Business Continuity And The SMB
November 28, 2008
As SMB’s, we are often the worst at implementing disaster recovery and business continuity plans.
Even if we ensure that we back up all data on the servers (and test it!)
Think of the following scenarios;
* a gas pipe is ruptured outside your facility, no access to the building for several days
* A minor fire in a building electrical room, again several days before people are allowed back in the building.
* A burst water main on the street.
These are not major disasters like the wildfires in California, or tornado damage.
But the end result is the same. You are out of your space for days.
Can your business keep running?
This article at smallbiztechnology.com lists 5 mistakes to avoid in disaster preparedness.
Have you thought about the number 1 mistake?
Put it off until tomorrow
Photo Credit D. Bjorn
You can subscribe to this blog by clicking the RSS icon on the Home Page!
ITIL Configuration Items (CI’s) and The SME Part 2
November 27, 2008
In the first post on CI’s (Configuration Items) I mentioned that you must give some thought to how granular you want your CI’s to be. I broke this post into two parts because it is complex and a definite information overload.
Because the more granular you choose your CI’s to be, the more complex managing the environment becomes.
The degree of detail used to describe each CI and its relationships to other CI’s can grow very quickly.
Not An Inventory
Configuration Management is not simply an inventory that you have of hardware and software.
An example I have used on this blog is receiving e-mail on your mobile device. To receive that e-mail many servers, devices, routers etc all must work together to ensure it works.
I also mentioned that I have used less granularity at edge of the network, with more towards the core. This is usually backwards for a larger organization.
Why?
In a larger organization, having very granular details on all workstations and laptops (the edge) can pay dividends several ways as your management tools can identify;
* exact hardware and software specifications – ie you are upgrading to a new program version, which machines are too old or don’t have enough RAM for the new version?
* Support teams have the ability to reduce troubleshooting time (and cost) when calls reach the service desk
So in these scenario’s we have identified issues or solved problems without having to physically visit or touch the device.
As I have worked with strong technology focused organizations, I don’t worry to much about personal computers or notebooks. (software developers change them just about every day as it is!)
And something as simple as a software developer installing an open source piece of software code, changes your CI.
So for these devices I keep it simple, I document my asset number (inexpensive asset tags can be obtained, one example is here), make, model, serial number, support agreements, contracts etc.
The core on the other hand, are the servers, routers, firewalls and other plumbing devices of the network.
On those devices I maintain a very high level of granularity. This lets me answer any detailed question regarding the configuration, specification or capability of these devices.
The CMDB
Large organizations can purchase tools and have full relational database systems that provide this map of all CI’s and the relationships among them.
I was lucky enough to have one of those tools at a previous employer (we made it!) but I have used simple tools such as Microsoft Sharepoint to good effect.
They key takeaway is to define the level that makes sense for your organization.
You can subscribe to this blog by clicking the RSS icon on the Home Page!
Analyze And Act
November 26, 2008
In an article titled; Ideas For Difficult Times, Del Chatterson states it bluntly;
..Be focused, be flexible, and be creative.
Analyze, decide, and take action. You and your business will be better for it.
Even here in Canada The OECD is now stating that Canada is, or will be joining the US in the recessionary figures dance.
In the SMB space, it can be downright gloomy just looking around.
As dark as the economy is, this can be the time to be thorough and evaluate everything in your business.
Your Market
Your market. Is there a new one, or improvements that can be made to the old?
Your Customer
Your customer touch points. Can we make it easier to talk with our customers?
I have touched on those same topics in several posts. As a Business Technology Manager I try to look at what can be done to improve the retention of existing, or acquisition of new customers.
I read a print article this week about a large ticket independent retailer that was staying in the black by aggressively pursuing an after sales service strategy.
Does your business model support that idea?
Maybe you install furnaces. Do wait for them to call you?
Or are you aggressively calling them for maintenance work?
Look at this organization, crucial.com. A commodity industry if ever there was one. They sell computer memory upgrades for your computer. But look at the web site.
Brilliant.
You run that little tool and it will show you how much memory your computer already has, and what type of memory that you can purchase for your particular model.
If you manufacture a serialized product; could that serial number present a customer a diagram, photograph, or schematic, with add ons or upgrades available?
Cutting costs is one thing.
Looking at how you sell, to whom you sell, and how easy you are to purchase from can raise the other side of the coin.
Revenue.
You can subscribe to this blog by clicking the RSS icon on the Home Page!
SMB’s and Database Security
November 25, 2008
As a manager in the SMB space, maybe you use an accounting package such as Great Plains, maybe you use a manufacturing package, compensation package, or resource planning package.
You are familiar with the login screen that you type in your user name and password to access thae functionality of the appliaction.
But all of those applications utilize a database engine that stores the data in those tools.
Guess What
Those database engines have their own login ID’s and passwords. Not related to your program in any way.
Do you know what they are? Do you know who has access to them?
Because access to these acounts is access to all data in that financial package or manufacturing tool.
Yes – that includes the sensitive stuff.
Yes – that also includes deleting stuff.
As this article by John Hazard at eWeek states;
The survey recounts the DBAs’ concern over users with too much power to alter the data and upset the applecart.
*Sixty percent of respondents said they are powerless to prevent users from reading or tampering with sensitive information in financial, HR or other business applications.
*Thirty-one percent said users can bypass applications and gain access to application data in the database directly using ad hoc tools.
*Thirty-nine percent said they don’t have the monitoring capability to even know when such an event occurs. Another 25 percent couldn’t answer the question.
It could be relatively minor, (what is Jane’s commission cheque going to be?) or it could be major. 2.5 Million major.
And that can include default passwords that people forget to change.
Benefits, Not Features
November 24, 2008
Planning an IT purchase is not the same as planning to buy a car.
All the features available on a luxury car are useless, if the benefit you require is to push a snow plow through 3 feet of snow.
So when that tech vendor starts describing all the features. Ask what the benefits are.
It goes without saying, you need to know the benefits that you are looking for.
If you don’t know where you are going, any road will get you there.
Wrong Way
You can subscribe to this blog by clicking the RSS icon on the Home Page!
Getting Rid of the Rules
November 20, 2008
An excellent post by Mike Moran on his Biznology blog titled; Losing the Web Standards War? Tools, Not Rules
…What each of these techniques have in common is that they make following the rules easier than ignoring them
I actually read that post a few months ago, printed it and stuck it on my wall.
The same advice works in many places in the small business / medium business space.
Because as Mike elaborates, it may be a policy, a guideline, a process, a procedure; basically any method that we use to provide a framework for getting work done, or to use as a tool to improve consistency and reduce training costs.
In the SMB space, the harder we make it to screw up. The less screw ups we have to fix.
You can subscribe to this blog by clicking the RSS icon on the Home Page!
You Don’t Take Me Seriously
November 19, 2008
I know you don’t!
You are flying out Monday to meet Rick and his team, I know that you worked on that financial report on me all weekend. But you don’t know that my hard drive has about two more boot ups before it dies. Whether that second boot up happens on the airplane or his office, well, you won’t know until it happens.
What will you do then?
I want you to take me seriously!
Your presentation looks great! Really! you should knock the socks off that prospect.
Oh, I forgot to tell you, we little USB thumb drives are pretty small, and, well, when you went to pay for that no foam, low fat latte, I fell out of your pocket.
Hope you have a plan B!
You never take me seriously anymore!
So I’m old am I? It took you just a few minutes to transfer all your sensitive information from me to that fancy new phone! It was a piece of cake.
I hope you know that the chap on e-Bay that you sold me too likes me. He says you left a copy of all that sensitive info still on me. Not sure what it means, but he said something like pwned.
Is that bad?
Thanks to Rebecca Jestice who provided the seed for this post 
You can subscribe to this blog by clicking the RSS icon on the Home Page!
Dancing In The Dragons Den
November 18, 2008
Here in the Great White North there is a CBC Show on the Telly called the Dragons Den .
Speed Dating, VC Style
In the show, budding entrepreneurs have a few minutes to use their elevator pitch and hawk their product or service to a panel of five of Canada’s most successful entrepreneurial business men and women (ergo, wealthy businessmen and women!) in an attempt to snag some investment cash.
In an episode that aired last night, I found one item that struck a note with some things that I have written on this blog; Being flexible, forget the long jump, and learn to dance.
Step. Evaluate. Step again.
Two groups of the entrepreneurs on that episode had existing products. Both products had revenue, and both products definitely piqued the interest of these investment Dragons.
However, both pitches were looking at migrating away from that core product competency. One pitch was into other unrelated products, the second was into a retail scenario for the existing product.
The Long Jump
When pressed about the core competency vs. the unrelated product, the first group of these entrepreneurs buckled down stating that their long jump approach was the way it had to be. They left empty handed.
Learning To Dance
The second entrepreneur, also when pressed about the core competency vs. a retail scenario was willing to re-evaluate. As such he snagged a possible commitment for cash pending further discussions on the market and the core product competency.
It is even more critical with this current economic climate, that we as small / medium business managers not have any sacred cows. We must be flexible. We must evaluate and re-evaluate each and every detail of our businesses.
Learn to dance. What worked last year, may not work this year. What was not done last year, may work next year.
PS: I confess to not being much of a television watcher, so my thanks to Rick Spence at Canadian Entrepreneur for tuning me in.
You can subscribe to this blog by clicking the RSS icon on the Home Page!
Eating Crow & Giants Dancing
November 14, 2008
In my region, there was a large Telco incumbent in the ISP space.
Their customer service was legendary. And not in a good sense.
There was also a small, local ISP that ran rings about that incumbent in every metric.
I recommended this small ISP for years.
Tempus Fugit
The small ISP was bought out by a competive Telco.
And over the years, the original large Telco learned to dance.
While the nimble local one took the giants place in customer service.
And it was setting up my dear Mother that led me to recommend the change. I recomended that local ISP, yet 2 months of constant calls could not get a problem fixed.
Screwed Up IT, Or Scam?
November 13, 2008
You tell me!
Sitting at home this evening and the phone rings. I pick up the receiver and hear the dreaded click of a forced call (i.e. telemarketer)
But then I hear a robo-call voice telling that the warranty on my car is expiring. And that this call would be the last time they would warn me about this.
Now, at no time did robo-voice state what brand or manufacturer they were calling for or representing!
Digression
Yes, I am a business tech chap, but second; I am a major car fan, and third, I work for a very small supplier to the automotive industry.
So I am a pretty ‘automotive savvy’ individual. I am very aware of vehicles and their warranties etc. My wife has a 2005 Smart Cabrio that is well over the warranty, my 2006 Mercedes is well over the standard warranty and approaching the end of the maximum extended warranty that Mercedes Benz sells, and our little Nissan is barely a year old. Well within its warranty period.
The finale
So, at the end of the recording, robo-voice said I could press ‘1′ to speak to a representative.
So what the hell, I was curious enough to press ‘1′
I confess I was looking forward to a little Q&A with whomever made this call.
Unfortunately, after a few clicks and beeps, the line went dead.
My curiosity will go unrequited.
Because this call was wrong on so many levels.
UPDATE: It is a scam
