediately to the bottom line, expanding abilities and reducing labor costs. ‘Selling’ management or the owners on buying equipment and software was an easy task. Technology planning meant calling a rep, getting a quote and saying yea or  nay, then starting the whole process again from scratch five to seven years later.

Some years ago, I had the opportunity to meet Dan Bricklin at an industry conference. You’ve probably never heard of him, but you certainly know the results of his invention, Visicalc. Yes, imagine a world before spreadsheets. The digital marriage of a sheet of ledger paper and a calculator was the brainchild of Mr. Bricklin. During his presentation, he was asked one of the best business questions I’ve ever heard at a tech event (tech events tend to be very techie rather than bottom-line oriented) “How did you arrive at a price of $499 for Visicalc?” He replied that those were the days of timeshare computing and that an hour of computer time was expensive. So, he calculated the average three-month cost for timeshare services then worked backwards, subtracting the cost of an Apple II computer, monitor, disk drive and printer. The result was a difference of about five hundred bucks, so $499 became Visicalc’s price.

Bricklin wanted the selling of Visicalc (and everything necessary to use it) to be a no-brainer. Why, after all, would any company want to pay to rent computer time when in just three months they could have their own system free and clear?

Nowadays it seems the benefits of newer technology are much harder to calculate. How much productivity does your business really gain if an older machine takes two more minutes to start up in the morning than a new one would, or printing takes an extra minute? Realistically, is your staff ready at the first minute of the workday or are they getting coffee, arranging their desk or hanging up their coat anyway?

The gains of new technology for businesses seem to have hit an inflection point. Now, it isn’t how much more you’ll gain as much as how much your business could lose by not keeping current. All those columns I’ve written about security, backup, and data loss might be coming to mind for you right now (at least I hope so). Downtime is an expense and a costly one. What price do you pay if a machine goes down and leaves an employee unproductive for a day? What if that machine is your server? Hard drives have finite life spans, so do cooling fans. They will eventually fail and that means your staff can’t get work done. Parts availability might become a problem with older systems. Even if the parts are available, how long to get them, have the repair completed, and the data restored? Time is money, after all. What’s your plan to deal with a failure?

Security also is a concern on older systems, as is compatibility with newer systems within your organization or those of your vendors, clients, and prospects. It’s hard to calculate the damage if your proposal looks like gibberish or is formatted wrong, because you were running a five-year-old version of Word or Acrobat, but it’s easy to calculate the loss if you miss a deadline because of system failure.

Businesses should have a written plan for a technology refresh. Some businesses can get by with a once-a-five-year refresh if their systems and internal procedures are very solid and scripted. Others, especially ones with more creative aspects such as design and architecture, need to replace machines along with each new version of their primary design software as each version adds new features and therefore requires more power from the hardware.

Even Internet access requires technology refreshes. How many of you have the same firewall from an old DSL connection running a newer cable or fiber line? If so, you are getting half of the speed you’re paying for because the firewall can’t scan the data at the speed of your line. Security improvements aside, a five year old firewall is a dinosaur and if not costing you money, is keeping you from getting what you’re paying for each month.

So, work with your tech provider, develop a plan and stick to it. If your technology people aren’t proactively working with you already in this regard, it’s probably time to find a new provider who can be a true partner for your business. A tech refresh plan will allow you to budget for necessary improvements and go a long way to keeping your company secure and up-to-date.

I welcome your questions or comments at businesstech@software-to-go.com

Joe Balsarotti, president of Software To Go, is a 36-year veteran of the computer industry, reaching back to the days of the Apple II. He served three terms as chairman of the National Federation of Independent Business’ (NFIB) Missouri Leadership Council, was chairman of the Clayton, Missouri, Merchant Association for a dozen years, chaired Region VII of the Federal Small Business Regulatory Fairness Board, and currently serves on the Dealer Advisory Panel of the ASCII Group, an organization of over 1000 independent computer and technology solution providers in North America.

When’s The Last Time Your PC or Server Got an Oil Change?

in Columns/Technology
Joe Balsarotti

By Joe Balsarotti is President of Software To Go

The quick lube places drummed the “three months or 3,000-mile” mantra into all of us some 20 years ago and built an industry around it. Later, autos with 100,000 miles were considered exceptions; now 200,000 miles and more is the norm. Any mechanic will tell you that regular preventative maintenance allows cars to last longer. Computers need constant maintenance, too. A network going down can be far more costly to your business than if a truck, van or car in your fleet malfunctions. After all, you can’t just call up Enterprise and rent a new network for a week.

Far too many businesses see their technology as simply a necessary expense rather than the asset it is. After all, how expensive would it be to do your bookkeeping by hand compared to the cost of merely plugging numbers into your accounting system? Computers, networks and the like should be treated as the integral part of your business that they are. Just like changing the oil in a car or greasing the gears of heavy machinery, regularly scheduled preventative maintenance results in saving money rather than costing your business money.

Computer technology changes constantly. A model year for a desktop computer is about four months; major application programs renew every one to three years. In the software realm, most programs are dependent upon other programs that very likely are produced by another company. One vendor finds a bug, a defect or an entry point for hackers and writes a patch or update to fix it. That, in turn, changes parameters in other programs that communicate with it, requiring updates. On the hardware side, printers, scanners, CNC, robotics, entry systems and other connected devices need software updates when the operating systems running on the PCs are updated. Security updates to anti-virus, endpoints and firewalls are conducted daily, if not hourly, behind the scenes.

All those updates and changes need to be managed by someone. We’ve seen many a business user’s system crash, only to discover that the software is two, three or even five years behind. Companies may unintentionally leave their operations vulnerable and accessible to any kid who searched for “hacking tools” on the Internet. A lack of preventive maintenance and monitoring – what our industry refers to as managed services – leads to unexpected and unpleasant future expenses.

Just last month we heard about the St. Louis Public Library’s entire network being rendered unusable as a Cryptolocker type of ransomware was downloaded and encrypted the data, holding it hostage. The patron machines and back-office machines never should have been on the same network in the first place, but I’m sure someone will argue that it was prohibitively expensive to do it the correct way. Oops. We’re left wondering how much that shortcut will cost taxpayers. Was the library paying for update subscriptions to its firewalls? Was all of the software completely updated and was the network being monitored for a mass change in data? At least we do know that St. Louis Public Library had backups of the data and didn’t pay the ransom.

How would your network fare if it were attacked in the same manner? What costs would your business incur if all computers were unusable for a week? Would the idea of preventative maintenance and monitoring suddenly look like a cheap insurance policy?

Gartner research back in 2010 showed that 43 percent of companies were immediately put out of business by a “major loss” of computer records – and that another 51 percent of businesses studied permanently closed their doors within two years, leaving a mere 6 percent survival rate.

Maybe many of those data losses were caused by a major disaster destroying the surrounding customer base, as one possible example. But ask yourself: even if these are extra harsh statistics, what happens if you lose your customer list, your A/R report and aging, blueprints, plans or schematics for all the projects on which you are working? Realistically, would your business survive, and at what cost? More importantly, could it have been prevented by spending a realistic amount of money on managed service and preventative maintenance?

Most managed service plans are flat monthly, quarterly or annual fees based upon either the number of users or devices in the business. Your business gets the advantage of peace of mind that your tech provider’s incentive is to prevent problems because repair and remediation takes more time and is therefore less profitable. Additionally, your business gains a far better grasp on the true expenses of your technology because you can forecast and budget far in advance – and you can hopefully eliminate the unexpected, immediate expenses that failures bring.

I welcome your questions or comments at businesstech@software-to-go.com.

Joe Balsarotti is President of Software To Go and is a 37-year veteran of the computer industry, reaching back to the days of the Apple II. Balsarotti served three terms as chairman of the National Federation of Independent Business’ (NFIB) Missouri Leadership Council, as chairman of the Clayton, Missouri Merchant Association for a dozen years, chaired Region VII of the Federal Small Business Regulatory Fairness Board and currently serves on the Advisory Panel of the ASCII Group, an organization of more than 1,000 independent computer and technology solution providers in North America.

Consider Lying to Make Your Personal and Business Data More Secure

in Columns/Technology
Joe Balsarotti

I’ve written about it before, security breaches allow access to personal data. No business is safe. When the ‘big guys’ get hit, it makes the evening news. When it happens to a small business or an individual, it can still be devastating.

The recent Yahoo hack exposed one billion accounts. That’s one-thousand-million users who got their data stolen. What’s really bad about this second exposure at Yahoo is that not only did user names and passwords get out, but also those security question answers. Oops.

With that in mind, here are some tips on how to make your data and your business’s more secure.

In my opinion, the whole idea of a security question as a way to recover forgotten passwords or accounts is just plain stupid. As Sarah Palin found out during the 2008 elections, just about anyone can find out enough about you to answer the questions usually asked and sure enough, her email account was hacked. Which, of course, means that just about anyone can get your data.

So, what can you do about it?  Lie.

Yes, lie when you enter answers to security questions. If the vendor asks for your high school, enter your college. Enter your father’s middle name when asked for your mother’s, etc. The trick, obviously, is to be consistent so you don’t trip yourself up. You might even consider entering the first of your birth month as your birth date, for example, when registering with most sites. After all, you will still get your free birthday desert at the local restaurant if you keep the month correct but might save yourself grief if the restaurant rewards program gets hacked and your birthday gets out.

The ‘keep it simple’ premise can be utilized in your business. Don’t ask your staff, your vendors or your customers for data that you really don’t need. Remember, once you have that data, its safety is the responsibility of your company. That also means the liability for a breach is on your company as well. Maybe your marketing people say sending a birthday greeting or your sales staff knowing a customer’s anniversary is a plus, but does it really matter if you know the exact day? Would more general data serve the same purpose with lower risk?

Remember, the adage of ‘change your passwords frequently’ is not to protect you, the customer, it is to protect the ones holding that data. Obviously, the best security is to come up with a password very hard for someone else to figure out, but that you can memorize. Constantly changing passwords, do the opposite. People forget them because the most secure and meaningful ones have already been used. Therefore their passwords become simpler and simpler and in most cases end up written down on Post It notes, where a cleaning crew, employees, visitors, or family can easily see them.

The reason password changes are crammed down your throat is due to a valid worry that the data holder may have already been breached and doesn’t know it. Changing the passwords regularly renders the stolen data useless, which does protect you, but it’s really done as an attempt to reduce the holder’s liability.

One way to protect yourself with regards to frequent password changes is to come up with some formula only you know which allows a memorizable password, but also makes it unique at every place you use it.  For example, say you decide your ‘master password’ will be the word “memory”. If you have a Yahoo account, make the password “1Memory1-Y”, for a Gmail account, your password would become “1Memory1-G” and for online banking it would become “1Memory1-B”.   In this way, you’ve kept the basic password as something you can remember and not have to write down, it includes letters of both upper and lower case, numbers (not just tacked onto the end) and a symbol, all things that are required by most sites nowadays. You’ve already figured out the last letter is the first of the site, but when hackers try your data at a host of well-known websites, it will fail. They are not going to analyze your individual password for a pattern. They are already onto trying the next million easy targets in their list.

Turning to the business side of the equation, customer data stored on your systems should always be secured with multiple levels of security, which include hardware firewalls, passwords (or better yet, biometrics), endpoint protection, and security training for your staff. All security products should have update subscriptions and only administrators should have access to install software. Every user should have their own unique passwords and your employee manual should make clear that sharing passwords, or using another’s account could be a fireable offense. Don’t ask security questions of your customers. Instead consider having them enter a second phrase, which only makes sense to them, but not one based on a question which could be obtained by a hacker.

Having your personal data stolen is bad, but losing your company because someone stole all your employee or customer data is worse. Take the necessary precautions and consider protecting yourself with a couple little white lies.

I welcome your questions or comments at businesstech@software-to-go.com.

Joe Balsarotti is President of Software To Go and is a 37-year veteran of the computer industry, reaching back to the days of the Apple II. Joe, served three terms as chairman of the National Federation of Independent Business’ (NFIB) Missouri Leadership Council, as chairman of the Clayton, Missouri, Merchant Association for a dozen years, chaired Region VII of the Federal Small Business Regulatory Fairness Board, and currently serves on the Advisory Panel of the ASCII Group, an organization of over 1000 independent computer and technology solution providers in North America.

Are You and Your Company Suffering from Data Overload?

in Columns/Technology
Joe Balsarotti
Joe Balsarotti

By Joe Balsarotti

The amount of data on the Internet is staggering. Back in 2011, USC researchers estimated humans had already stored 295 billion gigabytes, and here I am adding to the total with this column. Here in 2016, tweets rack up at a rate of about 6000 every second. While I write this, there are over a billion separate websites, with over 3.89 billion pages (You can see the ‘size of the Internet’ change in real-time at http://www.worldwidewebsize.com/)

You’re wondering how this makes any difference to your business. The statistics above are interesting, but here’s the one that brings it home. Every second of every day, more than 2,000,000 emails are sent. How many are unread in YOUR inbox?

Data overload is happening to everyone. We’re inundated in emails, tweets, Facebook posts, pins, and a host of other calls for attention. Technology has not, as of yet, developed the solution for keeping up with it all, namely the 25th, 26th and 27th hour of the day. Since those extra hours aren’t here, yet, although I keep trying to invent them, how can one manage the time consumed by both ‘good’ emails and time wasters?

First off, use more than one email address. Yes, more makes for simplicity. Use a Yahoo, Gmail of other ‘freebee’ email service for all those companies who send newsletters, sale fliers, blogs, and the like. Using something completely divorced from your primary work email address (which should NOT be your primary personal email address) gets right at the heart of the problem. When you have spare time, go to the freebee email portal and dig in. DO NOT have that address automatically sent to your phone, Outlook, Thunderbird or whatever you view normal emails with. There needs to be a barrier between that type of email and your business and personal correspondence.

After you have that general email address set up take an afternoon, subscribe only to the ones you want (times do change and your sign ups from 2005 may not be relevant anymore) at that new address. As soon as you do, unsubscribe from those lists on your ‘real’ email address. Use this opportunity to clean house and make your days easier.

Now, back to my pithy comment above, if you are using the same address for work and personal emails, time to split those up too. It’s fine to have those two addresses hitting your phone and computer, but when you await an important message about your child, you don’t want it mixed in with work and when that contract comes in, you shouldn’t need to sort through PTA emails to find it.

Next, use the power of the computer and the software you paid for. Create folders for general topics you deal with, be it your kid’s soccer team, church group, purchase orders, legal docs, etc. There’s no need to go hog wild with fifty folders when ten will do, but make those ten folders reflect topics you can easily prioritize on a hectic day. If a deadline is nearing, go straight for that project folder instead of having to sift through dozens of messages irrelevant to getting the job done on time.

Lastly, set rules for the incoming emails, this may be a time when you need your tech staff to assist you. When the sender is a subcontractor, have Outlook dump that email immediately into the folder for them, or for the project they are working on. If the sender is your child’s school, into the folder for that child it goes. Vendor invoices or correspondence goes into the vendor folder, then maybe a sub-folder for just them. What you have to learn to do is look at the folders for the highlight or number denoting new messages, rather than the inbox. In this way, you immediately know the topics of many of your incoming emails and can prioritize with just a glance.

Start with very general folders and rules and refine them as you become comfortable with the new ‘normal’. If do it correctly, you can deal with 200-400 emails a day (as I get) and still have time for lunch. Now, if only you can get your staff to do the same thing …

I welcome your questions or comments at businesstech@software-to-go.com

Joe Balsarotti, president of Software To Go, is a 36-year veteran of the computer industry, reaching back to the days of the Apple II. He served three terms as chairman of the National Federation of Independent Business’ (NFIB) Missouri Leadership Council, was chairman of the Clayton, Missouri, Merchant Association for a dozen years, chaired Region VII of the Federal Small Business Regulatory Fairness Board, and currently serves on the Dealer Advisory Panel of the ASCII Group, an organization of over 1000 independent computer and technology solution providers in North America.

Reducing Risk in the Internet Age

in Technology
Joe Balsarotti
Joe Balsarotti

By Joe Balsarotti

Seems every tech article nowadays is about the liabilities of technology. Hacking, lost data, damaged online reputations, and the legal and ethical ramifications of technology and stored data.

So, it seems appropriate to delve into how to, if not minimize, at least mitigate the liabilities that the digital world has created for all businesses large and small.

Does your business host its own website?

Unless you have private components to yours site for vendors or customers to access your database, there is no reason to host your own site. Cutting off that entry point to your network goes a long way in reducing your risk. Besides, except for keeping internal I.T. people busy, there’s not much upside in hosting your own website. Outsource it to professionals after you’ve done due diligence to make sure there are backups, redundant sites, and uptime guarantees. In short, let specialists deal with it.

How about email, why would you host your own?

Forget the security concerns for a moment. Since over 95 percent of all email transmitted gets rejected at the server as spam, that means that 95 percent of the Internet ‘pipe’ you are paying for is wasted on trash. Find a reputable provider whose focus is on providing email.  After all, there are very few individual businesses with access to datacenters across the country for redundancy, battery and generator backup, communication lines from multiple providers, and 24/7 staffing, but quality email providers do.

Granted, going with one of the ‘big guys’ for email or hosted Exchange has its own set of issues as they are larger targets to hackers. If someone breaches your in-house email server, however, you don’t really have recourse, but if a multimillion or billion dollar provider gets breached, they will have far more resources to bring to bear on restoring service and recovering damaged or lost data. Plus, it’s a fair bet that lawyers will be lined up to help you recover compensation for any losses you suffer.

Passwords, remember them?

One of the easiest ways to minimize liability with technology doesn’t cost a penny, but it is essential. ANY notebook, phone, tablet, or home PC that can access your company and/or customer data must always be password protected and should lock if unattended.

When replacing old PCs and servers, businesses generally know to keep the hard drives or get a certificate of destruction. However, the same precaution goes for those tablets or phones. Getting a couple bucks for trading in an old phone or tablet turns into a really bad deal when the tablet or phone falls into the hands of foreign hackers and organized crime, who buy old electronics by the pallet, looking for data off of hard drives.

Save yourself some headaches and reduce your company’s risk in the digital world by getting a certificate of destruction for every device that you dispose of.

I welcome your questions or comments at businesstech@software-to-go.com

Joe Balsarotti is president of Software To Go and is a 35-year veteran of the computer industry, starting back in the days of the Apple II. He served three terms as chairman of the National Federation of Independent Business’ (NFIB) Missouri Leadership Council. He was chairman of the Clayton, Missouri Merchant Association for a dozen years, chaired Region VII of the Federal Small Business Regulatory Fairness Board and currently serves on the Dealer Advisory Panel of the ASCII Group, an organization of over 1000 independent computer and technology solution providers in North America.

What Do You Mean Our Data’s Gone?!?

in Columns/Technology
Joe Balsarotti
Joe Balsarotti

By Joe Balsarotti. Software To Go

A web-hosting firm we deal with had a disaster recently. The initial problem was beyond their control, then that irritating thing we call ‘human error’ came into play and made a minor disruption into a weeklong catastrophe for its customers.

This brought to light a glaring weakness in most business’ digital disaster plans (assuming the business even has a disaster plan)— their websites. Even if your website is just a glorified brochure for your services instead of a full-blown e-commerce site, you did pay money to have it designed. Ask yourself: who has a backup copy of it? Are you trusting that the hosting company has backups? In the case I mentioned, they did, but they weren’t enough. Maybe you assume the PR firm / web designer / programmer who built your site has backups of it, but they probably do not.

There may be an initial copy of the site as you first had it made, but then over the months and years, you had revisions made to it. Your offerings may have changed, the contact names of your staff as they come and go, graphics, and descriptions all probably morphed as time moved on. (If they haven’t, then your website is in desperate need of a rework) That original copy is now as usable as a faded roll of thermal fax paper.

How many of you have contracted with a backup service for your website? Along with that, how many of you have contracted for an archive of all those years of email for not only you, but for all current and past staff? Are you trusting the first marketing piece a prospect will ever see to someone somewhere in ‘The Cloud,’ who you think/hope/pray is backing it up?

How damaging would it be to your business to have customers and prospects see a blank screen when they expect your website? What goes through their mind when the email they sent you gets returned as undeliverable, not-found, or, even worse, is never acknowledged? All the money you spent on advertising, marketing, and web design all goes for naught in the case of a failure like that.

Email archiving is standard practice in some industries, such as financial, but for most it’s never given a thought as everyone thinks the email company “takes care of that”… right? Well, no. Sure email providers and web hosts probably make backups, but in a world where viruses can sit dormant on systems for weeks or months and then trigger without warning, what good is a backup from last week? That backup is infected too. What happens if the server hosting your website is in a building damaged by a fire, flood, earthquake, or tornado and the backup drive was sitting right next to the server?

The ‘how’ of the failure isn’t the important part of this story, in the end, enormous sums of time, energy and money were thrown at the problem by the hosting firm and the data center they utilized and eventually the customer websites were online again, but with a loss of a week and some irretrievable data. Then again, not all providers would go to the extremes this particular one did to make their customers whole again.

The moral of this story is to make sure you have automatic backups and archiving in place for not just your PCs and servers, but for everything you have in the Cloud, as well. Trusting your company’s lifeblood, its data, to just one provider is a bad plan. Put a backup in place separate from your primary vendor. It’s no doubt the cheapest ‘insurance policy’ your company will ever purchase.

I welcome your questions or comments at businesstech@software-to-go.com

Joe Balsarotti is President of Software To Go and is a 36-year veteran of the computer industry, reaching back to the days of the Apple II. He served three terms as chairman of the National Federation of Independent Business’ (NFIB) Missouri Leadership Council. He was chairman of the Clayton, Missouri Merchant Association for a dozen years. He chaired Region VII of the Federal Small Business Regulatory Fairness Board and currently serves on the Dealer Advisory Panel of the ASCII Group, an organization of over 1000 independent computer and technology solution providers in North America.

Stop Waiting for Google

in Columns/Technology

“Access to fiber is going to be key to future economic development,” said Owen Graham, business development manager, Arch Fiber Networks. “There are amazing things happening in Kansas City, because of the fiber availability to services businesses and homes,” he said.

Arch Fiber Networks, a subsidiary of Edwardsville businessman Tom Allen’s American
Fiber Comm, has installed a fiber optic loop around downtown St. Louis, the near south side and Old North St. Louis. Telecommunications cable made from fiber optics are made of glass fibers instead of copper wires, and have a much higher capacity for carrying data. 

While some people lament Google’s and AT&T’s decisions not to install fiber optic networks in St. Louis, Graham said, “We don’t need them. We love them, but we don’t need them.”

What St. Louis needs instead is more entrepreneurial spirit. “We already have the
infrastructure,” Graham said. “We just need demand and internet service providers.”

Arch Fiber Networks fully redundant dark fiber (dark means it is not being used)
networks
  with a dual crossing under the Mississippi River 90-feet beneath the McKinley Bridge. It has direct connections to the telecom hotels at 900 Walnut, 210 N. Tucker, and 710 N. Tucker, and to the AT&T Toll Building at 2651 Olive Street. One network surrounds downtown between Carr Street on the north and Chestnut Street on the south. The southern loop runs from Chestnut and Market Streets in the north to Arsenal in the south and runs west to Grand Avenue, encompassing the neighborhoods of Lasalle Park, Soulard, Lafayette Square, McKinley Heights, Fox
Park, Compton Heights, and part of Tower Grove East. The northern loop runs up
Broadway along the Old North St. Louis neighborhood to the Hyde Park neighborhood, and returns downtown along N. 13
th Street.

“The system is there to serve carriers, enterprise customers, businesses, and homes
in the downtown ring,” Graham said. “We don’t care how much bandwidth you use.”

“Today our focus is providing fiber services along Washington Avenue,” he said. One
fiber cable runs up Washington Avenue to Beaumont and connects to AT&T. “We pulled laterals into the buildings so they are ready for customers,” he said.

“In our model, the infrastructure is there. We just need to pull fiber through the laterals and install in the buildings.

“From the standpoint of the end user, the difference is invisible. We will partner with internet service providers, who will put their equipment on the fiber distribution panel and go to a telecom hotel and purchase one or more gigs of internet to break up to buildings they serve,” Graham said.

Graham said fiber delivers faster, cheaper internet, that will enable office and apartment building owners in their rings to compete for Millennials and high tech tenants, he said. “At an apartment building, for example, instead of having the tenants all share 80 megs from Charter, they can share 500 megs,” he said.

Arch Fiber Networks donated a fiber connection to the T-Rex high-tech incubator on Washington Avenue.

“Start-ups are the ones that will need huge bandwidth, they need gigabit fiber,” he said.

Downtown, Old North St. Louis, and the near south side are now primed with fiber for
start-up IT companies and the Millennial generation. All they need now are developers with the entrepreneurial spirit to use and promote it, instead of waiting for someone bigger and powerful to do it as the characters do in Samuel Beckett’s play “Waiting for Godot.”

Utilizing Technology and Process Improvements to Gain a Competitive Edge

in Columns/Technology

By Frank Hogg & Ken Van Bree

More competitive bids…  Less backlog… Increasing costs of construction… Lower profit margins…

  

For every contractor in the construction industry, these terms have resonated since 2009. And with economic pundits continually pushing back the projected full economic recovery period for construction, the prospect of maintaining acceptable levels of profitability remains challenging for the foreseeable future.

Many companies have focused on cost-cutting measures, which include targeting overhead expenses or attempting to lower their costs of construction.

Contractors also should consider investing in technologies and process improvements that can assist them in being more competitive in the marketplace.

Companies focused on making tough, economical decisions before writing checks have a tendency to place priorities related to investing in technology and process improvements toward the bottom of management’s plans. That may not be the wisest choice.

Contractors should carefully evaluate the potential benefits that can be derived and whether these benefits exceed the costs involved. The “intangible” costs of lost productivity, lower customer satisfaction, and inability to properly execute project work should be an important part of the decision.

When considering an investment in technology, management typically has a few standard questions:

• Can we enhance the efficiencies of our operations?

• Can we improve the productivity of our employees?

• Can we improve the level of service to our customers?

• What will the technology cost and do the benefits outweigh the costs?

• What level of effort is required to implement the technology in terms of employees’ time and resources?

The most common concern is the upfront capital required (both in terms of time and money) in order to purchase these technologies. What many companies have found is significant capital outlays are not necessary for many construction technologies and process improvements.

Contractors should consider the following after evaluating each application’s costs and benefits:

Mobile Technologies

A majority of employee time is spent out of the office performing construction services at job sites and various other service calls for maintenance. Mobile technologies allow remote employees to communicate with the office.

Important information such as customer inquiries, work orders, change orders, service calls, etc. can be communicated in real time back and forth between the remote location and the office. This improved  communication allows everyone involved with a job to make quality decisions based on the most accurate and up-to-date information available.

Equipment Tracking Applications

Equipment is obviously a significant investment for most contractors. The efficient use of any purchased asset is critical. Certain equipment tracking applications track the location of assets through the use of GPS technology, providing for greater control of that equipment and helping to prevent theft or loss.

These applications can also track maintenance records as well as utilization data by job and employee. These applications can minimize downtime for equipment by proactively preventing significant future repairs. They also can help management determine where the equipment can best be utilized within the company.

Integrated Project Management Solutions

On a daily basis, project managers balance delivering a quality construction product, serving customers, meeting schedules and deadlines, and managing cost budgets. Integrating a project management system with a company’s accounting system is critical for any contractor that strives to manage costs of construction and drive efficiency higher.

Many project managers still do not have immediate access to accounting and project cost information while they are in the field. By giving project managers the tools they need to access real-time data and communicate with financial management personnel, decisions can be made that can improve overall project efficiency and profitability.

Business Intelligence Tools Driving Process Improvement

Do project managers ever mention that the reports they are given are difficult to understand, contain too much or too little data, or are not representative of their job’s status? Business intelligence tools aim to clarify the data accumulated within a company’s accounting system in order to improve management’s decision-making ability.

While applications such as Microsoft Excel represent the most basic business intelligence tools, many contractors have found significant added benefits in implementing more advanced business intelligence tools to their financial management systems. Such tools can be integrated with a company’s existing accounting system in order to:

• Query existing data and generate more meaningful reports for project management

• Generate alerts to users when certain triggering events occur (e.g. jobs going over their predetermined cost budgets)

• Conduct on-line analytical processing (OLAP) for large quantities of data

• Perform analysis to create graphical representations of underlying data or “dashboards”

Many providers of software and database solutions, such as SAP, Oracle, and IBM, have recognized the importance of such business intelligence tools and have created advanced applications that are designed to be integrated with a company’s current accounting system. They have done this in response to the growing demand for companies to better analyze and understand the information accumulated within their own accounting systems.  

In today’s challenging environment of excess capacity, it is critical that contractors remain competitive within the marketplace. In addition to cutting costs, companies should consider the potential benefits of certain technologies and process improvements. They have the potential to help a contractor gain an important competitive edge now while also building for future gains when the market fully recovers.

Frank Hogg, CPA, is partner-in-charge, and Ken Van Bree, CPA, is a partner & vice-chair of RubinBrown’s Construction Services Group. 

Contacts: 314.290.3413; 314.290.3429.

Website: www.rubinbrown.com

Go to Top