STRATEGIC THINKING FOR YOUR BUSINESS
SUMMER 2015
KEEPING IT FIT
Nigel Brooks, Dean Foreman & Carl Chapman
4
11
WELCOME... ...TO YOUR QUARTERLY MAGAZINE BUSINESS TALK Welcome to the summer issue of Business Talk from Capital Support. With technology seemingly evolving faster and faster and every modern business relying on IT systems and software to operate efficiently and effectively, making sure that everything is kept up to date can’t be ignored or pushed to one side. In this issue we examine the key elements that need to be considered and highlight some of the pitfalls that businesses can fall into if they don’t keep on top of their technology. We shed light on the benefits of properly maintaining your IT as well as look at the options of upgrading to a cloud solution, sticking with an ‘on premise’
PAGE 2
approach, or using a hybrid of the two. Finally, I would like to flag up the issue of Microsoft’s Windows Server 2003 operating system which will no longer be supported by Microsoft after 14th July 2015, and the urgent need to migrate to an alternative solution if required. See page 14 for more on this. As always, I hope you find the articles interesting and useful.
14
Best wishes Nigel Brooks Managing Partner Dean Foreman Managing Partner Carl Chapman Chief Operating Officer
Call 020 7458 1250 or go online at www.capitalsupport.com
KEEPING IT FIT
Keeping your business IT fit
page 4
Dispelling the myths
page 8
Stategic choices
page 11
14th July 2015: Why it is so important
page 14
Call 020 7458 1250 or go online at www.capitalsupport.com
PAGE 3
KEEPING YOUR BUSINESS IT FIT You depend on computer technology to access and process all the information your company needs to function and you know that your computers and mobile devices are vital to the success of your business. But what can you do to maintain your IT systems at their best? Regular updates and system health checks can help you avoid problems and work more efficiently. THE MOST IMPORTANT part of maintaining any IT system is the human element, so having good policies and procedures for performing updates and maintaining security is essential. When everyone follows best practices, your organisation will experience fewer system problems and an overall efficiency boost. Here are some of the key areas you need to consider:
Security Keeping your business systems and software up to date is an important piece of your data security puzzle. Service packs and patches must be updated on an on-going basis and should be part of your regular IT infrastructure security plan. This plan needs to include installing updates, implementing upgrades, and auditing and testing all changes. According to experts, in 80 per cent of cases where outside hackers gained access to a system, it was due to a known software or network flaw. Keeping applications and operating systems up to date can prevent the majority of these problems and go a long way to protecting your data. Installing and maintaining top rated anti-virus software adds another layer of protection. There are many available on the market and your IT
PAGE 4
provider is best placed to advise on the one that is simple to update and won’t hamper your workflow.
Compliance If your company handles sensitive information, such as financial records or personal health data, you may face special data regulations. Make sure your IT provider understands any changing regulatory requirements and use the latest tools to stay in compliance. For instance, software designed to detect data leakage can provide an extra layer of security for sensitive information. This type of program monitors your network’s outgoing communications and if it finds traffic that matches a certain pattern it will trigger an alert. You can set the program to monitor for credit card numbers or other types of information that would be a red flag.
Features and functions Using the latest software on your computers and mobile devices can increase your efficiency, as new features are being added all the time. If you are a Windows user, the upcoming Windows 10 promises a voice-operated personal assistant and a way to suggest new tools and apps that will increase your productivity. And mobile phones and tablets >>
Call 020 7458 1250 or go online at www.capitalsupport.com
Call 020 7458 1250 or go online at www.capitalsupport.com
PAGE 5
“In 80 per cent of cases where outside hackers gained access to a system, it was due to a known software or network flaw.”
Here are some indications as to when it may be time to look at doing a more wholesale upgrade to your business IT system. l Your business is growing. It may be that you’re employing more people, developing new products and services, or expanding into new premises. l You’re having constant problems.
>>
are becoming smarter with each new generation of the software. Having the latest version of software applications becomes very important if you need to share information outside of your company. File formats can change slightly and sometimes files created in different versions of the same application are not compatible. If you’re using the latest, you get all the best new features and also the ease of sharing with other organisations.
Software licensing In the past, most software was a one-time purchase. You installed it on one machine and then bought an upgrade when the next version came out. Today, many companies such as Adobe and Microsoft have moved to monthly subscriptions instead of a fixed license. Many licenses are also now user-based rather than
PAGE 6
tied to a specific computer or device, so you can get to the applications you need from wherever you are. There are programs that can help track all your various software licenses. Knowing how many copies of a program you have and how many people on your team are using it can help you plan for future needs, such as company expansion. For all types of licensing, it is important to keep your software up to date and to install new versions when they come out. Sometimes it’s wise to be a little conservative and wait a bit until any bugs are fixed or until your IT provider has a chance to test updates and make sure everything works together. However, don’t put off an update for too long or you may leave your IT system open to security vulnerabilities.
Call 020 7458 1250 or go online at www.capitalsupport.com
Mobile devices Your mobile devices should be running the latest operating systems to prevent hackers from exploiting known issues. The data on your smartphones, tablets, and laptops should be digitally encrypted to provide extra security in case of loss or theft. And it’s worth keeping any downloadable apps up to date otherwise, at some stage, they could become unusable. Keeping your IT systems up to date means you get the best performance and the latest features, while maintaining a high level of system security. If you are unsure whether you already have procedures in place to make sure this happens, work with your IT provider to implement good practices and educate your employees. Your company will then reap the benefits.
Call 020 7458 1250 or go online at www.capitalsupport.com
For instance your system crashes regularly or your computers can’t manage basic software upgrades which impact on productivity. l You’re re-organising. If you’re re-organising the structure of your company then it could well be an ideal time to also look at how the latest technology could support your new organisation. l Your system has evolved.
Understandably, if your business has grown and your IT has developed piecemeal then it’s likely you will get to a stage where the overall system no longer works as efficiently as it should.
Unsure whether your IT system is up to date and fit for purpose? Call to arrange for a free assessment.
PAGE 7
DISPELLING THE MYTHS
You may understand it’s important to keep your IT up to date but concerns or lack of information can often impede investing in timely upgrades. With technology continually changing and always evolving, upgrading your IT may appear daunting and confusing.
At the same time, the learning curve can be steep and these concerns often keep businesses from planning for IT upgrades. Most businesses put off upgrading their IT for one or other of the following common reasons, but the rationale behind these often don’t stack up.
Myth 1: Cost
IT upgrades should be seen as a financial investment for your business. These decisions may take time and research due to the significant costs involved. The cost alone often deters businesses from making upgrades until it’s absolutely necessary. The downside to waiting until it’s absolutely necessary is implementation may take longer and can be more expensive. It’s better to invest in your business during the growth phase and before systems break or quality is impacted. However, don’t be pressured to make a hasty decision but once you’ve decided on the best solution, don’t let cost keep you from keeping your systems up to date.
PAGE 8
Call 020 7458 1250 or go online at www.capitalsupport.com
Call 020 7458 1250 or go online at www.capitalsupport.com
Myth 2: Downtime
Another common concern is the downtime associated with implementing new or upgrading existing IT systems. Implementing IT upgrades may take a few minutes, a few hours, or a full weekend or longer depending on the updates and scale of the activity. This could mean your customers don’t have access to your product or services, or employees are left without access to tools which allow them to do their job. Downtime can therefore equal less productivity or a pause in business altogether. The good news is, downtime can be planned so that its impact on your business is kept to a minimum. If you do experience downtime for a couple hours or a couple days, the results of faster, better, and more secure IT systems are worth it.
Myth 3: Confusion
Many avoid IT upgrades out of confusion. Are upgrades necessary? What actions are needed to upgrade your current system? Open questions and confusion can render businesses motionless and make it easy to avoid making essential upgrade decisions.
>>
PAGE 9
>>
Keep up to date on IT upgrades by paying attention to warning messages, alerts or emails from your systems and applications. Take advice from your IT support provider if you’re unsure about anything or what to do.
Myth 4: Unclear ROI
Since cost is an important factor, return on investment is important for businesses to consider. Though educated guesses on ROI can be made, in some situations it’s impossible to calculate an exact ROI. It may take months or years to see results or it’s simply not practical to assess the benefits. Consider IT upgrades with the understanding that results may be immediate or sometimes it may take months. But don’t let this deter you from the larger picture of how upgrades will help improve service and grow your business over time.
Case study: Business transformed through IT upgrade An industrial drying equipment manufacturer was suffering from outdated IT due to prolonged oversight of their system upgrades. The knock on effect was a slow and unreliable network that started to seriously impact on the use of key business applications and productivity. After discussing the future strategy of the business and conducting a comprehensive technology audit, it was decided to upgrade key elements of the overall IT infrastructure. This included replacing aging PCs with new, and upgrading workstations to an acceptable specification with the latest software. Secure remote working and collaboration tools were also part of the integrated upgrade.
It’s normal to have concerns when considering IT upgrades but don’t allow yourself to delay because of costs, confusion or downtime. Get your questions answered and keep up to date with advances in technology. Your business and your people deserve the best if they are to succeed.
The result has transformed a business that was struggling to operate efficiently to one that is better placed to grow and compete more effectively within its markets, whilst improving productivity and raising employee morale at the same time.
PAGE 10
Call 020 7458 1250 or go online at www.capitalsupport.com
STRATEGIC CHOICES In the past, keeping a business IT system up to date was simpler. Whoever looked after your IT installed the latest patch or update on the server and pushed those updates out to networked machines. Or if you were a really small operation, one person went from machine to machine implementing the latest upgrades.
T
ODAY, SO CALLED ‘virtual machines’ and cloud technologies have become mainstream and are impacting the workplace more and more. Studies show that by the end of 2015, 70 per cent of offices will be using server virtualisation, resulting in greater hardware utilisation and lower costs. And what business doesn’t have at least some of its data in the cloud? While these new technologies offer advantages in terms of efficiency and reliability, they
Call 020 7458 1250 or go online at www.capitalsupport.com
also present security challenges that must be overcome. Here’s what you can do to keep your systems up to date and well protected.
Working with virtual machines
Virtual systems have the advantage of greater stability and more up time. The process of virtualisation for businesses involves consolidating multiple servers into a more powerful virtual machine distributed across a network. Virtual machines offer flexibility and other advantages that can’t be matched by a
PAGE 11
By the end of 2015 70% of offices will be using server virtualisation
Reputable cloud service providers provide 24/7 monitoring and security updates
82% of malware tracked is now capable of running on virtual machines
>>
physical computer. They make excellent testing grounds for performing trial software runs and predicting how variables will interact without putting your data at risk. But virtual machines have security issues just like real ones. Because components of virtual machines can be spread out, hackers may find it easier to target a vulnerable point. In the past, anti-virus and anti-malware programs were difficult to run on virtual machines because of these shared resources. IT security firm Symantec’s Threats to virtual environments report published recently states that 82 per cent of the malware it tracks is now capable of running on virtual machines. This means that implementing sophisticated, proactive malware protection that is kept up
PAGE 12
Firewalls are crucial to spot vulnerabilities and detect intrusion attempts
to date is vitally important if all the benefits of virtualisation are to be reaped.
as credit card payments should always be encrypted.
Protecting cloud data
Maintaining cloud security requires many of the same tools and procedures as maintaining an in-house system. Application firewalls are crucial, as are systems designed to spot vulnerabilities and detect intrusion attempts. The biggest advantage for small companies is that you don’t have to worry about meeting these demands. Reputable cloud service providers will provide 24/7 monitoring and security updates at their end.
Data is the most important component of many modern companies and corporate users are understandably nervous about moving to cloud computing and cloud storage. But the increasingly global nature of business and the push for efficiency and convenience are driving ever-higher rates of cloud adoption. As stories of hackers stealing thousands of identities and credit cards become almost commonplace, what precautions need to be taken to prevent data loss and security breaches? At the very least, incoming or outgoing data sent to the cloud should use secure protocols and sensitive data such
Call 020 7458 1250 or go online at www.capitalsupport.com
Protecting against cloud data loss is a separate issue entirely. Many companies decide to keep in-house backups of their most crucial data, while others choose cross-cloud backups so that if one cloud fails another is still operating.
Call 020 7458 1250 or go online at www.capitalsupport.com
Remember that if you keep data files locally, you’ll need to implement good security measures and keep them up to date, or all the protection of the cloud is pointless. However you choose to build your systems, whether physical, virtual, or a hybrid mix, the most important precaution to keeping your IT system strong is to ensure all necessary upgrades are carried out and to have a good disaster recovery plan. This means testing backup and restoration procedures regularly. Try deleting a few non-essential files from your live server environment and test how easy it is to get them back. Mimic what would happen if a virtual machine were wiped out by a security hack. Testing to make sure that systems are up to date and resilient can put a business owner’s mind at ease.
PAGE 13
THE NEXT STEPS
A recommended 4-step approach to preparing for Windows Server 2003/R2 end of life is as follows:
14 JULY 2015 WHY IT IS SO IMPORTANT... H
IDDEN AWAY from view is your organisation’s server – the hub of your business’s IT infrastructure. And probably the most popular operating system for servers used by businesses large and small is Microsoft’s Window Server 2003. However, from the 14th July 2015 this operating system, used by over 10 million companies worldwide, reaches its ‘end of life’. What does ‘end of life’ mean? Simply, it means there will be no more patches or updates from Microsoft. Think of it like owning an obsolete car. It might still be a perfectly good car that runs well, but because there are no new ones being made there is potential for big problems in the future because there are no new parts available. In the case of Windows Server 2003/R2, Microsoft will cease supporting the old technology, and if there are any future security or stability issues, your data will be vulnerable. Yet, a recent survey from IT social network Spiceworks has found that 61 percent
PAGE 14
Step 1: Discover – assess what software
and workloads are on the server. Having a good understanding of where processes and programs are located is crucial before moving forward. This is best completed by your IT provider.
Step 2: Assess – review the findings from Step 1 and categorise the applications and workloads into one of the following: type of application, criticality, complexity, risk, and infrastructure type. This should reveal any potential issues or opportunities and help establish a priority for migration. Anything deemed ‘critical’, for example, should be high priority.
of businesses were still using Windows Server 2003/R2 just a few months before Microsoft pulls the plug on support.
Step 3: Target – again, working with your IT provider, decide the best fit for the business, whether cloud-based, onpremise, or a hybrid option, and what type of technology is going to support that infrastructure. Finding the best end result is going to be a factor of speed, ease of migration, desired functionality and cost.
Urgency and opportunity Any business operating Windows Server 2003/RS needs to make migration to a new solution a priority if they are not to put at risk their data and IT security. It’s simply too critical to just turn a blind eye.
Step 4: Migrate – finally, after establishing
what is running on Windows Server 2003/ R2 (the priority of each process and program and where it’s going to go) it’s time to migrate to the new destination.
Upgrading your Windows Server 2003/R2 brings with it the opportunity to review your IT needs and consider options that could bring about a step change improvement to the way you work and how your business performs – whilst also potentially reducing costs in the longer term.
If you haven’t already established whether you use Windows Server 2003/R2, then it is strongly advised that you take action now. The potential to lose your company data is too high to contemplate and trying to ‘muddle through’ is almost certainly something that will come back to haunt you.
Broadly, as covered in the previous article, the main options are to replace with another ‘onpremise’ server solution, potentially taking advantage of virtualisation, or move to the cloud, or do a mix of each.
Call 020 7458 1250 or go online at www.capitalsupport.com
Contact us for a free consultation about migrating from Windows Server 2003/R2.
Call 020 7458 1250 or go online at www.capitalsupport.com
PAGE 15
Finance sector firms are amongst the most prized targets for cyber criminals. Are you confident that your IT systems are protected from attack?
INTEGRATED CYBERSECURITY Capital Support has launched a suite of IT security services that will prevent unauthorised access whilst protecting clients against attacks such as CrytoLocker, phishing emails, and other threats that were highlighted during the recent US SEC Cybersecurity Risk Alert.
PROTECT YOUR BUSINESS 020 7458 1250 info@capitalsupport.com www.capitalsupport.com