With the 2022/2023 financial year cleaned up, the year ahead looks interesting. Sneaking up on six years of Independent IT Consulting yet the business technology landscape is changing at probably a faster pace than ever before.
We are seeing interesting challenges across infrastructure/Cloud, security and AI and clients not necessarily sure of what they should be paying attention to in the information technology tent (sorry, just so sick of hearing about this “space” and going forward and any number of other cliches). Our banner of Independent is of value from a technology and business sense, even if only as a sounding board to ensure technology strategic and operations decisions are in the business’s best interests. It must be difficult to provide IT advice when you have any sort of alignment or partnership with vendors. Fortunately, at Independent IT Consulting, that is not a problem we face – our only concern is the best interest of our client – that’s it! So, if, as you peek ahead into the coming financial year, if you have any technology issues that would benefit from an Independent assessment – from Strategy to Operations, Contact any of us for a free first consultation. You have nothing to lose and plenty to gain. Useful links:
Software as a Service is a modern offering to people who want to outsource the day to day running of a piece of software. The most common one you will come across is Microsoft O365 – if you use the web portal you don’t have to do anything, you simply log in and start to use it. If you choose to have the application on your computer it’s a little different, the software will need occasional updates that will automatically get pushed to your machine and you will need to maintain the antivirus to your machine. But what about the other software you use to maintain your business? Most programmes send and receive information between multiple systems and any updates to these systems can have unexpected results. Updates are important and you can review what it will provide before agreeing to install it, most minor updates resolve glitches in the programme or patch security faults that have been found and resolved; major updates provide new functionality and often a new look and feel. However, any bespoke, meaning custom made, software will not only need to maintain any updates but it will also need testing to make sure that the information being sent and received has not been interrupted. Testing is an important part of any complex IT environment, it can be as simple as opening the programme on a daily basis and completing a simple action – a good example of this is checking your website is up and running every morning. But rigorous testing is essential especially if you have bespoke software or run a complex system across multiple pieces of software. This is where you need a plan. A testing plan can be run by anyone within your IT team and should include a mixture of automated and manual tests. The best testing plans will also align with business needs and prioritise systems that achieve best performance for your essential business processes. This is where Independent IT can help.
We can work with you to review your current IT environment and understand how the programmes interact with each other, we can then review or create a business centric IT strategy and plan that can be reflected within your testing plan. Don’t let your IT environment become only “good enough”, keep it aligned to business needs with high performance outcomes - give us a call today. In today’s world of highly specialised technology, it is common for organisations of all sizes to outsource some or all of their IT function. But how do you get best performance from a new or aging contract? Working with a Managed Service Provider (MSP) or other IT Service begins with a contract between both parties. At the point of creation this contract should be a win for both sides – the service provider is charging a fair amount of money for a service the customer needs to do business. Ongoing contracts were originally created with a commitment from both sides to provide a service for a fee; if you have moved into a role where you now manage this service you should make yourself familiar with its contents. An aspect of contract signing often overlooked is how you will work through any disagreements, any perceived or actual failings in service, and how will you the customer know you are continuing to receive the service you pay for? Escalation points may be described but you should consider your personal approach to how you want to get best outcomes from the service contract. Developing a strong communication approach between you both is the first step, agree up front how often you will meet and what that agenda is about. It is natural to develop a personal relationship if you meet the same person regularly, but don’t let updates about children’s football or the latest hike distract you from following through on any issues you have no matter how small. Your agenda should include:
If you find you are still not happy with your service review your contract and be sure you are expecting a fair outcome; we can have personal expectations that may not be explicit in the contract. If you are not receiving what they have contractually agreed to provide then escalate; everyone has a boss and part of their role is to resolve issues like this. It is likely they would rather you escalate than they lose you as a customer when renewal time comes around so escalating is doing the fair thing by everyone. If you are still unable to resolve you issues you may need to bring in support from others in your organisation; you may also wish to check when the contract expires and get prepared to go to market to review your options. Overall, the key point is to remember you are paying for a service they have offered to provide; keep pushing for problems to be resolved and keep talking to each other. If you would like any help with any aspect of contract review, management or market options please get in touch with us at Independent IT. We don’t partner with any service providers so we can give you the best result for your organisation. Our team are very experienced in contract management and can take on the whole process or coach you through it to build you professional skills. Is Information Technology an asset or liability for your business?
It could be either. You could be exposed to an IT risk that strangles your business or it could be that competitive advantage that secures your business future. But how would you know unless Information Technology IS your business. It is highly likely that in most other aspects of your business that aren’t your core functions, you seek expert advice on this. So, why wouldn’t you seek expert assessment and advice on this critical business capability? Let’s start by helping you to ask yourself some questions about your business and its relationship with IT:
Assuming for a minute, that answering some of these questions raises some red flags for you, the next obvious question, is where do you get advice? Clearly, we think it is here, at Independent IT Consulting and one of the core reasons for that is that we can offer independent, vendor agnostic advice. For those businesses that already employ the services of a Managed Services Provider for Information Technology, you already have technology expertise on hand but, do you know how their services and pricing compare to the market and (this is important), would it be wise to seek advice from somebody that is not independent and agnostic? That would be like asking your friendly Toyota dealer what you should spend your vehicle budget on… no prizes for guessing that will result in an increased spend with your Toyota Dealer. An initial consultation with Independent IT Consulting will cost you nothing, so what do you have to lose? IT, liability or Asset? Contact us to find out. Online subscription software is easy to get going and it seems to cut out the upfront cost and opex's your costs - but what are we trading for this convenience? What risks are we adopting? The olden days
Back in the dark ages of computing (1990s to earlier 2000s), choosing what software to use was an even bigger decision than it can be these days. Firstly, there was choosing the solution for your problem, a lot of reading and promises from vendors, reviews from users and the press were crucial. Gartner’s quadrants helped. Sometimes you would run a formal selection process with vendors. Maybe there was a demo disc you could trial the software with. Once you had selected the solution there was the upfront costs (often a hefty figure):
Then there was the ongoing cost of the software subscription, regular upgrades and patches that need to be put on servers and PCs. All with their own invoice cost, let alone the cost of having your IT teams or office staff stop work to do patching or learn new features. Depending on the subscription model, you may end up paying again for the latest version of the software! Nowadays These days getting started with a new piece of software is often as easy as entering an email address and sometimes a credit card number. You’re away, no installation, it works on all your computers via the web browser, no one is installing server software, upgrading computers or having to manage the software versions. All of it is taken care of! All costs with the software can be made opex so you don't need a business case and you only pay for what you use. Google and many other online providers pioneered this approach of subscription software delivery, Microsoft has done the same and continues to invest heavily in this direction, going as far as subscription for a gaming approach with Game Pass (essentially creating the Netflix of games). So, with all these advantages what on earth could the draw backs be? And why should I be worried? Here are our top five risks when using online software (or software as a service): Risk #1 - Data governance and privacy The risk: When you enter data into a website it is saved somewhere real, on a computer that is physically in a building/structure, in a country. The laws of that country now govern that data, along with any rules and agreements in place with the organisation providing the computer that the data is being saved on. It is pretty rare for a software provider to clearly outline where the data you enter is saved. In New Zealand we have privacy rules and codes of conduct about the data collected and where it can be stored, what's more consideration of Maori data governance interests might be relevant. These rules have implications for collection, storage, use and access so you will need to consider both how the software treats the data collected but also how you use it. What you can do about it? Start with what data you are storing, there may not be any expectations for the product descriptions and costs information you store on your e-commerce solution, however there might be about customer information you do collect. Check the website for any direction on where they are storing information, what security they put around it and the reliability of the security checks they have on their system. If they do not publish information regarding this, try contacting them to find out. If you don't get a timely response, or no response at all, think twice if your information is sensitive in nature. Risk #2 - Confusion - too many applications for the one type of work The risk: There are usually many, many, many software solutions to solve the same problem. Just looking at the project tracking space you have solutions like : To name a drop in the bucket! All of them are good in some way or another and offer advantages the other may not, such as feature, cost, etc We met with a client recently who used three pieces of project/task tracking software across their clients and internally and were about to add another one. None of the software talked to the other, one set of clients used one tool and another set of clients used another tool. They know they need to consolidate but in order to do so they would have to retrain one set or all of their clients in the new solution. Furthermore, all the information stored in one application would have to be moved across (more on that below). In larger organisations this can be a real problem where different groups or departments grab the software they like the best and get going. They aren't constrained by the capital expense rules that meant the decision would require greater scrutiny before being signed off. This has its pluses and minuses. What you can do about it? Keep a central software register and put someone in charge of overseeing such decisions. Do your best to configure this so that they aren't holding up decision making but are creating awareness around solutions already in use. Encourage requirements gathering and checking before signing up - perhaps there is already a solution being used that would suit their needs, perhaps the cost and benefits don't stack up. Risk #3 - Integration The risk: You've got your e-commerce solution to sell your wares and its slick and does a great job of helping customers to purchase your amazing products, however, the inventory solution isn't connected. We met with one company where one of their staff had to spend the first part of every morning manually updating quantities in the e-commerce solution with stock levels to avoid customer disappointment when they ordered. Stitching together different software products to create a coordinated solution for your business has always been a problem. This is where ERP products generally came from (like NetSuite, Microsoft Dynamics), a single integrated solution to run the whole business, however as smaller niche solutions have exploded onto the scene that solve one part of a business problem the problem of integration has gotten bigger again. There are tools that can help with integration but you are looking at configuration, running costs and making sure something doesn't change between the two integrated systems that breaks it all. What you can do about it? Choose wisely. Ask yourself some questions when making your decisions:
Risk #4 - Lock-in The risk: You've picked a solution, it becomes crucial to your businesses operation. Everything is running fine, then something changes; the prices go up, the system starts misbehaving, there aren't new features being added to help you keep up with your competition, so you are now looking at other options to move to. But wait…all your historical and current information is kept in this system and there isn't a way to get it out or transfer it over. Or worse you look closer and the contractual agreement to use the system was that they own all data you entered into it or they expressly exclude any support for taking data out. Your stuck, it’s going to hurt to move to the new solution, not just getting the new solution to work right for your business, training your staff in the new solution but all that lost information and history, or labour time and cost to manually add this history into the new solution. A software solution limiting you like this seems unlikely? Unfortunately, this is the business model for many, big and small companies. We see it across all sorts of offerings. Creating software using the Microsoft toolset for example, means you have to stay on that or recreate everything on a competitor’s toolset. What you can do about it?
Risk #5 - Data access The risk: You have invested time and effort in curating quality data in your online system, now you want to leverage it, but how do you get suitable access to it with your cool reporting tool? Or worse, what if your data is being used by the vendor for their own data analysis! All too often the data you put in can be hard to extract. A few years ago, a health organisation invested in a shiny new software solution to be then provided as a software as service solution. Lots of great data being captured, cleaned and ready to us. However, limitations in the interface made it difficult to ask certain questions of the data. Luckily (or so we thought) the solution came with an export function. Problem solved! Not quite, the export only allowed 8000 records to be exported at a time, if you tried more it failed and produced nothing. In the end they needed to work with the vendor to create a new extract that would send each night, but they then needed to collate and prepare the data further - all adding cost and extra expertise they didn't have. In another situation we worked with a client that was looking to use an online solution to run their business, it functionally matched their needs, however tucked away in the contact was a clause that boiled down to "the vendor can use the data put into the system to create meta-analysis reports on the population entered and sell that report if they wish". What you can do about it?
Conclusion Online software is a fantastic evolution of computing and enables businesses to reduce overhead, costs and to pivot to meet or beat market expectations. However, whilst they often present as an operational cost the decision needs to be treated as an investment decision and everything that goes with that sort of decision:
Treat the decision that way, consider the risks we've outlined and you'll have the best chance of getting the value and benefit from your software selections. SITUATION:
A private specialist medical practice in Auckland contacted Independent IT consulting seeking advice on IT solutions. At the time the practice was two years old, was accommodated in a private hospital and was using that organisation’s technology facilities. They had grown to the stage that they required their own premises and, while they recognised that this required their own information technology and communication facilities, they had no idea what that involved or where to start. Having seen Independent IT Consulting’s website, they contacted us and requested information and upon receipt if that, requested that we submit a proposal. What was important to the practice was that the advice they received was well informed but also, independent and vendor / product agnostic. PROPOSAL: The Independent IT Consulting proposal was simple in that it comprised up to three potential modules of service offering, each one dependent on the previous. The first proposed piece of work was the Discovery phase. This entailed extensive discussions with all practice stakeholders, owners, managers, administrators and users to identify what the current situation was in terms of business, technology deployed and used as well as what was required in short, medium and long term. We proposed that the outcome of the Discovery would be a document that detailed their current situation, objectives and made appropriate recommendations for actions to be taken. Our proposal was accepted, and Independent IT Consulting progressed with a number of meetings, onsite and remotely. ACTIONS:
OUTCOMES:
The Practice management were particularly pleased in that, through Independent IT Consulting, what had been perceived as a hugely complex and difficult task, became simple, pain free and easy. Whether or not you think there is value in taking independent IT advice depends on what you are doing and what you want to achieve but, basically, the answer is a big fat yes.
Information Technology, possibly more than any other business capability, can be the key to long term business success or a reason for (completely unnecessary) business strangulation. By way of comparison, if you were considering how appropriate your current car or business fleet was and you went onto, say, a Toyota yard or website – what advice do you think you might get? Dollars to donuts you would be steered toward a decision that favoured Toyota. Not that I have anything against Toyota and, let’s face it, from their perspective, it makes sense to guide you to their cash register. And so it is with Information Technology. An excellent example of this was Independent IT Consulting’s first client. The organisation (let’s call them Acme) approached us wanting to understand if they were getting dollar and service value for their IT spend, which had been with the same managed services provider for over ten years. During the Discovery Phase, we questioned their supplier’s recommendation that they purchase a new Server and build a new Server room to accommodate it on site. Long story short (and sweet): The didn’t need a new server at all and certainly not a new server room. So, before we even got to the second phase of our service, the organisation had saved themselves somewhere North of $46,000. Now, you can’t blame the managed services company representative for recommending spending money with them but – and here’s the pointy bit – it was in their interests, not Acme’s. So, back to the original question: Is there value in independent IT advice? Absolutely there is! For more information and illuminating examples of how valuable independent IT advice can be when considering IT solutions and IT services, contact us. Well, maybe not the whole business but you're definitely going to take a hit, which could be critical if you aren’t prepared for it. All around New Zealand businesses are being affected in different ways by different threats to their IT which in turn has a direct flow on to their business.
We’ve been talking to people around the Waikato, vendors and insurance brokers and have heard some horror stories. Like the engineering firm being hit by a Cryptolocker virus demanding a ransom, locking them out of their own IT files – in the end costing close to $20,000 to get it sorted and in lost income. Or the trading website being hit by a targeted DDOS attack, crippling their site, meaning their customers could not trade. After significant effort, they were able to address it and put in measures to negate/mitigate that and future attacks. Of course only after $500,000 in lost profits and remedial costs. Going further abroad, what about the company whose failed back up that ended up costing them $5.8 million. Their core system and switched to the failover system, that’s great, however, the backup had failed too, losing them 72 hours of orders, mailings and collections. The risks around IT and the impacts continue to grow day-to-day as business become more and more reliant on technology. Every process we put into a computer system, those spreadsheets, those IT programmes become a part of our business and its ability to run. How do avoid this risk? Do we stop putting things into computer systems, stop connecting our machinery to software that makes it run more efficiently? Go back to pen and paper? Well no, the old pen and paper had its own risks (WINZ documents littering central Auckland anyone?) and definitely some problems with scale and accuracy. No, we need to look at how we are using technology, understand each use and its risk profile. What do we mean by risk profile? Well, each time you make use of a new piece of technology, that technology and the way you use it defines the risk you now have in its continued use. Let’s take an example of a smartphone. Pretty common, pretty useful too! Some would say the most significant invention of the last 18-20 years (let's not start BlackBerry vs Apple…who created the smartphone first). You give these to your staff, great, now you can talk to them when you need to. Out on the job? No problem, ring-ring! Now you think, wouldn’t it be great if I could email them? Super! Let’s turn that feature on. Oh wait, your team lead left their phone on a site or in a meeting room. Was the phone locked? Can anyone see those emails? Now, someone you don’t know, your competitor say, can now see that spreadsheet you sent to good-old-bob with the costs and margins your running! Or your employee starts using the phone for things they maybe shouldn’t. Uh-oh! A virus gets back to your email server. Your handy phone just took out your communications for the next 48 hours while the IT staff frantically clear out the trojan horse virus running around your network. Sound unlikely, not so much, Waikato DHB’s IT systems were attacked by a similar process (a USB drive with the virus on it plugged into a computer on their network), weeks later they finally evicted the virus. Or, what if it's not about a person doing something wrong or accidentally, there's just plain old wear and tear that can take out a whole hospitals system. Just recently another DHB (sounds like I’m picking on hospitals, honest I’m not, you might say it reflects the underinvestment in technology – don’t get me started on that!) had a fire in their server room. They ended up running on paper for weeks. Every time an IT risk is realised it has a financial impact on your business, sometimes small, sometimes significant! So how do you establish your IT risk profile? Here are a few questions you can ask yourself to do a self-assessment:
Call us for a free initial consultation about your business and technology or just to talk. |
Archives
June 2023
Categories |