Is Information Technology an asset or liability for your business?
It could be either. You could be exposed to an IT risk that strangles your business or it could be that competitive advantage that secures your business future. But how would you know unless Information Technology IS your business. It is highly likely that in most other aspects of your business that aren’t your core functions, you seek expert advice on this. So, why wouldn’t you seek expert assessment and advice on this critical business capability? Let’s start by helping you to ask yourself some questions about your business and its relationship with IT:
Assuming for a minute, that answering some of these questions raises some red flags for you, the next obvious question, is where do you get advice? Clearly, we think it is here, at Resolution8 Digital Advisory and one of the core reasons for that is that we can offer independent, vendor agnostic advice. For those businesses that already employ the services of a Managed Services Provider for Information Technology, you already have technology expertise on hand but, do you know how their services and pricing compare to the market and (this is important), would it be wise to seek advice from somebody that is not independent and agnostic? That would be like asking your friendly Toyota dealer what you should spend your vehicle budget on… no prizes for guessing that will result in an increased spend with your Toyota Dealer. An initial consultation with Resolution8 Digital Advisory will cost you nothing, so what do you have to lose? IT, liability or Asset? Contact us to find out.
0 Comments
Online subscription software is easy to get going and it seems to cut out the upfront cost and opex's your costs - but what are we trading for this convenience? What risks are we adopting?
The olden days Back in the dark ages of computing (1990s to earlier 2000s), choosing what software to use was an even bigger decision than it can be these days. Firstly, there was choosing the solution for your problem, a lot of reading and promises from vendors, reviews from users and the press were crucial. Gartner’s quadrants helped. Sometimes you would run a formal selection process with vendors. Maybe there was a demo disc you could trial the software with. Once you had selected the solution there was the upfront costs (often a hefty figure):
Then there was the ongoing cost of the software subscription, regular upgrades and patches that need to be put on servers and PCs. All with their own invoice cost, let alone the cost of having your IT teams or office staff stop work to do patching or learn new features. Depending on the subscription model, you may end up paying again for the latest version of the software! Nowadays These days getting started with a new piece of software is often as easy as entering an email address and sometimes a credit card number. You’re away, no installation, it works on all your computers via the web browser, no one is installing server software, upgrading computers or having to manage the software versions. All of it is taken care of! All costs with the software can be made opex so you don't need a business case and you only pay for what you use. Google and many other online providers pioneered this approach of subscription software delivery, Microsoft has done the same and continues to invest heavily in this direction, going as far as subscription for a gaming approach with Game Pass (essentially creating the Netflix of games). So, with all these advantages what on earth could the draw backs be? And why should I be worried? Here are our top five risks when using online software (or software as a service): Risk #1 - Data governance and privacy The risk: When you enter data into a website it is saved somewhere real, on a computer that is physically in a building/structure, in a country. The laws of that country now govern that data, along with any rules and agreements in place with the organisation providing the computer that the data is being saved on. It is pretty rare for a software provider to clearly outline where the data you enter is saved. In New Zealand we have privacy rules and codes of conduct about the data collected and where it can be stored, what's more consideration of Maori data governance interests might be relevant. These rules have implications for collection, storage, use and access so you will need to consider both how the software treats the data collected but also how you use it. What you can do about it? Start with what data you are storing, there may not be any expectations for the product descriptions and costs information you store on your e-commerce solution, however there might be about customer information you do collect. Check the website for any direction on where they are storing information, what security they put around it and the reliability of the security checks they have on their system. If they do not publish information regarding this, try contacting them to find out. If you don't get a timely response, or no response at all, think twice if your information is sensitive in nature. Risk #2 - Confusion - too many applications for the one type of work The risk: There are usually many, many, many software solutions to solve the same problem. Just looking at the project tracking space you have solutions like : To name a drop in the bucket! All of them are good in some way or another and offer advantages the other may not, such as feature, cost, etc We met with a client recently who used three pieces of project/task tracking software across their clients and internally and were about to add another one. None of the software talked to the other, one set of clients used one tool and another set of clients used another tool. They know they need to consolidate but in order to do so they would have to retrain one set or all of their clients in the new solution. Furthermore, all the information stored in one application would have to be moved across (more on that below). In larger organisations this can be a real problem where different groups or departments grab the software they like the best and get going. They aren't constrained by the capital expense rules that meant the decision would require greater scrutiny before being signed off. This has its pluses and minuses. What you can do about it? Keep a central software register and put someone in charge of overseeing such decisions. Do your best to configure this so that they aren't holding up decision making but are creating awareness around solutions already in use. Encourage requirements gathering and checking before signing up - perhaps there is already a solution being used that would suit their needs, perhaps the cost and benefits don't stack up. Risk #3 - Integration The risk: You've got your e-commerce solution to sell your wares and its slick and does a great job of helping customers to purchase your amazing products, however, the inventory solution isn't connected. We met with one company where one of their staff had to spend the first part of every morning manually updating quantities in the e-commerce solution with stock levels to avoid customer disappointment when they ordered. Stitching together different software products to create a coordinated solution for your business has always been a problem. This is where ERP products generally came from (like NetSuite, Microsoft Dynamics), a single integrated solution to run the whole business, however as smaller niche solutions have exploded onto the scene that solve one part of a business problem the problem of integration has gotten bigger again. There are tools that can help with integration but you are looking at configuration, running costs and making sure something doesn't change between the two integrated systems that breaks it all. What you can do about it? Choose wisely. Ask yourself some questions when making your decisions:
Risk #4 - Lock-in The risk: You've picked a solution, it becomes crucial to your businesses operation. Everything is running fine, then something changes; the prices go up, the system starts misbehaving, there aren't new features being added to help you keep up with your competition, so you are now looking at other options to move to. But wait…all your historical and current information is kept in this system and there isn't a way to get it out or transfer it over. Or worse you look closer and the contractual agreement to use the system was that they own all data you entered into it or they expressly exclude any support for taking data out. Your stuck, it’s going to hurt to move to the new solution, not just getting the new solution to work right for your business, training your staff in the new solution but all that lost information and history, or labour time and cost to manually add this history into the new solution. A software solution limiting you like this seems unlikely? Unfortunately, this is the business model for many, big and small companies. We see it across all sorts of offerings. Creating software using the Microsoft toolset for example, means you have to stay on that or recreate everything on a competitor’s toolset. What you can do about it?
Risk #5 - Data access The risk: You have invested time and effort in curating quality data in your online system, now you want to leverage it, but how do you get suitable access to it with your cool reporting tool? Or worse, what if your data is being used by the vendor for their own data analysis! All too often the data you put in can be hard to extract. A few years ago, a health organisation invested in a shiny new software solution to be then provided as a software as service solution. Lots of great data being captured, cleaned and ready to us. However, limitations in the interface made it difficult to ask certain questions of the data. Luckily (or so we thought) the solution came with an export function. Problem solved! Not quite, the export only allowed 8000 records to be exported at a time, if you tried more it failed and produced nothing. In the end they needed to work with the vendor to create a new extract that would send each night, but they then needed to collate and prepare the data further - all adding cost and extra expertise they didn't have. In another situation we worked with a client that was looking to use an online solution to run their business, it functionally matched their needs, however tucked away in the contact was a clause that boiled down to "the vendor can use the data put into the system to create meta-analysis reports on the population entered and sell that report if they wish". What you can do about it?
Conclusion Online software is a fantastic evolution of computing and enables businesses to reduce overhead, costs and to pivot to meet or beat market expectations. However, whilst they often present as an operational cost the decision needs to be treated as an investment decision and everything that goes with that sort of decision:
Treat the decision that way, consider the risks we've outlined and you'll have the best chance of getting the value and benefit from your software selections. We had fun trying to demonstrate some of reasons why programme management is important in organisations running multiple projects. Check out our little animation! It's all too common for organisations and teams to have multiple projects on and staff still trying to still do their normal business as usual tasks. Getting a view of all those projects, who is involved and what is required of them helps businesses decide what projects are most important and can be done and when they can be done. It also helps with resource planning and staff retention!
Over the years we have seen many organisations try and put in programme management with little success, for different reasons; perhaps their leadership aren't that in to it, the process is way too much, it creates too much burden on the projects. The common outcome is everyone (from CEO down) start trying to get around the PMO. The way you introduce your programme management is as crucial as to what you do to manage those projects and programmes. The team at Resolution8 specialise in project and programme management, hit the Contact Us button to have a chat about starting your journey into programme management. We all do projects, IT or otherwise, and problems occur. This isn't news, however, its surprising how common the cause of the problems are. Our little animation demonstrates some of those common mistakes. How would you solve them? Hopefully, there are less explosions in your projects! But I bet you have seen the same outcomes and problems in projects you've been around. What's the solution to all these problems? Is it a new project management style? Would Agile fix it? Would PRINCE2 fix it? That latest project management or team management software? Well, yes and no. All those things help but on their own none of them are going to stop big problems from happening. We believe it comes down to three critical ingredients:
SITUATION:
A private specialist medical practice in Auckland contacted Independent IT consulting seeking advice on IT solutions. At the time the practice was two years old, was accommodated in a private hospital and was using that organisation’s technology facilities. They had grown to the stage that they required their own premises and, while they recognised that this required their own information technology and communication facilities, they had no idea what that involved or where to start. Having seen Resolution8 Digital Advisory's website, they contacted us and requested information and upon receipt if that, requested that we submit a proposal. What was important to the practice was that the advice they received was well informed but also, independent and vendor / product agnostic. PROPOSAL: The Resolution8 Digital Advisory proposal was simple in that it comprised up to three potential modules of service offering, each one dependent on the previous. The first proposed piece of work was the Discovery phase. This entailed extensive discussions with all practice stakeholders, owners, managers, administrators and users to identify what the current situation was in terms of business, technology deployed and used as well as what was required in short, medium and long term. We proposed that the outcome of the Discovery would be a document that detailed their current situation, objectives and made appropriate recommendations for actions to be taken. Our proposal was accepted, and Resolution8 Digital Advisory progressed with a number of meetings, onsite and remotely. ACTIONS:
OUTCOMES:
The Practice management were particularly pleased in that, through Resolution8 Digital Advisory what had been perceived as a hugely complex and difficult task, became simple, pain free and easy. Whether or not you think there is value in taking independent IT advice depends on what you are doing and what you want to achieve but, basically, the answer is a big fat yes.
Information Technology, possibly more than any other business capability, can be the key to long term business success or a reason for (completely unnecessary) business strangulation. By way of comparison, if you were considering how appropriate your current car or business fleet was and you went onto, say, a Toyota yard or website – what advice do you think you might get? Dollars to donuts you would be steered toward a decision that favoured Toyota. Not that I have anything against Toyota and, let’s face it, from their perspective, it makes sense to guide you to their cash register. And so it is with Information Technology. An excellent example of this was Resolution8 Digital Advisory's first client. The organisation (let’s call them Acme) approached us wanting to understand if they were getting dollar and service value for their IT spend, which had been with the same managed services provider for over ten years. During the Discovery Phase, we questioned their supplier’s recommendation that they purchase a new Server and build a new Server room to accommodate it on site. Long story short (and sweet): The didn’t need a new server at all and certainly not a new server room. So, before we even got to the second phase of our service, the organisation had saved themselves somewhere North of $46,000. Now, you can’t blame the managed services company representative for recommending spending money with them but – and here’s the pointy bit – it was in their interests, not Acme’s. So, back to the original question: Is there value in independent IT advice? Absolutely there is! For more information and illuminating examples of how valuable independent IT advice can be when considering IT solutions and IT services, contact us. Whether or not you think there is value in taking independent IT advice depends on what you are doing and what you want to achieve but, basically, the answer is a big fat yes.
Information Technology, possibly more than any other business capability, can be the key to long term business success or a reason for (completely unnecessary) business strangulation. By way of comparison, if you were considering how appropriate your current car or business fleet was and you went onto, say, a Toyota yard or website – what advice do you think you might get? Dollars to donuts you would be steered toward a decision that favoured Toyota. Not that I have anything against Toyota and, let’s face it, from their perspective, it makes sense to guide you to their cash register. And so it is with Information Technology. An excellent example of this was Independent IT Consulting’s first client. The organisation (let’s call them Acme) approached us wanting to understand if they were getting dollar and service value for their IT spend, which had been with the same managed services provider for over ten years. During the Discovery Phase, we questioned their supplier’s recommendation that they purchase a new Server and build a new Server room to accommodate it on site. Long story short (and sweet): The didn’t need a new server at all and certainly not a new server room. So, before we even got to the second phase of our service, the organisation had saved themselves somewhere North of $46,000. Now, you can’t blame the managed services company representative for recommending spending money with them but – and here’s the pointy bit – it was in their interests, not Acme’s. So, back to the original question: Is there value in independent IT advice? Absolutely there is! For more information and illuminating examples of how valuable independent IT advice can be when considering IT solutions, Contact us Note this is an older post from Independent IT Consulting now part of Resolution8 as Digital Advisory. Well, maybe not the whole business but you're definitely going to take a hit, which could be critical if you aren’t prepared for it. All around New Zealand businesses are being affected in different ways by different threats to their IT which in turn has a direct flow on to their business.
We’ve been talking to people around the Waikato, vendors and insurance brokers and have heard some horror stories. Like the engineering firm being hit by a Cryptolocker virus demanding a ransom, locking them out of their own IT files – in the end costing close to $20,000 to get it sorted and in lost income. Or the trading website being hit by a targeted DDOS attack, crippling their site, meaning their customers could not trade. After significant effort, they were able to address it and put in measures to negate/mitigate that and future attacks. Of course only after $500,000 in lost profits and remedial costs. Going further abroad, what about the company whose failed back up that ended up costing them $5.8 million. Their core system and switched to the failover system, that’s great, however, the backup had failed too, losing them 72 hours of orders, mailings and collections. The risks around IT and the impacts continue to grow day-to-day as business become more and more reliant on technology. Every process we put into a computer system, those spreadsheets, those IT programmes become a part of our business and its ability to run. How do avoid this risk? Do we stop putting things into computer systems, stop connecting our machinery to software that makes it run more efficiently? Go back to pen and paper? Well no, the old pen and paper had its own risks (WINZ documents littering central Auckland anyone?) and definitely some problems with scale and accuracy. No, we need to look at how we are using technology, understand each use and its risk profile. What do we mean by risk profile? Well, each time you make use of a new piece of technology, that technology and the way you use it defines the risk you now have in its continued use. Let’s take an example of a smartphone. Pretty common, pretty useful too! Some would say the most significant invention of the last 18-20 years (let's not start BlackBerry vs Apple…who created the smartphone first). You give these to your staff, great, now you can talk to them when you need to. Out on the job? No problem, ring-ring! Now you think, wouldn’t it be great if I could email them? Super! Let’s turn that feature on. Oh wait, your team lead left their phone on a site or in a meeting room. Was the phone locked? Can anyone see those emails? Now, someone you don’t know, your competitor say, can now see that spreadsheet you sent to good-old-bob with the costs and margins your running! Or your employee starts using the phone for things they maybe shouldn’t. Uh-oh! A virus gets back to your email server. Your handy phone just took out your communications for the next 48 hours while the IT staff frantically clear out the Trojan horse virus running around your network. Sound unlikely, not so much, Waikato DHB’s IT systems were attacked by a similar process (a USB drive with the virus on it plugged into a computer on their network), weeks later they finally evicted the virus. Or, what if it's not about a person doing something wrong or accidentally, there's just plain old wear and tear that can take out a whole hospitals system. Just recently another DHB (sounds like I’m picking on hospitals, honest I’m not, you might say it reflects the under-investment in technology – don’t get me started on that!) had a fire in their server room. They ended up running on paper for weeks. Every time an IT risk is realised it has a financial impact on your business, sometimes small, sometimes significant! So how do you establish your IT risk profile? Here are a few questions you can ask yourself to do a self-assessment:
Call us for a free initial consultation about your business and technology or just to talk. Well, maybe not the whole business but you're definitely going to take a hit, which could be critical if you aren’t prepared for it. All around New Zealand businesses are being affected in different ways by different threats to their IT which in turn has a direct flow on to their business.
We’ve been talking to people around the Waikato, vendors and insurance brokers and have heard some horror stories. Like the engineering firm being hit by a Cryptolocker virus demanding a ransom, locking them out of their own IT files – in the end costing close to $20,000 to get it sorted and in lost income. Or the trading website being hit by a targeted DDOS attack, crippling their site, meaning their customers could not trade. After significant effort, they were able to address it and put in measures to negate/mitigate that and future attacks. Of course only after $500,000 in lost profits and remedial costs. Going further abroad, what about the company whose failed back up that ended up costing them $5.8 million. Their core system and switched to the failover system, that’s great, however, the backup had failed too, losing them 72 hours of orders, mailings and collections. The risks around IT and the impacts continue to grow day-to-day as business become more and more reliant on technology. Every process we put into a computer system, those spreadsheets, those IT programmes become a part of our business and its ability to run. How do avoid this risk? Do we stop putting things into computer systems, stop connecting our machinery to software that makes it run more efficiently? Go back to pen and paper? Well no, the old pen and paper had its own risks (WINZ documents littering central Auckland anyone?) and definitely some problems with scale and accuracy. No, we need to look at how we are using technology, understand each use and its risk profile. What do we mean by risk profile? Well, each time you make use of a new piece of technology, that technology and the way you use it defines the risk you now have in its continued use. Let’s take an example of a smartphone. Pretty common, pretty useful too! Some would say the most significant invention of the last 18-20 years (let's not start BlackBerry vs Apple…who created the smartphone first). You give these to your staff, great, now you can talk to them when you need to. Out on the job? No problem, ring-ring! Now you think, wouldn’t it be great if I could email them? Super! Let’s turn that feature on. Oh wait, your team lead left their phone on a site or in a meeting room. Was the phone locked? Can anyone see those emails? Now, someone you don’t know, your competitor say, can now see that spreadsheet you sent to good-old-bob with the costs and margins your running! Or your employee starts using the phone for things they maybe shouldn’t. Uh-oh! A virus gets back to your email server. Your handy phone just took out your communications for the next 48 hours while the IT staff frantically clear out the trojan horse virus running around your network. Sound unlikely, not so much, Waikato DHB’s IT systems were attacked by a similar process (a USB drive with the virus on it plugged into a computer on their network), weeks later they finally evicted the virus. Or, what if it's not about a person doing something wrong or accidentally, there's just plain old wear and tear that can take out a whole hospitals system. Just recently another DHB (sounds like I’m picking on hospitals, honest I’m not, you might say it reflects the underinvestment in technology – don’t get me started on that!) had a fire in their server room. They ended up running on paper for weeks. Every time an IT risk is realised it has a financial impact on your business, sometimes small, sometimes significant! So how do you establish your IT risk profile? Here are a few questions you can ask yourself to do a self-assessment:
Call us for a free initial consultation about your business and technology or just to talk. In our previous post we covered advice on how to oversee technology projects. In this post we will help you tell when thing have gone awry and how get things back on track. Before we begin, some caveats ;Technology projects are complex,Software development projects are more akin to creating functional art than building a road or a house, unexpected issues can occur. However, this does not mean good project practices can't be applied. Lets get started! The first sign of trouble is vendor that cannot commit to a date for completing a known piece of work. By "known" I'm referring to something that is well described and has a clear outcome to it; a piece of functionality or completing the install of a server into a rack. This highlights the other part of our heading here, they can't define their deliverables, what it is that they are creating. Again if your project team and / or vendor can't do that then everyone is going to have trouble. So what is the underlying issue to this symptom? Well, there could be several places things are going wrong, for example: gg In most projects there is a need to simply things and explain them in less complex terms, this isn't the same as spinning things.
|
AUTHORS.
Peter Gilbert is the Director of Resolution8 and has a passion for good project delivery. ARCHIVES.
October 2024
CATEGORIES. |