by Randy Fougere
Junk email, or SPAM, is a source of irritation for anyone with a clogged inbox. Even worse, user-level email management kills employee productivity, and poorly tended mailboxes are a popular vector for security threats. If you crunch the numbers, businesses can squander tens of thousands of dollars annually to lost productivity, while malware lurks in unfiltered junk mail.
Most companies don’t realize how much productivity is lost from employees filtering through junk mail every day. With a business-critical mail system, inefficient email management costs time, money, and is potentially dangerous. Most organizations don’t have formalized training or policies in place on how to properly use email. Meanwhile, users and IT staff are reliant on the marginal SPAM filters and junk mail settings that come with popular email clients.
Lost Time and Increased Risk
A lack of sophisticated SPAM-filtering combined with insufficient training in email management leads to a lot of wasted hours. If users spend just 10 minutes a day reviewing unwanted messages, it adds up to nearly a full week of lost productivity in a year. Multiply that time by the number of employees and it adds up to a hefty hidden expense that most executives never think about. Research released last year by Menlo Park, a California-based staffing firm found that 17% of the time people spend at work is wasted on email.
More significant are the security ramifications. Often, SPAM tries to get employees to open malicious attachments to spread viruses and malware, or click on links that are part of a phishing campaign. Research released in early 2016 from Mimecast found that 64% of IT security professionals rate email as a major cyber security threat to the enterprise, and 65% believe they are unprepared or don’t have the tools to counter such threats.
The cyber threats may not even be obvious. Often, malware via an attachment can lurk in a network for months, gaining increased levels of access and steadily leaking proprietary corporate information.
Be a Better Email Manager
Even without the SPAM, tending to email for some can be like drinking from a fire hose, but there are ways to reduce the deluge, and the amount of time wasted in the inbox.
- Send less email: When you send an email, there’s a good chance you’re looking to get a reply. And if you like to “cc” other people to keep them in the loop, that increases the chance of more replies. Part of effective email usage is realizing you don’t have to respond to everything.
- The quick minute reply rule: If you can reply to an email in a minute, then do so and file it. Otherwise, the replies you need to send add up, which can create a marathon of email management sessions.
- Schedule your inbox time: The “e” in email is for “electronic,” not “emergency.” Distraction is a productivity killer. If your email client is open and sending notifications as each new message arrives, it will be hard to focus on work. Only open up your email at scheduled intervals to devote time to proper email management.
- Know your email client: Whether it’s Microsoft Outlook or Gmail, there are features and tools to help you organize email and understand what’s SPAM. Your IT department will likely have a cheat sheet available, and there are a number of good online tutorials to refer to.
- Pause before you click: Take a good look at where the email is coming from. Do you have an account with that bank? Would Netflix be emailing you at work to update your payment method? Why is Bob from accounting sending you a zip file?
- Follow the rules: If your IT department has deployed technology to secure email, don’t fiddle with it or interrupt when it’s conducting an update.
For employees wanting to get a handle on their inbox and not wanting to be the cause of a security breach, it’s ultimately about establishing good habits and routines.
Build a Better Email Program
Effective email management is not only the employee’s responsibility. Organizations need to foster a culture of best practices and invest in technologies that favor productivity and ensure security.
- Standardize: Everyone in the organization should be running the same email client, ideally on both their PCs and mobile devices.
- Educate: Implement training in conjunction with IT and possibly HR to impart best practices for email management, not just from a productivity perspective, but from a security perspective. This should be part of your new-hire orientation process as well.
- Set the ground rules: Have policies in place for all employees, and make sure they are widely distributed and understood.
- Centralize SPAM filtering: Invest in centralized technology specifically designed to deal with unwanted email, ideally in a scalable Platform-as-a-Service (PaaS) model. These are affordable solutions for the value they deliver.
Email management occurs both at corporate and the end-user levels and unmanaged SPAM should not be dismissed as “just the way it is.” Ignoring it becomes a productivity killer and if left solely to employees , can lead to preventable security threats. Technology and training can help safeguard your data and infrastructure and give back valuable working time to employees.
by Randy Fougere
Keeping up with the complexities and costs of information technology is no easy task and especially true for SMBs. To solve this challenge, many now leverage the cloud for their infrastructure needs. But, as valuable as the cloud can be, IT environments must still be deployed, optimized, monitored, managed, and secured. This is why outsourcing IT managed services in addition to infrastructure has become increasingly attractive.
In 2015, McKinsey & Company published an IT-as-a-Service Cloud survey that captured the scale of this transformation. Having surveyed 800 CIO and IT executives across a range of industries, the authors concluded “a major transformation was underway as companies of all sizes rapidly shift from building infrastructure towards consuming off-premise cloud and managed services. By next year, a majority of surveyed companies plan on outsourcing IT for at least one major business process.” Experts often cite cost savings as the primary driver. But as the McKinsey study highlighted, the cost is only one factor among many to consider.
Outsourcing IT: High-Level Options
There are several options available when using the public cloud, a Managed Services Provider (MSP), or both. Here’s a high-level summary of the typical scenarios:
- The infrastructure entirely or partially resides in the cloud, but an internal IT team manages everything except the facility and the hardware.
- Public cloud is utilized, but an MSP provides some or all managed services layered on top of the infrastructure.
- The MSP manages all aspects of IT. In this “complete outsourcing” model the customer has limited, if any internal IT resources. In this case, the MSP may host at one of their data centers, or in the cloud and they are fully accountable for the entire solution.
It’s also important to note that there are other variations here. Outsourcing IT can relate to the function as a whole, one or more IT environments, or specific applications where highly-specialized domain expertise is required. In effect, virtually all companies are outsourcing IT these days as most use a variety of SaaS applications that 20 years ago would have been licensed and managed in-house.
There are many compelling reasons for outsourcing IT and managed services, but here are the seven we run across most often in our conversations with customers and prospects. In reality, it’s usually some or all of these scenarios combined.
#1 – IT is a Distraction
Unless your company’s primary source of income comes from selling IT services, information technology like other non-core business functions can be a financial burden and a major distraction. As your team grows, and executive’s involvement with IT and project management will consume more attention. If a company spends more time worrying about IT than its product offering, it’s time to outsource. In fairness, IT can be at the heart of a product or service – technology companies and software developers are good examples., But, even then, managing the day-to-day operations takes away from core activities such as strategy, product development, and revenue generation.
#2 – Spiraling Costs
The demand for IT rapidly expands in most growing companies. As a result, they need to continually investment in upgrading facilities, hardware, software, and training. Building and maintaining IT infrastructure, along with the expertise that goes with it comes at a high price. Capacity is often deployed with future growth in mind, which means you overpay for it until it’s fully utilized. Upgrades involving facilities, storage, and networks are particularly expensive. This is an inflection point when many companies decide it’s time to outsource.
#3 – Talent Challenges
Attracting, training and retaining good people is one of the most challenging and expensive problems most businesses face. This is especially true for IT, where talent is in high demand. IT requirements become broader, forcing internal teams to expand their capabilities across a wider range of disciplines. Managing networks, for example, is very different than managing servers, storage or security.
MSPs can afford to invest in well-trained, certified personnel with specialized knowledge and experience. Therefore, outsourcing IT managed services offers levels of technical competence that are tough to find and retain in-house.
#4 – Operational Costs
Along with capital and staffing costs, significant expenses are also needed for operations and delivery. Pricey monitoring, performance and other specialized tools are good examples. Power, Internet and maintenance costs can be added to the list as well. For most of us not on the Forbes “Top 50” list, our IT buying power is weak to fair.
Larger service providers can afford better technologies and more specialized staff. If sizable enough, they can secure better rates for bandwidth, hardware, software and other things they need to buy. They enjoy large economies of scale since they can spread their costs across many clients and those savings get passed along to their customers. They can usually operate more efficiently when it comes to capacity management as well.
#5 – Resource Constraints
Most organizations have appetites for IT support that far outpace what their in-house staff can deliver. In-house IT team members often have to take on responsibilities far beyond the original job description. Everyone likes a challenge, but a programmer who finds they are now accountable for operating systems, middleware, and disaster recovery can be daunting for the employee and risky for the company. If 24×7 support becomes a requirement, that may be a major decision point for outsourcing IT as the added cost of running three shifts is a significant leap.
#6 – Compliance and Certification
Today, even mid-sized companies need proper controls and reporting for their IT processes. The cause has been a dramatic rise in data privacy regulatory requirements. Hardest hit are healthcare, government, financial services, and retail – but other industries are impacted as well. When a business decides or is forced to comply with some form of regulation, there can be massive investments in time, energy, and costs needed. This is another juncture where outsourcing IT can save companies time, money, and aggravation. In some cases, it may just involve specific applications relevant to the legislation.
#7 – Agility in a Dynamic World
These days, business is all about velocity and those who can’t adapt fast enough get left behind by the competition. Outdated IT infrastructure and applications hinder an organization’s ability to react to market changes. Taking more time to set up the supporting IT systems for a new product than designing it will not fly in today’s world.
One of the most widely publicized benefits of cloud and outsourcing IT managed services is how it helps businesses stay current with technology and quickly change directions. In this model, companies only pay for the services they use. Plus, they can quickly build and redeploy IT infrastructure as needed. Layering on additional managed services along with the infrastructure offers choice and flexibility.
The Bottom Line
in many cases, outsourcing IT and managed services makes more sense than doing it yourself. But outsourcing also comes with risk if executed poorly and for the wrong reasons. Businesses need to think deeply about their needs and objectives, and carefully research what vendors offer and how they deliver services. Costs are just one of many factors influencing why organizations choose to outsource.
Sometimes there may be good reasons to keep things in-house, control being an important one for some organizations. That said, it’s not an all or nothing proposition. The cloud and IT managed services available today offer the potential to reduce costs, along with a broad range of other benefits.
by Randy Fougere
NETSCOUT, the world leader in application and network performance management products and solutions recently sat down with our CEO Andrew Rouchotas to get his thoughts on how business owners should be using cloud services to manage their IT assets. Below is the transcript of that interview.
The original post was published HERE.
What are the most common concerns business owners today have about managing their IT assets?
Business owners and financial officers have different concerns than IT departments when it comes to technology. Their issues are broader and at higher levels. They include aligning IT to support the corporate business needs, hardware lifecycle management, escalating capital expenditures and managing tax implications. For some organizations, there may be concerns around compliance (HIPAA, SOX, PCI as examples). The penalties for infringement can be damaging and developing the expertise in-house is often a challenge.
Another obstacle is a general resistance to operational streamlining by IT staff worried about job security. Staff can become protective of the old model and that generally doesn’t serve the best interests of the company or customers. Business leaders need to convince their IT managers that their real value won’t come from the old paradigm, but by focusing on how IT applications impact core business goals like productivity, innovation and customer support.
What considerations should companies be making when searching for cloud-based supports for IT functions?
Companies moving to an Infrastructure-as-a-Service (IaaS) cloud environment must consider how the core security and operational aspects of IT will be managed. Outside of pure infrastructure, there other essentials to think about such as managed backups, antivirus, malicious attack prevention, managed firewalls and integration with other systems – just to name a few. Many companies don’t think about IaaS holistically, and that is risky.
A company should also understand the level of support they will receive from their cloud provider. Will it be proactive or reactive? Reactive support means your services could be malfunctioning for hours or even days before someone notices. A reliable proactive approach, in contrast, provides 24/7 monitoring of your virtual machines, network, and hardware. This catches problems as soon they develop rather than letting them fester.
What do you see are the most common mistakes or biggest oversights they make when searching for and buying cloud-based vendor support?
Most companies don’t buy vendor support. They assume their IT staff will (and can) take care of everything themselves. For large enterprises, this may well be the case. Even then, some choose to outsource parts or all of the management so they can focus on other priorities.
When deciding on vendor support programs, companies need to ensure they know exactly what they will get and what’s excluded. People may assume 24/7 management and support are in place, but, they’re typically not unless explicitly purchased. The same goes for monitoring at the VM level, available SysAdmin or DBA services, data backups (not just snapshots) and many other on-going processes. We go to great lengths to break out and contrast our IaaS Services and Support because this is critical information to know and the devil is in the details.
Organizations also make mistakes around regulatory compliance. A customer will read the vendor’s generic Business Associate agreement and think they’re covered. But they fail to read the fine print in the “Customer Responsibility” section. A provider will usually offer only piecemeal compliance for physical and virtual security, leaving the rest of the accountability at the client’s doorstep.
What do business owners need to know about backups in the cloud? Is it set it and forget it?
Business owners should always have data backups and recovery top-of-mind. Few however actually grasp their importance until after a disaster, after the damage has been done. When in the cloud, backups are definitely not “set it and forget it.” With cloud-based backups, there is a wide variance between offerings. You need to ensure the provider has the proper data safeguards, proven process and trained staff in place to ensure full and accurate recoverability. Otherwise, a single mistake or disgruntled employee could literally put your business in a tailspin. Large organizations in particular, may need multiple security layers and explicit contracts in place above and beyond the usual standards.
A true managed data backup solution is not a common offering and should be something business owners look for. Typical “included” backups and snapshots may be fine for some applications, but they can also fall drastically short depending on your recovery point and time objectives. Be diligent in assessing the service providers’ abilities and processes, and make sure the solution fits your needs.
How has cloud security evolved since you’ve been writing about it? What are the hot-button topics that surround cloud security today?
For most people, the subject of cloud security is misunderstood at best. Research shows that companies are becoming less concerned about cloud security than they were in the early days of IaaS – and for a number of good reasons. But the reality is, we all need to focus on security at all times, regardless of where the infrastructure resides.
Depending on the tools the provider uses and how the system is managed, even a simple cloud development environment can be vulnerable. The “bad neighbor” problem of the old shared hosting model still persists. Indeed, cloud environments remain a breeding ground for hacker activity. Hackers can scan IP blocks and find hundreds if not thousands of vulnerable VMs. They can then target these to spread viruses, launch DDoS attacks, or worse.
Despite these potential dangers, many cloud providers only provide bare-bones protection by default. While that is often as good, or better than some smaller IT departments can provide, the customer must recognize their own vulnerabilities and take measures to protect themselves.
How can companies with limited technical support on staff get good IT guidance? What are the best resources available to them?
If a company is looking for general information, there are numerous resources on the web – specifically in vendor blogs, IT analyst content, IT groups and industry publications. However, if they are looking to move to IaaS, they should talk with vendors. During initial discussions, a good MSP can quickly assess and explain where the shortfalls will have impact. This will help the company get a clear picture of what important managed services they might need, and those they don’t.
Having this conversation is a good start, and it will help narrow down the search for MSPs who best meet the criteria. Sometimes that means selecting a service that patches the gaps in your existing IT staff and team. Other times it could mean purchasing end-to-end coverage.
In general, large public cloud providers are more focussed on selling enterprise, self-managed IaaS. Small-mid sized MSPs tend to specialize more in management and support services. Carefully evaluate managed IaaS providers. Carefully examine each provider’s support and management offering and select one that can provide you the total level of service and support you require.
To what do you attribute the growth of Infrastructure-as-a-Service (IaaS)? What do you predict the future of IaaS will look like?
Two of the key drivers in IaaS growth simply come down to significant cost savings and flexibility. The business, financial and technical logic behind renting out computing infrastructure is just so clear that it can’t be ignored.
Managing, securing and delivering data is no longer the job of a “techie” tending a few servers in a dusty basement closet. Data is too vital now for that and privacy regulations have become complex. Mastering those elements in the current cloud hosting landscape requires specialized IT staff providing comprehensive, 24/7 coverage, including management of disaster recovery protocols, data backups, and so on.
Looking ahead, I see everyone using infrastructure as a pure utility. Much like electricity, you “flip the switch” and the infrastructure turns on. IaaS is becoming a layer of abstraction, separated from the management and support of the actual services running on it. The “cloud giants” are clamoring for the pure infrastructure business and not very keen on providing higher value for their customers. They are obviously focused and making mountains of money in the process. In contrast, providers who proactively anticipate client needs for cloud management and security will play an increasingly critical role in the future of IaaS.
What are some of the trends or headlines in Cloud computing you’re following right now? Why?
There are a number of highly publicized trends we follow that all impact how data is created, distributed and used. Big Data, the Internet-of-Things, Artificial Intelligence and Virtual Reality are dominant ones at the moment, and they will all have future implications for businesses, including ours. We monitor these as they evolve because we want to understand how they will affect customer IT needs moving forward and how we will support those demands. That way we can try to get ahead of the curve as we think about our future services.
At a more granular level, we carefully follow and participate in the automation of IaaS functionality, integration, on-going management and support services. We’ll soon have the ability to back up and recover from any cloud to any other. We’ll be able to layer our management platform onto infrastructure anywhere, and that’s exciting. Using platforms such as Amazon and Google, along with our own, we’ll be effectively providing “IT Management-as-a-Service.”
by Randy Fougere
Cyber-attacks and natural disasters like hurricanes, floods, and fires always grab the headlines. But, what causes the high majority of business interruptions are ordinary, everyday events such as power failures, human error, and faulty software or hardware. As a result, most companies will experience a significant IT disruption at some point. Many are turning to cloud-based backups as a way of providing faster, and more reliable recovery.
by Randy Fougere
When dealing with critical aspects of your business, you can’t afford to take risks! Yet many companies don’t do enough due diligence when buying add-on IaaS managed services. Some buy standard off-the-shelf packages and assume everything they need is in place and will work as advertised.
by Randy Fougere
If you are considering hosting any data covered by the Sarbanes-Oxley (SOX) Act either in the US or Canada, know what you are getting into. Outsourced SOX hosting has specific implications for your Managed Services Provider (MSP) and if they are not compliant, you’re both at risk.
When the Sarbanes-Oxley Act (SOX or Sarbox for short) first passed into law in July 2002, then President George W. Bush proclaimed its provisions “the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt.”
by Randy Fougere
A Content Delivery Network (CDN) is a powerful system designed to improve website performance. The most obvious benefit of CDNs is that they solve the biggest problem caused by latency – that annoying wait time from the moment the user requests a web page, to the point when it’s finally onscreen. Two main factors cause this delay.
by Randy Fougere
HIPAA is a big deal in the US for most businesses involved in health and medical related sectors. And if these companies are compliant – and want to outsource HIPAA hosting or store data north of the border – they need to work with a Canadian provider that offers HIPAA compliant managed services.
by Randy Fougere
Over the past 10 years, public cloud, widely known as Infrastructure-as-a-Service (IaaS) has created a profound and fundamental shift in IT thinking and consumption. Today, IaaS is changing still as prices and differentiation both continue to decline.
by Randy Fougere
Earlier this month, our CEO had an in-depth and candid conversation with Bryan Kim of Hosting ReviewBox. The interview focused on how Cartika began, its evolution over the years, changing market demand and how Cartika has managed to stay ahead of the game.