CEO’s Quick Reference Guide!

As the person running the company, you need to know a few things about IT. Things like containing costs, knowing when to pull triggers, and knowing when to hold tight for something better coming around the corner.

First off, let’s look at costs. To be in line with industry norms, your costs should be somewhere between 2% at the low end and 5% at the high end of gross sales. The lower number is used when you have more basic needs such as e-mail, phones, a small web site presence, and maybe a server or two. In short, you’re not using an e-commerce model as your lifeblood. The higher number indicates that technology is not only key to your business, but you must continue to make strategic investments to not only sustain, but grow. In short, it’s your competitive lifeblood.

On the basic end, that is closer to 2% and sometimes even less, the real concern is whether you are under spending and not leveraging technology enough. Web sites need a refresh every two to three years, and the search engine optimization (SEO) must put your top twenty phrases on the first page of a Google search. Server and other infrastructure items like firewalls and switches have a useful life of about five years. Laptops and PC as well, but don’t try to save money by not replacing monitors as it’s a small price to pay to ensure you’re folks eyes work well! In short, as long as you’re keeping your equipment fairly current and on a plan to replace 20% of the items per year, it should be a pretty steady cash flow. Keeping software and hardware maintenance contracts is nearly always worth the money with few exceptions.

On the higher end of the spectrum, the question becomes not so much as to whether you need what you are buying, but more so about what you are investing in. Are your investments providing either a) significant savings or b) higher returns in your technology dollar investment than other technology spending? For instance, VMware saves a lot of outfits a lot of money. It involves using less hardware, less electricity, less cooling, with more disaster recovery (DR) ability. It’s a win from every angle possible. The harder decisions lie in weighing the benefit of more strategic items, like upgrading or changing an ERP system or swapping a large data center to 240V to save money on electricity which always increases in cost. This is where strategic planning takes place, and it’s what we do at Roundbrix. We look at the entire picture, but what exactly is that?

The entire picture consists of all the components and needs to be the basis for any metrics and improvements. Included are hardware purchases and leases, support costs, software costs, hardware/software support costs, telephony costs, annual technology-related contracts, ERP costs and others. If you can negotiate multi-year contracts for foreseeable expenses like ERP support, as long as you have the cash and the return is greater than most other investment vehicles, it may make sense to prepay for a few years. Let’s not forget the bills for phone circuit/usage and internet circuits, both of with should be reviewed as often times there are savings to be had there as well. For good measure, if you incur downtime, that too is a cost. We’re strong believers in understanding and planning software and hardware cycles to create the largest win possible. For instance, if you are moving to a different version of ERP application software that is newer, but a large change, buying a server creates a relatively inexpensive, yet strong fallback position. Another example might be that you’re moving. Do you spend $10-$20k out-of-pocket to move that 4-year old phone system? Another option is to buy new or possibly lease it, and only have a payment of $600 or so, saving you $10k-$20k for those larger out-of-pocket items as moves get pricey fast!

At Roundbrix, we’re in our 11th year and have a “been there, done that” set of skills through simply having managed the ship well through many a stormy sea. We know how to keep things afloat and can help you safely to shore!

Summer Power and San Onofre’s Shutdown

You’ve certainly heard about San Onofre’s shutdown and the reactivation of the Newland Huntington Beach facility. Much like you, I’m wondering what all that might mean to us as the temperature heats up. Applying simple logic and a measure of safety to protect your business is just plain smart. We can be of assistance here!

The Issue
We fully understand that San Onofre’s Nuclear Generating Station capacity serves 1.2 million customers in San Diego and Southern Orange County. I first thought that taking SONGS off-line might affect us, but then, I am reminded that we’re all on one big power grid. After all, how could we forget when we were all down last year when someone in Arizona flipped the wrong switch? Now, this reminds me of how human and how delicate things really are; so, here is my take on the consequences.

If there is not enough power to server the grid, then some things start to kick in, like where the thermostats that are remotely controlled by the power companies, followed by rolling residential (we hope)  blackouts during peak usage hours. This is supposed to help alleviate the load a bit. But what if it’s not enough? Now you have to think through this one.

At the end of the day, if you don’t have power, it’s pretty hard to conduct business. But mitigating extenuating circumstances that can result from a power glitch or shutdown is very important. What I am talking about here is a server, computers or other equipment going down hard – and not coming up!  If it’s a server, that’s going to be expensive. This could easily be your worst nightmare realized!

When Power is Out
Understand the items that do stay up or work when power is out. Laptops have their own battery so that is always a winner, but unless your network is on a battery backup, you may just have to either work locally or ‘tether’ to a  3G or 4G device, like a Smartphone or Tablet. Heck, even auto manufacturers like Audi are turning cars into hot spots so don’t forget this option! Having a couple devices set up with a ‘tether’ before an outage makes sense as scrambling when power is down puts you in line with everyone else. Cell phones and Smartphones will be up as long as you battery will carry you.  Single line telephone lines like a fax or alarm will be up, but unless your phone system is on battery backup, it will go down as well. Do remember that you likely don’t need a very large or expensive UPS (battery backup) to keep a phone system powered and the lines themselves are backed up by the phone company as that is mandated as it is considered a lifeline service. In short, the phone lines don’t go down, but the items connected to it are usually do, creating phone downtime.

When Power comes back on
When power is out, you’ll want to unplug sensitive and expensive devices, like copiers. This is beneficial because when power has been restored, for a few minutes the power fluctuatates from so much equipment coming up at one time. This places an excessive load on the grid and may under or overcompensate, creating surges or worse yet, low voltage conditions. These two types of events cause the most damage. We recommend that you wait for power to have been restored for about ten minutes before starting to turn items to ensure that the power will stay up .

How to Mitigate your Risk
Here’s hindsight in a nutshell. Your computers and printers should have surge protectors at the minimum. If there are very critical computers, spend the $60 and get them a UPS. Servers should have a battery backup that has shutdown intelligence. This means that when the battery begins to be depleted, say 25% remaining, it should be able to tell the server to shut down as it does not know if it will be able to sustain the server until the power returns. It is far better to shut servers down in an orderly manner, and simply have to reboot them when the power has been restored, then to have to call us in and perform a rebuild at significant cost; not to mention the impact of being down for an undefined amount of time on your business .

If you’re not sure how well protected you are, or want to confirm your belief that you are protected, give us a call.

We’ve been down this road before, so you don’t have to!

IT Spring Cleaning!

With Spring here, it’s time for a little cleanup. At Roundbrix, we’re only too familiar with those items that seem to get left by the wayside, yet they  can cause significant harm. Consequently,  we thought we would share a few tidbits of what we have learned in the last ten years.

Are we backing up everything we should?  This is a big issue and we see it all the time. We all get busy and add file shares here and there, or maybe a new database and somehow get pulled away from finishing the job which means including it in the nightly backups. Oh, this could hurt!

Do the backups actually work? I once worked with an outfit and discovered for two and a half YEARS, a gal would rotate the backup tape and take it offsite. The only problem was the backup job never ran! Folks, doing a sample restore of a file that was created yesterday will give you a ton of confidence that what you believe is in place is working.

Do these people still work here? Often times, folks leave and there are leftover items. They may still be a user on your system including e-mail. They may also have been granted VPN or remote access which may greatly expose your company.  Some may even still have voice mail set up and changed the greeting to something not very nice!  Another area of weakness we have discovered is when a user actually has been given the wireless access point password. What this means is they can sit outside in the parking lot, sit on your network backbone and attempt to get into employee accounts especially if passwords and security is not rigorous.

Can we get rid of those old computers? Sure you can, but realize what you can use and what you need to destroy before handing that machine into another party’s hands. What you should keep is usually RAM, especially if you have a lot of the same model machines. There’s not a machine out there that won’t benefit from at least 4GB of RAM and if it’s a 64-bit machine, it can benefit from using even more! It’s also an inexpensive way to stretch that IT dollar on those remaining aging units. On laptops, saving a couple extra power supplies might prevent you having to throw good money after bad should one fail. What you need to destroy is the hard drive as you don’t want ANY company data going with the drive. We use the HAMMER method with a pair of safety goggles – it’s like a sport!

Who has access to what? Ok, this is a bit more of an exercise but reviewing who has access to what makes sense. We would start at the firewall and look at the VPN list and ensure that access is not granted without VPN IPSEC access. We would also look at Access Control Lists (ACL) in the firewall. Additionally, just changing user passwords and wireless and administrator passwords every six months just makes smart business sense to catch those straggling items that are often overlooked. In more sensitive environments, we recommend a quarterly review and changing of the passwords.  Here, having a documented password change procedure makes sense.

Are folks surfing on my time and my dime? The short answer is yes, but is it at a point of excess is really the question? The policy should be simply “if someone needs to get a hold of you, they can call”. Other than that, ask folks to respect that work time is not play time. If that policy doesn’t work, you can put in web monitoring and application control, which is available on many firewall platforms that can prevent excessive social media abuse on business time.

These are just a few simple steps to keep you safe, secure, well-protected and productive.  As a business, you need Spring to be a time of growth as the vacation times start coming up pretty quick in Summer!

Let us know if we can help you button things up!