10 Tips for maximising the performance of your IT consultancy. 

According to technology researchers Gartner, the average cost of IT downtime is $5,600 per minute and can range in cost from $140,000 per hour at the low end to as much as $540,000 per hour at the high end. Further, 98% of organisations report that an hour of downtime costs them over $100,000 – and some 81% of respondents indicated that 60 minutes of downtime costs their business over $300,000 – with some estimates as high as $1.5 million.  

These numbers are based on research in the United States and take into account a range of industries. There is, however, no reason to believe that the numbers are significantly different in Australia – where downtime costs the average small business 545 hours per annum- with the costs associated with that time going well beyond salaries and wages costs. The point is that downtime is expensive, no matter what industry you are in. 

The implication of downtime include but may not be limited to: 

  • Lost revenue. 
  • Lost productivity. 
  • Corruption of and gaps in mission-critical data. 
  • Damages to equipment and associated assets. 
  • Cost of remediating systems and core business processes.
  • Damaged reputation with customers and key stakeholders. 
  • Degradation of employee morale. 
  • Regulatory, compliance, and legal penalties. 
  • Loss of insurance discounts; contract penalties. 
  • Disruption of supply-chain. 

Impacting significantly on downtime is the response times of IT consultants and managers you use. Unfortunately, there is no research data on IT consultant response times in Australia. There is also no research data on the time it takes IT consultants to resolve issues. However, our research suggests that as far as clients are concerned, both times in Australia are too slow. Wolfe Systems has worked hard over the last two years specifically to reduce our average response and issue resolution times and are continuously working on getting both times down further. 

Wolfe Systems is undertaking regular Service Efficiency Ratings presently and will be including these in all client monthly reports from May 2021. We strongly recommend that no matter who your IT consultancy is – that you hold them accountable for service efficiency – demanding monthly reports.  

To minimise downtime, every business should: 

  1. Engage an IT consultant that has the expertise and resources that meet your needs. 
  2. Avoid using the growing number of IT consultancies with a high staff turnover.  
  3. Ensure that your IT consultancy documents an annual strategy you can sign off. 
  4. Ensure your IT consultancy sets acceptable and achievable response time targets.  
  5. Hold your IT consultant accountable for their performance against target response times. 
  6. Demand monthly IT Service Efficiency Ratings and open channels of communication.  
  7. Ensure that your IT consultancy adopts a pre-emptive as opposed to a reactive approach. 
  8. Demand that your IT consultancy is 100% transparent, open and honest – always.  
  9. Ensure that you are using the latest technology – both hardware and software. 
  10. Demand systems that deliver state of the art back up and rapid data restoration systems. 

Downtime can destroy your profitability. Not all IT consultants have the expertise, resources, attitude and systems required to minimise downtimes. It is the primary responsibility of every IT consultancy to minimise client downtime.  

To learn more about increasing the efficiency of your IT service and the value delivered by a Service Efficiency Rating, CLICK HERE 

Alternatively, give me a call. 

Ben Latter 
0488 445 044
[email protected]



10 Tips for maximising IT system efficiency. 

Despite their significant investment in IT, few businesspeople know how efficient their IT systems are. Our research suggests that managers are finding it harder to track their IT systems’ efficiency due in part to a lack of transparency by IT consultants, the increasing complexity of systems, the growing need for automation, and the failure of consultants to undertake regular IT audit and efficiency ratings. 

There is also a growing concern among business people that their IT systems are not as efficient as they could be. Recent research found that data systems downtime costs an average small business 545 hours per annum and that  80% of business leaders are concerned that the plethora of systems their businesses are using is reducing efficiency largely due to poor integration. Research also found that just 2% of businesses have modelled all business processes to the point where they can fully leverage automation opportunities.  

Research also suggests that there are many opportunities that businesses of all shapes and sizes should be – but are not – embracing to maximise efficiency. Consider, Mobile apps save small business employees 725 million work hours per year. Businesses that invest in big data, cloud technology, mobility and security can realise up to 53 per cent faster revenue growth than their competitors. Businesses that switch to VoIP can save up to 40 per cent on their local phone costs and up to 90 per cent on international calls. 

So, what is the efficiency rating of your business? When is the last time you completed a full efficiency rating review? Where are the opportunities to increase the efficiency of your IT systems? Are you extracting full value from your IT systems? Most importantly, when did your IT consultant last review your issues and the multitude of opportunities for reducing downtime, enhancing cybersecurity, and maximising your IT systems.  

Wolfe Systems has developed a Systems Efficiency Rating tool to help clients identify: 

  • The current efficiency of their IT systems. 
  • Opportunities for increasing IT efficiency. 
  • Opportunities for reducing IT costs.  

The Wolfe Systems Efficiency Rating (SER1) tool also enables clients to track their IT systems’ efficiency over time – so that they can fully evaluate the return they are achieving on their IT investment and the changes being made by their IT consultant.  

For a complimentary Wolfe Systems Efficiency Rating review, with recommendations – CLICK HERE. 

For now, here are 10 tips for increasing the efficiency of your IT systems: 

  1. Set a baseline Systems Efficiency Rating (SER1) for your IT systems.  
  2. Undertake a follow-up Systems Efficiency Rating every six months and track. 
  3. Use your Systems Efficiency Rating to guide your IT investment. 
  4. Require a report on the impact on your Systems Efficiency Rating before approving any IT investment. 
  5. Complete an annual audit of your IT systems referencing your Systems Efficiency Rating. 
  6. Evaluate, at least annually, the impact of IT automation opportunities on your Systems Efficiency Rating. 
  7. Evaluate, at least annually, the impact of IT integration opportunities on your Systems Efficiency Rating. 
  8. Ensure a match between your Systems Efficiency Rating requirements and your IT consultant’s capabilities. 
  9. Have your IT consultants document a continuous efficiency improvement strategy?  
  10. Ensure your IT consultants have the purchasing power required to minimise costs. 

Efficiency needs to be addressed on an ongoing basis. It is central to your business’s profitability and, as such, should be the number one priority for you and your IT consultants.  

To learn more about increasing your IT systems’ efficiency and the value delivered by a Systems Efficiency Rating, CLICK HERE. 

Alternatively, give me a call. 

Ben Latter
0488 445 044
[email protected]  



Smart services and smart technologies – Part Two

A series designed to address state-of-the-art services and technologies that can be used by business to Eliminate Inefficiency

Ransomware is malicious software that infects computers and displays messages demanding a ransom be paid before the system will function again. It is a form of malware used in criminal moneymaking schemes. A ransom is often triggered by a link installed in an email message, instant message or website. Ransomware damages costs are expected to reach US$20 billion in 2021. 

While paying a ransom in response to a cybersecurity breach is now illegal in Australia, the costs associated with ransomware reach well beyond such payments to include the costs associated with: 

  • temporary or permanent loss of sensitive or proprietary information, 
  • disruption to regular operations, 
  • financial losses incurred to restore systems and files, and
  • potential harm to an organisation’s reputation. 

About the last point, I cite again (as in my previous post), research by Arcserve published in late 2020 found that 59% of buyers are likely to avoid suppliers that they believe have suffered a cyber-attack. Unfortunately, Australian businesses are more susceptible to ransomware attacks than businesses in many other countries. Security Brief reports – ‘Over two-thirds (67%) of Australian organisations have suffered a ransomware attack in the last 12 months — 10% above the global average of 57%’. Crowstrike, which also found that of the businesses that fell victim to a ransomware attack, suggests that 33% paid the ransom, costing an average of AU$1.25 million for each breach. This percentage is higher than any other country in the Asia Pacific region and more than the global average (27%).  

As such, the chances of your business being hit by ransomware in 2021 is very high indeed. Further to this, the chances of that attack costing you a significant amount of money are also very high. 

So, what can you do to protect your business from a ransomware attack? 

It is first important to understand where ransomware attacks come from. Most ransomware attacks involve silent infections delivered through exploit kits, malicious email attachments, and malicious email links. This is especially concerning given how many emails each staff member receives every day. It is even more concerning when 95% of cybersecurity breaches are caused by human error, including staff opening emails or links they should not open. 

  • The strategies for limiting the risk of ransomware include the following: 
  • Educate all staff to NEVER EVER open unverified emails. 
  • Educate all staff to NEVER EVER open untrusted attachments. 
  • Educate all staff to NEVER EVER visit websites they cannot trust. 
  • Educate staff to NEVER EVER give out personal information, including passwords. 
  • Educate all staff to NEVER EVER use unfamiliar USBs. 
  • ALWAYS use a mail server that scans and filters all content. 
  • Ensure that ALL software and operating systems are up to date. 
  • ALWAYS use a VPN when using public Wi-Fi.  
  • ALWAYS maintain up to date security software. 
  • ALWAYS back up your data and ensure an efficient pathway to recovery. 

Also, consider the application of the HPE SimpliVity Hyperconverged solution. SimpliVity consolidates all the elements you need to run and manage a virtual environment – providing a virtual environment for 2 to 2000 machines. Among a range of benefits, SimpliVity enables data to be reliably backed up and rapidly recovered. It is a simple, powerful, and highly efficient security tool. 

A client recently engaged Wolfe System to recover data stored traditionally for a business that had suffered a cyberattack. The recovery process took nearly five days to complete. Had the business being using SimpliVity, it would have taken less than an hour. In short, using SimpliVity would have saved this business at least four days of productivity. So, my advice is: 

  • To protect against the costs associated with a Cyberattack – Use SimpliVity. 

Wolfe Systems is a trusted HPE partner and are the only approved SimpliVity implementation specialist in WA. If you want to know more about SimpliVity, please give me a call or email me.

Ben Latter
0488 445 044
[email protected]



Smart services and smart technologies – Part One

A series designed to address state-of-the-art services and technologies that can be used by business to Eliminate Inefficiency.

In 2021, cyber-attacks are much more than a threat to business continuity. They are increasingly a threat to business survival. Research by Arcserve published in late 2020 found that 59% of buyers are likely to avoid suppliers that they believe have suffered a cyber-attack – with 25% suggesting they would abandon the product favouring a competitor. This finding is of particular concern in 2021 – given a 60% increase in business email scams, alone, in the last twelve months.

Numerous factors, including the coronavirus pandemic, have contributed to an increase in cyberattacks in the past 12 months. The cost of Ransomware damages are expected to reach US$20 billion in 2021, and some 94% of malware is now polymorphic, meaning that it can continuously modify its code to avoid detection. It is estimated that 6.85 million accounts get hacked every day or 158 every second – many of which could be avoided if passwords were managed more effectively.

It is estimated that:

  • 33% of hacks involve phishing. and
  • 28% of data breaches involve malware.
  • 80% of hacking-related breaches leverage compromised passwords.

The first question businesses need to ask themselves in 2021 is:

  • ‘Are the practices of our staff increasing the risk of phishing, malware or other password related breaches?’

The second question businesses need to be asking is:

  • ‘How can we reduce the threat of password-related data breaches in 2021?’ This missive addresses both questions.

Our experience and volumes of research suggest that the answer to the first question is, for most businesses – ‘yes’. And we can prove it.

Wolfe Systems is currently undertaking tests of the password and email practices of staff within client organisations. The results have been both alarming and instructive. They have been alarming because we have frequently found:

  • Passwords listed for sale on the dark web.
  • Staff opening email that is for all intents and purposes malware.

These findings are consistent with those of research where it was found that:

  • 51% of employees have not changed their passwords.
  • 50% of employees reuse an average of five passwords.

These findings have been instructive, and answer the second question above in that they have enabled Wolfe Systems to implement strategies for clients that reduce future risks.

In response, clients have implemented policies to:

  • Develop passwords with random numbers, letters and symbols that cannot be guessed.
  • Adopt different complex passwords for each business unit and each user.
  • Change passwords frequently and avoid the reuse of any passwords.
  • Use a password manager or random password generator – such as RANDOM.ORG.
  • Educate employees about the threats of passwords and malware breaches.
  • Review all breaches and attempted breaches to identify upgrade opportunities.
  • Implement multi-factor identification to provide an added level of security.

Wolfe Systems is also recommending that our clients use Passly, software developed by Kaseya. Passly protects data by ensuring that only authorised people are given secure access to sensitive applications and information. Developed in response to the growing numbers of remote workers, increased dependency on cloud applications, and explosive increases in cyber breaches, Passly is available for both SME and enterprise applications, facilitating:

  • The protection of all applications.
  • Secure access and multi-factor identification.
  • Streamlined efficiencies with a single sign-on (SSO).
  • Network and infrastructure access protection.

In short, this very smart technology makes security easy and affordable. This is leading-edge technology that will improve security without high costs or effort. Passly even facilitates the auditing of security systems and practices identifying issues requiring attention.

I recommend all businesses Install Passly secure identity and access management software without delay.

If you want to know more, please give me a call or email me.

Ben Latter

0488 445 044

[email protected]



Welcome to Part 2 of my cyber-security mini-series. In part 1 where I identified two of the myths about and five of the biggest threats to, businesses’ cyber-security. It’s one thing to know about the threats but it’s another to defend yourself appropriately against them. In part 2 will identify just five of the strategies that need to be implemented to ensure your business is as secure as it can be and that you are protected in the event of a breach.  


The five potential cyber-security threats discussed here represent the tip of a growing iceberg. Criminals are learning more and more about how to disrupt business systems, and the technology available to assist them is increasing daily, along with the threat to businesses around the world. While geographically isolated, and even more so during the pandemic, Australia is not immune to these threats. Indeed, the epidemic has increased the frequency of attacks in Australia. 

No business can afford not to have a strategy and policies to ensure its systems are as secure as possible. The cost of not being fully protected is just too high. Following are strategies and policies every business should have in place in 2021. 


In 2019, IBM research found that 44% of executives believed that employees who made mistakes that lead to business systems being compromised lacked awareness of the threats. This highlights the importance of ensuring all staff understand how to ensure their behaviour does not open your systems to cyber-security threats. Research suggests that low awareness of best practice risks and ignorance is the biggest threat confronting businesses in 2021. 

Every business needs to have a training programme and documented protocols to ensure that all staff know exactly what they need to do and need not to do – to minimize the threat of a cyber-security breach. Every business needs a long-term security programme and protocols. 

Some 24% of cyber-security breaches in the past five years resulted from ignorant or negligent employees and contractors?  


Most in depth cyber-security systems audits, identify vulnerabilities and or security gaps within – networks, applications and digital devices. This is at least partly because the technology available to and the expertise of hackers and criminals are advancing almost daily. What might have worked for your business in 2020 may not work in 2021 and will almost certainly be inadequate in 2022. 

This highlights the need to undertake regular, at least half-yearly, audits of the networks, applications, and digital devices that all businesses have become so dependent on. Without regular audits, businesses have no way of knowing if they are protected. 

Advances in criminals’ capabilities mean that even if your systems were relatively safe in 2020, they might not be in 2021. 


The world is changing fast, but few things are evolving and advancing more quickly than the threats to businesses’ cyber-security. One Australian security agency alone receives reports on more than 164 cybercrime reports per day. This highlights the importance of all businesses, and indeed all enterprises having in place the technology required to monitor threats and report on potential breaches as soon as they happen. Delays can be very costly, indeed. 

One of the highest priorities for business in 2021 should be to ensure they have the technology required to monitor the operation of their network and associated systems closely – enabling real-time reporting of potential breaches. The sooner action is taken, the better. 

How much might it cost your business to identify a data breach a week after it occurred? How much could you save to know in real-time? 


While technology can be expensive, breaches of that technology can be even more costly. While it is rarely necessary to buy all the ‘bells and whistles’, and there are most certainly strategies for buying well – it is important to ensure that your business uses reasonably current versions of the required hardware and software. Each update tends to incorporate new security features and options to make your network more secure. 

It is important to work with your IT consultant to strike the optimum balance in terms of using the latest technology and not breaking the bank. The better IT consultants will have the buying power, expertise, and integrity to minimize your investment while ensuring your systems are protected. 

If your technology is from 2016 and the technology the criminals are using is from 2021, the criminal might have the upper hand.  


Despite the best-laid plans, sometimes things go wrong – perhaps unaware staff opening the door to a hacker, a backup system failing just before ransomware infiltrates your systems, a brute force attack occurs when you are less prepared than you need to be, or criminals use technology that is superior to yours to breach your security systems. While great staff training, regular assessments, systems monitoring, and the latest technology will go a long way to protecting your business, there may be times when the criminals win out. 

To protect against this potential eventuality, it is prudent for all businesses to have cyber-security insurance, as part of the broader business protection. Businesses who approach cyber-security in the manner suggested here may never call on this insurance, but prudent risk management demands that they have it. 

You are almost certainly insured for a thief breaking into your office – but are you insured for the greater likelihood of a criminal breaking into your systems.  


In part 1 of this 2-part series I addressed two of the myths about and five of the biggest threats to, businesses’ cyber-security (click here to read part 1). There are other myths and many more threats. My intention was to highlight the importance of engaging an IT consultant with the expertise, resources and orientation required to partner with you in minimizing cyber-security threats. 

Part 2 addresses just five of the strategies that need to be implemented to ensure your business is as secure as it can be and that you are protected in the event of a breach. Choosing the right IT Consultant is crucial and they can work with you to put in place a cost-effective programme and strategies to ensure your systems are secure.  

 In closing, as I closed in part 1, it is important to highlight again, that your business will almost certainly be targeted in some way by cyber-criminals at some stage. Protection against breaches of your cyber-security is nothing more or less than prudent risk management. 

If you want to know more, please give me a call or email me.  

Ben Latter 

1 300 958 923 

[email protected] 



In this short two-part series on Cyber-Security, I will be identifying 12 insights every business needs to consider to ensure cyber-security. Part 1 will target myths and threats and later in part 2 I will identify methods of defence 


Any executive or business owner who does not appreciate their cyber-security threats is living in la-la land. For the 12 months prior to June 2020, the Australian Cyber-Security Centre received 59,806 cyber-crime reports at an average of 164 cyber-crime reports per day, or one report every 10 minutes. Further, the growth rate in cyber-crime has been exponential since the COVID 19 crisis began. In the same period, cyber-scams alone cost the Australian economy $634 million.

Every enterprise in Australia in 2021 will need to address cyber-security if they are to avoid the significant threat it poses to their productivity and ultimately, profitability. Indeed, for many businesses failing to address cyber-security adequately will threaten the very survival of their business. It is almost inevitable that businesses attacked with ransomware, for example, will go broke in 2021. The data suggests that more than one reader of this article will face a cyber-security threat this year. The real questions are – will it be you, and what will be the cost?


There are many myths about cyber-security, but two are especially troubling. The first relates to the focus of the dark-web and the second related to external threats.


Often without understanding the ‘dark-web’, many executives and an alarming number of IT consultants view it as the biggest threat to their cyber-security.

The fact is, while an important consideration, the ‘dark web’ is no more or less a threat to a business than the ‘social-web’ that we all use every day. Indeed, many business risks are far more likely to involve the ‘social-web’ than on the ‘dark web’. A hacker needs no association with the ‘dark-web,’ to break into your system to install ransomware or malware.

The ‘DARK-WEB’ sounds scary – but in itself the ‘dark web’ per-se is unlikely to be the primary threat to your business.

Just as the focus on the ‘dark-web’ is a trap for inexperienced players, the focus on external threats is a trap for naive players – including naïve IT consultants.


The fact is, while there is a litany of external threats to a businesses’ cyber-security, there are many accidental and deliberate internal threats, some of which are all too often ignored by IT consultants. Research undertaken by IBM in 2019 suggested that 24% of cyber-security breaches and 36% of employees lacked the training needed to protect against threats adequately.

Most IT consultants focus on the EXTERNAL THREATS to cyber-security, but INTERNAL THREATS are equally concerning 2021.



The threats to the cyber-security of a business are too numerous to list here. There are, however, five categories of threat that will be most concerning for businesses in Australia, in 2021.


We have all heard news reports about ransomware – where businesses have been locked out of their systems until they pay a ransom – a form of extortion costing businesses billions.

What would it cost you, in lost productivity if you and your people could not access your systems? This is now an even more important question in Australia given that paying a ransom is a crime under federal law. And even if you did pay a ransom – what certainty would you have that your data is intact when you can access it again.

There is of-course a simple solution to ransomware threats – ensure that your systems are adequately backed up. In most cases, if your systems are adequately backed up, you can restart your systems with limited impact on productivity and without paying a ransom. Are your systems backed up well enough to avoid paying a ransom?

What is your strategy to ensure you are not one of the thousands of businesses held to RANSOM by cyber-criminals in 2021?


A type of cyber-attack often used to steal data, including login credentials and credit card numbers – phishing involves – an attacker enticing a victim to open an email, instant message, or text message.

Unfortunately, phishing is prevalent indeed. We have all seen bogus emails in our inbox. Unfortunately, all too many of these bogus emails are opened, giving criminals access to your system and therefore the capacity to steal data or create mayhem. This is all too easy to do.

There are several strategies that can be put in place to limit this threat, including those involving email filters. Perhaps the most important strategy involves having in place clear protocols and security awareness training? The best strategy almost certainly involves a combination of filters, protocols and training addressing both email and your websites.

Do you have the filters, protocols, and training to limit it, or will your business be one of the thousands hit by PHISHING in 2021?


Hacking is so prevalent it has been the subject of movies. At the same time, systems – private and public, government and commercial – are hacked so often in 2021, it is barely newsworthy.

Hacking involves the unauthorized access to, or control over, computer network security systems, enabling those entering to destroy, steal or even prevent authorized users from accessing the system. This can, but need not, involve malware or ransomware. It can be malicious or ‘sport.’

There are several strategies that businesses need to be implemented to prevent hacking, including those relevant to protecting against malware and ransomware. Among the more effective methods being used in 2021 is ‘multi-factor authorization,’ ‘secure single sign-on’, refining the ‘password construction policy’, using a ‘random passphrase generator’ and changing passwords regularly.

Most businesses will be subject to a HACKING attempt in 2021. What policies do you have in place to protect your systems?


Any system connected to the internet, including any system with an IP address or hostname resolving publicly in DNS is exposed to vulnerabilities.

Remote workers using a virtual private network, remote desktop protocol, are at risk as businesses expand their internet presence through increased use of interconnected internet-accessible systems. In 2021, criminals will increasingly focus on compromising internet-facing infrastructure and exploiting vulnerabilities in unpatched servers and exploit the trend to work from home.

Many businesses don’t have a vulnerability management program in place. They should ensure regular vulnerability scanning, strict password controls and multi-factor authentication while enabling network-level authentication and disabling server message block.

Working from home may have exposed your NETWORK. What strategies do you have in place to secure your network in 2021?


Many executives and business owners may not have heard of a ‘brute force attack’. Yes, it is more of that IT jargon we love to hate. In 2021 it is also a real and present danger.

A brute-force attack involves submitting many passwords or passphrases with the hope of eventually guessing a combination correctly. These attacks might use hybrid, dictionary, rainbow or a similar strategy to take advantage of weaknesses in an encryption system, putting data at risk of access.

Strategies for preventing a ‘brute force attack’ include restricting access to authentication URLs, limiting login attempts, updating administration account security, enabling CAPTCHA, activating security scanning, and utilizing multi-factor authentication.

In 2021, a ‘BRUTE FORCE ATTACK’ on your business is increasingly likely. Are you prepared to repel such an attack?


This post addresses two of the myths about, and five of the biggest threats to, businesses’ cyber-security. It’s one thing to know about the threats but it’s another to defend yourself appropriately against them. In part 2 of this series, I will address just five of the strategies that need to be implemented to ensure your business is as secure as it can be and that you are protected in the event of a breach. Fortunately, these strategies need not be expensive, and the right IT Consultant can work with you to put in place a cost-effective programme to ensure your systems are secure.

In closing, it is important to highlight again, that your business will almost certainly be targeted in some way by cyber-criminals at some stage. Protection against breaches of your cyber-security is nothing more or less than prudent risk management.

Please look out for Part 2 of this mini-series next week.

If you want to know more, please give me a call or email me.

Ben Latter

1 300 958 923

[email protected]