Recently I was asked a question by a potential new client that surprised me, “What are some common mistakes you see businesses making when it comes to technology?” What a great question to ask!
Here are a few that we see often:
- Not Planning for Future Expenses
While going cloud based can reduce large capital expenses, many companies still have servers, most have desktop computers, and all have firewalls. As they age, they can impact employee productivity, fall out of warranty, and may no longer support newer operating systems or security features. Just like any business asset with a limited lifespan, owners should be budgeting to replace them when the time comes.
2. Not Taking IT Security Seriously
IT Security truly is a tug of war between cost and benefit. There are several things that most business owners know they need, like a firewall and anti-virus. However, in this new normal where hacking businesses is big business in itself, we need to take a more layered and deeper approach. There are products that can go well over $100/month per employee that do a great job but even those can’t offer guaranteed security. It’s all about the type of data that is kept, how big of a target your industry is, the legal requirements you may have, your risk tolerance, and how much you can spend to defend yourself. For most small business, we recommend a few low cost but high value services.
The best bang for the buck is training for employees. They learn how to be safer online, what to look out for including new threats and tactics, and regular updates keeps what they learn front of mind.
Having a third-party security audit is another high value way to greatly improve security. Many IT service providers offer security audits and are often cheaper than using a security only firm. However, I truly believe you will get more value and a more honest assessment from a third-party firm. They can be expensive depending on the size of an organization, but they are usually only needed once a year.
Using a next generation security appliance instead of a basic firewall is another cost-effective approach that significantly improves security. They are regularly updated to recognize new attacks and work at the networks edge, where the risks are highest. They also notify if they detect a potential breach and have logging to see what may have been compromised.
Keeping operating systems and software patched is paramount to a secure environment. While letting applications auto update is a good solution for a few computers, larger companies should have a managed patch solution. It should be able to hold back patches that may cause issues, track what patches have been deployed, and warn if computers fall out of compliance. This often happens with computers that are only used occasionally like conference room computers and laptops. All it takes is one unpatched machine inside the network to leave a door open to a hacker and his tools.
While not something I claim to know much about or even sell, cyber liability insurance is a no-brainer. Eventually, every company will have some type of security incident. The cost of recovering from it can be disastrous. Cyber liability insurance can cover the cost of notification if data is breached, research and mitigation of the breach, and cover lost revenue. Talk to your insurance broker and make sure you have coverage that meets your risk tolerance.
3. Not Improving Employees Work Environments
The cost of setting your employees up to succeed and be productive is almost always recouped fast. Offer them training for Microsoft Office applications and other tools you use in your business. Give them multiple monitors. Don’t skimp on performance when buying new computers. If you help an employee be 15 minutes more productive per day and you have 20 employees, that’s 1300 potential hours a year of added productivity. By the way, one additional monitor can save 15 minutes a day.
4. Making Business Decisions Based On Advertisements & Trade Group Recommendations
Many advertisements, about cloud for example, tout cost saving. Very rarely does a cloud based solution cost less over time than an on-premise solution, especially if servers are still needed for other things like a line of business application, file storage, or user security management. This doesn’t mean that cloud is a bad choice, only that every situation needs to be evaluated and it isn’t always the best choice. Trade groups often offer advice and recommendations, but some are purely due to a vendor becoming an associate member of the group. To know if it’s a good solution for your business requires thoroughly evaluating it before making a decision. Just because they recommend it and another company that happens to be very successful uses it, doesn’t mean it’s the end all solution for your particular situation. Always ask questions, talk to multiple other companies that use it, and evaluate other solutions alongside it.
These are just some of the top things we see. If there are other common mistakes you see or if you have any questions about the things we covered here, I’d love to hear from you. Email me at bm*****@Ab****.net or call at (856) 266-9740 x101.