BUYERS TO AVOID SUPPLIERS THAT SUFFERED A CYBER-ATTACK

BUYERS TO AVOID SUPPLIERS THAT SUFFERED A CYBER-ATTACK

Smart services and smart technologies – Part One

A series designed to address state-of-the-art services and technologies that can be used by business to Eliminate Inefficiency.

In 2021, cyber-attacks are much more than a threat to business continuity. They are increasingly a threat to business survival. Research by Arcserve published in late 2020 found that 59% of buyers are likely to avoid suppliers that they believe have suffered a cyber-attack – with 25% suggesting they would abandon the product favouring a competitor. This finding is of particular concern in 2021 – given a 60% increase in business email scams, alone, in the last twelve months.

Numerous factors, including the coronavirus pandemic, have contributed to an increase in cyberattacks in the past 12 months. The cost of Ransomware damages are expected to reach US$20 billion in 2021, and some 94% of malware is now polymorphic, meaning that it can continuously modify its code to avoid detection. It is estimated that 6.85 million accounts get hacked every day or 158 every second – many of which could be avoided if passwords were managed more effectively.

It is estimated that:

  • 33% of hacks involve phishing. and
  • 28% of data breaches involve malware.
  • 80% of hacking-related breaches leverage compromised passwords.

The first question businesses need to ask themselves in 2021 is:

  • ‘Are the practices of our staff increasing the risk of phishing, malware or other password related breaches?’

The second question businesses need to be asking is:

  • ‘How can we reduce the threat of password-related data breaches in 2021?’ This missive addresses both questions.

Our experience and volumes of research suggest that the answer to the first question is, for most businesses – ‘yes’. And we can prove it.

Wolfe Systems is currently undertaking tests of the password and email practices of staff within client organisations. The results have been both alarming and instructive. They have been alarming because we have frequently found:

  • Passwords listed for sale on the dark web.
  • Staff opening email that is for all intents and purposes malware.

These findings are consistent with those of research where it was found that:

  • 51% of employees have not changed their passwords.
  • 50% of employees reuse an average of five passwords.

These findings have been instructive, and answer the second question above in that they have enabled Wolfe Systems to implement strategies for clients that reduce future risks.

In response, clients have implemented policies to:

  • Develop passwords with random numbers, letters and symbols that cannot be guessed.
  • Adopt different complex passwords for each business unit and each user.
  • Change passwords frequently and avoid the reuse of any passwords.
  • Use a password manager or random password generator – such as RANDOM.ORG.
  • Educate employees about the threats of passwords and malware breaches.
  • Review all breaches and attempted breaches to identify upgrade opportunities.
  • Implement multi-factor identification to provide an added level of security.

Wolfe Systems is also recommending that our clients use Passly, software developed by Kaseya. Passly protects data by ensuring that only authorised people are given secure access to sensitive applications and information. Developed in response to the growing numbers of remote workers, increased dependency on cloud applications, and explosive increases in cyber breaches, Passly is available for both SME and enterprise applications, facilitating:

  • The protection of all applications.
  • Secure access and multi-factor identification.
  • Streamlined efficiencies with a single sign-on (SSO).
  • Network and infrastructure access protection.

In short, this very smart technology makes security easy and affordable. This is leading-edge technology that will improve security without high costs or effort. Passly even facilitates the auditing of security systems and practices identifying issues requiring attention.

I recommend all businesses Install Passly secure identity and access management software without delay.

If you want to know more, please give me a call or email me.

Ben Latter

0488 445 044

[email protected]

CYBER-SECURITY – THE ISSUE FOR 2021 – IS SO MUCH MORE THAN THE DARK WEB – PART 2 

CYBER-SECURITY – THE ISSUE FOR 2021 – IS SO MUCH MORE THAN THE DARK WEB – PART 2 

Welcome to Part 2 of my cyber-security mini-series. In part 1 where I identified two of the myths about and five of the biggest threats to, businesses’ cyber-security. It’s one thing to know about the threats but it’s another to defend yourself appropriately against them. In part 2 will identify just five of the strategies that need to be implemented to ensure your business is as secure as it can be and that you are protected in the event of a breach.  

DEFENDING YOUR CYBER-SECURITY 

The five potential cyber-security threats discussed here represent the tip of a growing iceberg. Criminals are learning more and more about how to disrupt business systems, and the technology available to assist them is increasing daily, along with the threat to businesses around the world. While geographically isolated, and even more so during the pandemic, Australia is not immune to these threats. Indeed, the epidemic has increased the frequency of attacks in Australia. 

No business can afford not to have a strategy and policies to ensure its systems are as secure as possible. The cost of not being fully protected is just too high. Following are strategies and policies every business should have in place in 2021. 

EDUCATION AND TRAINING 

In 2019, IBM research found that 44% of executives believed that employees who made mistakes that lead to business systems being compromised lacked awareness of the threats. This highlights the importance of ensuring all staff understand how to ensure their behaviour does not open your systems to cyber-security threats. Research suggests that low awareness of best practice risks and ignorance is the biggest threat confronting businesses in 2021. 

Every business needs to have a training programme and documented protocols to ensure that all staff know exactly what they need to do and need not to do – to minimize the threat of a cyber-security breach. Every business needs a long-term security programme and protocols. 

Some 24% of cyber-security breaches in the past five years resulted from ignorant or negligent employees and contractors?  

SCHEDULED ASSESSMENTS 

Most in depth cyber-security systems audits, identify vulnerabilities and or security gaps within – networks, applications and digital devices. This is at least partly because the technology available to and the expertise of hackers and criminals are advancing almost daily. What might have worked for your business in 2020 may not work in 2021 and will almost certainly be inadequate in 2022. 

This highlights the need to undertake regular, at least half-yearly, audits of the networks, applications, and digital devices that all businesses have become so dependent on. Without regular audits, businesses have no way of knowing if they are protected. 

Advances in criminals’ capabilities mean that even if your systems were relatively safe in 2020, they might not be in 2021. 

PROACTIVE MONITORING 

The world is changing fast, but few things are evolving and advancing more quickly than the threats to businesses’ cyber-security. One Australian security agency alone receives reports on more than 164 cybercrime reports per day. This highlights the importance of all businesses, and indeed all enterprises having in place the technology required to monitor threats and report on potential breaches as soon as they happen. Delays can be very costly, indeed. 

One of the highest priorities for business in 2021 should be to ensure they have the technology required to monitor the operation of their network and associated systems closely – enabling real-time reporting of potential breaches. The sooner action is taken, the better. 

How much might it cost your business to identify a data breach a week after it occurred? How much could you save to know in real-time? 

LATEST TECHNOLOGY 

While technology can be expensive, breaches of that technology can be even more costly. While it is rarely necessary to buy all the ‘bells and whistles’, and there are most certainly strategies for buying well – it is important to ensure that your business uses reasonably current versions of the required hardware and software. Each update tends to incorporate new security features and options to make your network more secure. 

It is important to work with your IT consultant to strike the optimum balance in terms of using the latest technology and not breaking the bank. The better IT consultants will have the buying power, expertise, and integrity to minimize your investment while ensuring your systems are protected. 

If your technology is from 2016 and the technology the criminals are using is from 2021, the criminal might have the upper hand.  

INSURANCE 

Despite the best-laid plans, sometimes things go wrong – perhaps unaware staff opening the door to a hacker, a backup system failing just before ransomware infiltrates your systems, a brute force attack occurs when you are less prepared than you need to be, or criminals use technology that is superior to yours to breach your security systems. While great staff training, regular assessments, systems monitoring, and the latest technology will go a long way to protecting your business, there may be times when the criminals win out. 

To protect against this potential eventuality, it is prudent for all businesses to have cyber-security insurance, as part of the broader business protection. Businesses who approach cyber-security in the manner suggested here may never call on this insurance, but prudent risk management demands that they have it. 

You are almost certainly insured for a thief breaking into your office – but are you insured for the greater likelihood of a criminal breaking into your systems.  

IN CONCLUSION 

In part 1 of this 2-part series I addressed two of the myths about and five of the biggest threats to, businesses’ cyber-security (click here to read part 1). There are other myths and many more threats. My intention was to highlight the importance of engaging an IT consultant with the expertise, resources and orientation required to partner with you in minimizing cyber-security threats. 

Part 2 addresses just five of the strategies that need to be implemented to ensure your business is as secure as it can be and that you are protected in the event of a breach. Choosing the right IT Consultant is crucial and they can work with you to put in place a cost-effective programme and strategies to ensure your systems are secure.  

 In closing, as I closed in part 1, it is important to highlight again, that your business will almost certainly be targeted in some way by cyber-criminals at some stage. Protection against breaches of your cyber-security is nothing more or less than prudent risk management. 

If you want to know more, please give me a call or email me.  

Ben Latter 

1 300 958 923 

[email protected] 

CYBER-SECURITY – THE ISSUE FOR 2021 – IS SO MUCH MORE THAN THE DARK WEB – PART 1

CYBER-SECURITY – THE ISSUE FOR 2021 – IS SO MUCH MORE THAN THE DARK WEB – PART 1

In this short two-part series on Cyber-Security, I will be identifying 12 insights every business needs to consider to ensure cyber-security. Part 1 will target myths and threats and later in part 2 I will identify methods of defence 

12 INSIGHTS EVERY BUSINESS NEEDS TO CONSIDER TO ENSURE CYBER-SECURITY.

Any executive or business owner who does not appreciate their cyber-security threats is living in la-la land. For the 12 months prior to June 2020, the Australian Cyber-Security Centre received 59,806 cyber-crime reports at an average of 164 cyber-crime reports per day, or one report every 10 minutes. Further, the growth rate in cyber-crime has been exponential since the COVID 19 crisis began. In the same period, cyber-scams alone cost the Australian economy $634 million.

Every enterprise in Australia in 2021 will need to address cyber-security if they are to avoid the significant threat it poses to their productivity and ultimately, profitability. Indeed, for many businesses failing to address cyber-security adequately will threaten the very survival of their business. It is almost inevitable that businesses attacked with ransomware, for example, will go broke in 2021. The data suggests that more than one reader of this article will face a cyber-security threat this year. The real questions are – will it be you, and what will be the cost?

TWO DANGEROUS MYTHS ABOUT CYBER-SECURITY

There are many myths about cyber-security, but two are especially troubling. The first relates to the focus of the dark-web and the second related to external threats.

1. NO – THE DARK-WEB IS NOT THE BIGGEST THREAT TO YOUR CYBER-SECURITY.

Often without understanding the ‘dark-web’, many executives and an alarming number of IT consultants view it as the biggest threat to their cyber-security.

The fact is, while an important consideration, the ‘dark web’ is no more or less a threat to a business than the ‘social-web’ that we all use every day. Indeed, many business risks are far more likely to involve the ‘social-web’ than on the ‘dark web’. A hacker needs no association with the ‘dark-web,’ to break into your system to install ransomware or malware.

The ‘DARK-WEB’ sounds scary – but in itself the ‘dark web’ per-se is unlikely to be the primary threat to your business.

Just as the focus on the ‘dark-web’ is a trap for inexperienced players, the focus on external threats is a trap for naive players – including naïve IT consultants.

2. NO – OUTSIDERS ARE NOT THE ONLY THREAT TO YOUR CYBER-SECURITY.

The fact is, while there is a litany of external threats to a businesses’ cyber-security, there are many accidental and deliberate internal threats, some of which are all too often ignored by IT consultants. Research undertaken by IBM in 2019 suggested that 24% of cyber-security breaches and 36% of employees lacked the training needed to protect against threats adequately.

Most IT consultants focus on the EXTERNAL THREATS to cyber-security, but INTERNAL THREATS are equally concerning 2021.

 

FIVE COMMON CYBER-SECURITY THREATS

The threats to the cyber-security of a business are too numerous to list here. There are, however, five categories of threat that will be most concerning for businesses in Australia, in 2021.

1. RANSOMWARE

We have all heard news reports about ransomware – where businesses have been locked out of their systems until they pay a ransom – a form of extortion costing businesses billions.

What would it cost you, in lost productivity if you and your people could not access your systems? This is now an even more important question in Australia given that paying a ransom is a crime under federal law. And even if you did pay a ransom – what certainty would you have that your data is intact when you can access it again.

There is of-course a simple solution to ransomware threats – ensure that your systems are adequately backed up. In most cases, if your systems are adequately backed up, you can restart your systems with limited impact on productivity and without paying a ransom. Are your systems backed up well enough to avoid paying a ransom?

What is your strategy to ensure you are not one of the thousands of businesses held to RANSOM by cyber-criminals in 2021?

2. PHISHING

A type of cyber-attack often used to steal data, including login credentials and credit card numbers – phishing involves – an attacker enticing a victim to open an email, instant message, or text message.

Unfortunately, phishing is prevalent indeed. We have all seen bogus emails in our inbox. Unfortunately, all too many of these bogus emails are opened, giving criminals access to your system and therefore the capacity to steal data or create mayhem. This is all too easy to do.

There are several strategies that can be put in place to limit this threat, including those involving email filters. Perhaps the most important strategy involves having in place clear protocols and security awareness training? The best strategy almost certainly involves a combination of filters, protocols and training addressing both email and your websites.

Do you have the filters, protocols, and training to limit it, or will your business be one of the thousands hit by PHISHING in 2021?

3. HACKING

Hacking is so prevalent it has been the subject of movies. At the same time, systems – private and public, government and commercial – are hacked so often in 2021, it is barely newsworthy.

Hacking involves the unauthorized access to, or control over, computer network security systems, enabling those entering to destroy, steal or even prevent authorized users from accessing the system. This can, but need not, involve malware or ransomware. It can be malicious or ‘sport.’

There are several strategies that businesses need to be implemented to prevent hacking, including those relevant to protecting against malware and ransomware. Among the more effective methods being used in 2021 is ‘multi-factor authorization,’ ‘secure single sign-on’, refining the ‘password construction policy’, using a ‘random passphrase generator’ and changing passwords regularly.

Most businesses will be subject to a HACKING attempt in 2021. What policies do you have in place to protect your systems?

4. NETWORK

Any system connected to the internet, including any system with an IP address or hostname resolving publicly in DNS is exposed to vulnerabilities.

Remote workers using a virtual private network, remote desktop protocol, are at risk as businesses expand their internet presence through increased use of interconnected internet-accessible systems. In 2021, criminals will increasingly focus on compromising internet-facing infrastructure and exploiting vulnerabilities in unpatched servers and exploit the trend to work from home.

Many businesses don’t have a vulnerability management program in place. They should ensure regular vulnerability scanning, strict password controls and multi-factor authentication while enabling network-level authentication and disabling server message block.

Working from home may have exposed your NETWORK. What strategies do you have in place to secure your network in 2021?

5. BRUTE FORCE ATTACK

Many executives and business owners may not have heard of a ‘brute force attack’. Yes, it is more of that IT jargon we love to hate. In 2021 it is also a real and present danger.

A brute-force attack involves submitting many passwords or passphrases with the hope of eventually guessing a combination correctly. These attacks might use hybrid, dictionary, rainbow or a similar strategy to take advantage of weaknesses in an encryption system, putting data at risk of access.

Strategies for preventing a ‘brute force attack’ include restricting access to authentication URLs, limiting login attempts, updating administration account security, enabling CAPTCHA, activating security scanning, and utilizing multi-factor authentication.

In 2021, a ‘BRUTE FORCE ATTACK’ on your business is increasingly likely. Are you prepared to repel such an attack?

IN CONCLUSION

This post addresses two of the myths about, and five of the biggest threats to, businesses’ cyber-security. It’s one thing to know about the threats but it’s another to defend yourself appropriately against them. In part 2 of this series, I will address just five of the strategies that need to be implemented to ensure your business is as secure as it can be and that you are protected in the event of a breach. Fortunately, these strategies need not be expensive, and the right IT Consultant can work with you to put in place a cost-effective programme to ensure your systems are secure.

In closing, it is important to highlight again, that your business will almost certainly be targeted in some way by cyber-criminals at some stage. Protection against breaches of your cyber-security is nothing more or less than prudent risk management.

Please look out for Part 2 of this mini-series next week.

If you want to know more, please give me a call or email me.

Ben Latter

1 300 958 923

[email protected]

A TECHNOLOGY CONSULTANT MUST UNDERSTAND THAT THEY HAVE JUST ONE CORE RESPONSIBILITY

A TECHNOLOGY CONSULTANT MUST UNDERSTAND THAT THEY HAVE JUST ONE CORE RESPONSIBILITY

8 tips for eliminating inefficiency

Technology or Managed IT consultants will readily tell you about all the value they can add to your business – installing this and installing that. The fact is, however, while much of what they say might be true, is just noise. The core responsibility of your technology or Managed IT consultant is to eliminate inefficiency. Moreover, the core responsibility of your technology or Managed IT consultant is to ensure that your technology functions such that you can forget about it.

If you spend any time thinking about your technology, you have probably engaged the wrong technology consultants. Your technology should operate in a manner that enables you to focus on core business. If your technology or Managed IT consultant is doing their job – downtime, data storage issues, recovery problems and security threats should be a thing of the past. You should also be making the most opportunities to integrate your systems and automate to reduce costs.

The last 20 years have taught me that there are 8 keys to eliminating inefficiency.

1. KNOWLEDGE

It is uncommon in 2021 for a business to develop or market a product without first fully understanding the needs and wants of the market they will depend on for profitability.

It should be no different with technology. Before spending a cent, it is essential to develop the best possible understanding of the business, its technology requirements, the current technology, security arrangements, hosting arrangements and anything else that can impact on efficiency.

My advice – Undertake an annual objective, comprehensive and strategic audit of your technology to identify the strengths, and weaknesses, opportunities, and threats.

2. STRATEGY

Few businesses have achieved optimum performance without an optimum strategy. Most businesses in 2021 have clear objectives and the strategy required to achieve those objectives.

Equally, eliminating inefficiency and enabling the team to focus on core business – knowing that their technology will do its job, and more, without fail – cannot be achieved without the right strategy. An issue-by-issue approach to your technology will deliver less and cost more.

My advice – Set clear objectives – including the elimination of inefficiencies and develop a medium to long term strategy to ensure these objectives are achieved – cost-efficiently.

3. CUSTOMISATION

Just as your business objectives are unlikely to be achieved without a business plan, your technology objectives are unlikely to be achieved without addressing the requirements of that business plan.

Your technology strategy needs to be developed with your business and your objectives in mind. When it comes to technology strategies, ‘one size does not fit all.’ Your technology requirements will be different from any other business, and eliminating inefficiency involves finding your solution.’

My advice – While readily accepting off the shelf software or hardware, where it offers the most economical solution, ensure that your technology strategy is customised to suit your business.

4. SECURITY

No business in 2021 is immune to security threats. Indeed, most businesses will, at some time, have to confront security breaches. More and more businesses are being held to ransom by criminals.

Ensuring your technology is secure is central to eliminating inefficiency.  Not only do you need to know that your systems are protected, but you also need to know that if your firewalls are breached, you have in place the recovery systems required to get you up and running again in minutes.

My advice – Include in your annual technology audit a review of your security, data storage and recovery systems and proceed as if your firewalls will be breached at some time.

5. AUTOMATION

In the years ahead, you will hear more and more about business process automation. This is because the automation of business processes has the potential to radically reduce the cost of doing business

There are in 2021 many off the shelf packages that can automate a business process, saving both time and money. Creative technology consultants can identify opportunities for process automation and develop customised solutions for your business. The potential savings can be enormous.

My advice – Engage a technology consultant with the imagination and technical expertise to identify opportunities in your business for process automation.

6. INTEGRATION

The days of standalone systems are numbered. More and more businesses are leveraging the opportunities for integrating all technology including, computers, telephony, and audio-visual.

Integrated systems can eliminate inefficiency by enabling the more efficient sharing and analysis of data, the development of more powerful databases, superior communication, and lower software and hardware costs. Integration can also reduce maintenance and servicing costs.

My advice – As part of the annual technology audit, review the opportunities for systems integration and then incorporate integration into your strategy.

7. EFFICIENCY RATINGS METRICS

Technology is a means to an end. For most businesses, that ‘end’ is efficiency. The primary role of an IT consultant must be to take responsibility for leveraging technology to eliminate inefficiencies.

In developing a strategy, your consultants need to articulate clearly the Efficiency Rating Metrics to be used.  ERMs should drive decision making and must be incorporated into monthly reports – to demonstrate that the consultancy is doing its job and efficiency is improving.

My advice – Establish your initial efficiency rating and the best options for optimizing it. Ensure that there is an ERM update in every monthly report.

8. TIMING

The time to modify, update, or upgrade your technology is before it fails – before you experience downtime before there is a security breach and before data is lost. This is central to efficiency.

In addition to highlighting the importance of the annual audit and medium to long term strategy, the need to anticipate issues before they occur, while not spending unnecessarily, requires ongoing monitoring of your systems and the provision of updates in monthly reports.

My advice – In addition to conducting an annual audit and documenting a medium to long term strategy, ensure your consultants monitor your systems and report monthly.

In my experience, unless you develop and or sell technology, you don’t want to think about it. Every person I know in business wants to focus on core business in the knowledge that their technology is doing what it needs to as well as it can for as little expenditure as possible. I would argue that this is a perfectly reasonable position. I would also argue that it is entirely achievable if your technology or Managed IT consultant understands that their core responsibility is to eliminate inefficiency and enable you to get on with doing what you do best.

If you want to know more, please give me a call or email me.

Ben Latter
0488 445 044
[email protected]

IF YOU DON’T UNDERSTAND WHAT YOU ARE BUYING – CHANCES ARE YOUR TECHNOLOGY CONSULTANT DOESN’T EITHER

IF YOU DON’T UNDERSTAND WHAT YOU ARE BUYING – CHANCES ARE YOUR TECHNOLOGY CONSULTANT DOESN’T EITHER

8 essential requirements of a technology provider

It never ceases to amaze me how often businesspeople tell me that they really don’t understand the technology their consultants are buying for them, why it is essential and why it costs so much. It seems all too common for businesspeople to simply throw their hands in the air and say – ‘Whatever you say, I just need it up and running as soon as possible!’ This suggests to me that some consultants are not explaining their client’s technology requirements clearly enough or in plain English.

It was Albert Einstein who said, ‘If you can’t explain it simply, you don’t understand it well enough.’ In my experience, this quote is highly relevant to IT consultants. Providing absolute clarity and ensuring clients fully understand the options, the rationale for the preferred option, the implementation process and the associated costs is surely the responsibility of every consultant. 

But how do you identify the best IT consultant for your business? Well, over the last 20 years, I have identified 8 critical factors you need to address before engaging an IT consultant. 

1. AN ENTERPRISE MATCH

All too often, businesses appoint consultants that while competent, cannot meet all of their needs now and into the future. Maximising technology efficiency requires a long-term partnership.
Professor Peter Drucker was right when he noted – ‘culture eats strategy for lunch’. Your consultants must share your values and embrace your vision – along with the strategy that will realise that vision. They must understand your priorities and demonstrate the capacity to grow with you.

My advice – Have prospective consultants demonstrate that they understand your business priorities, embrace your culture, and have the capacity to help you realize your vision 

2. KEY PERFORMANCE INDICATORS 

It is essential to ensure that your consultants are accountable. This will require agreeing on and documenting the key performance indicators to which the consultant will be held accountable.
A primary responsibility of the consultant must be to ensure that you never have to think about your technology because you know it is functioning optimally. Customised key performance indicators are needed to give you the confidence that everything that needs to be addressed will be addressed. 

My advice – Ensure your consultant agrees on key performance indicators and reports monthly, taking full responsibility for your technology so you can focus on core business.

3. EFFICIENCY RATINGS METRICS

Technology is a means to an end. For most businesses, that ‘end’ is efficiency. The primary role of an IT consultant must be to take responsibility for leveraging technology to eliminate inefficiencies.
In developing a strategy, your consultants need to clearly articulate the Efficiency Rating Metrics to be used.  ERMs should drive decision making and must be incorporated into monthly reports – to demonstrate that the consultancy is doing its job and efficiency is improving.

My advice – Establish your initial efficiency rating and the best options for optimizing it. Ensure that there is an ERM update in every monthly report.

4. ABSOLUTE TRANSPARENCY

Rather than just talking about a partnership, you and your IT consultants need to establish such a partnership – one that ensures you know precisely what is to happen, why and at what cost.
This must involve the consultant documenting in plain English an agreed statement of your requirements, the options for addressing those requirements, the costs associated with each option, the strategy for implementation and the return on investment. 

My advice – Ensure your consultant spell out in plain English, exactly what you need, when you need it, why you need it, how much it will cost and what it will deliver.

5. TECHNOLOGY AUDIT

It is one thing to solve an immediate problem and quite another to establish a system that eliminates inefficiency. The later requires a deep understanding of your business and technology.
The required understanding of your business and technology can only be developed by way of a technology audit. Such an audit need not be time-consuming or expensive – but it does need to be comprehensive, strategic, and objective. It is essential for developing the optimal strategy.

My advice – Once you have a preferred consultant, have them conduct a low-cost audit, report on that audit, and highlight the issues requiring attention if inefficiencies are to be eliminated.

6. DOCUMENTED STRATEGY (with upfront costings)

You would not run your business without a documented strategy and budget – and should not invest in IT without a strategy and advanced costings. This strategy should draw on the technology audit.
Addressing the agreed KPIs and incorporating the ERMs into your technology strategy should detail the action to be taken (and the rationale) over the medium to long term. This strategy must provide for the consideration of options and give you the information needed to identify your preferred option.

My advice – To maximise return on investment, ensure your consultant documents a medium to long term strategy with budgets that give you options and the capacity to choose.

7. ACTIVE COMMUNICATION

While you should not have to think about your technology so you can focus of core business, you do need be kept up to date – in plain English – on action, expenditure and progress toward the KPIs.
Consultants must schedule a briefing before drawing on the budget and an update immediately afterwards. With managed IT services – the minimum expectation should be a monthly report detailing action taken and to be taken, new issues and progress towards KPIs, and a monthly ERM.

My advice – Ensure your consultant uses plain English. Demand a schedule of communication with at the very least involves a monthly written report with a verbal briefing. 

8. PURCHASING POWER 

It is madness to pay more than you need to for technology. Minimising costs involves – purchasing only what you need, considering all viable options, and securing the best price on the best option.
Unfortunately, not all consultants present all of the options or have the buying power to ensure you purchase the preferred option at the best possible price.  With the best intentions, there is also a common propensity to implement a belt and braces approach that attracts unnecessary costs.

My advice – Ensure that your consultants present you will all of the viable options, a clear recommendation – with rationale – and a price that reflects buying power.

Never tolerate a consultant who ‘blinds you with science’. Even the theory of relativity can be explained in plain English. Always ensure you know where your consultants are going and how much it will cost. Demand to know what progress is being made and the rationale for all expenditure. Ensure that you know the options and have the information you need to select the optimum option. I would never engage a consultant who cannot put all his or her cards on the table, ensure I know where we are going, how we will get there and how much it will cost. Nor should you.

If you want to know more, please give me a call or email me. 

Ben Latter
0488 445 044
[email protected]

Wolfe Systems asks you to take a moment for WORLD BRAIN TUMOUR DAY

This is a special day for some people at WOLFE SYSTEMS. It is a day that pays tribute to all brain tumour patients and their families.  We remember the ones we lost, celebrate the ones who survived, and inspire the ones who fight this dark and hidden disease

 

Brain tumours occur when the cells in the brain multiply in an abnormal way or a way that cannot be controlled. The tumour can be malignant, meaning it is cancerous, or it can be non-cancerous (benign). The tumours are graded from 1 to 4 and this depends on their location, how fast the cells are multiplying and the spread to adjacent areas or organs.

 

Getting involved in an event is great way to support and help fund brain cancer research in Australia. Find an event in your town by visiting Cure Brain Cancer Foundation

 

 

Wolfe Systems is a Business Technology Solution provider. Our offerings are tailored to our clients requirements, we believe Technology is a tool that should be harnessed to assist businesses to achieve their goals. Find out how we can help you today. Contact us now!