by Felicien | Jun 8, 2017 | Education
Take a look at how companies are shaping their IT budgets, and what their biggest expenses are.
A very common question among businesses is, “How much should I be spending on digital services?” or “Should we increase our IT budget this year?” It’s a good question, so we’re going to take a look at the latest IT budget trends to see just what companies are deciding.
Basic Budget Increases
Let’s talk percentages: It’s natural for IT budgets to increase at least a little every year to keep up with the inflation of costs and so on. Recently, these increases have been diverging between 1)businesses that care a lot about digital performance and new services and 2)companies that really don’t want to spend much on IT right now. Companies that want to grow their digital services are increasing IT budgets by around 4.6%. That can be compared to an average increase of around 2.2%.
Issues of Stagnation
Hold on, though! These budget increases aren’t so simple as all that. Thus far in 2017, IT budget decisions have been very…noncommittal. A study on UK buyers of IT services has shown hardly any different between 2016 and 2017 budgets, both hovering around an average of $294,000. That’s a serious problem, because IT tends to be an area where investment is required for new growth and continued efficiency. When companies don’t increase their budgets or make increases so small that it doesn’t really matter, they are essentially committing to a year of non-growth. That’s a little troubling for basic IT services, but much worse if a business needs to upgrade their security systems but doesn’t have any many to do see – especially since we’re seeing a rising in cyberattacks that target unprepared businesses just like these.
So why the hesitation to spend more money on IT? Most cited uncertainty with the global political situation. New tensions, uncertain alliances, and potential conflicts make everyone nervous, and when organizations get nervous they pull back on spending, particularly spending on new services that they aren’t sure if they want to adopt or not.
Bottom line: If you have the income, consider spending more than the average to make sure your IT systems stay in a healthy place.
Where Businesses Are Spending Their Money
But let’s take a look at what companies really are spending money on within their IT budgets these days. First up is cloud and hosted services, the number one target for these budgets. That makes sense – cloud/hosted services are a great way to save money by staying away from expensive hardware, and there’s a service or tool out there for pretty much any business need, so companies can always find a solution with a little searching. Company leaders can also understand the, “Like what we do now but cheaper and better” benefits of cloud services – although security remains a concern in this situation.
However, companies that really want to go all out on tech spending are increasing portions of the budget for much less traditional investment. AI systems are getting much more popular, thanks to their increased use in marketing, customer management, and security (where they look for common signs of suspect data or actions). Virtual reality is another spot where spending is going up as marketers investigate how VR can help spread their brand – although a common alternative is 4K drone video, another area getting a lot of interest. Some companies are even experimenting with 3D printing!
How Much Are The Big Companies Spending?
A whole lot. Take a look at the healthcare provider industry, for example. The annual spending budget in 2017 here was around $30 million, without an expected $2 million increase in 2018 – for companies with around 5,000 employees. And that’s not really that much when looking at it from a broad perspective, because…
Large Transformation Projects Will Always Cost More
If you really want a digital transformation project, your IT budget will simple not cover it. When the big companies want a transformation, brands like GE and the Dollar Shave Club are setting aside around $1 billion. While you obviously have to scale that down for smaller companies, it’s still a couple times larger than a traditional annual IT budget. Broad transformations cost money!
It’s important to remember that every IT budget will be different, and how much you should spend on digital services depends on your own goals. Not sure what your {city} area business needs? We can help! Give {company} a call at {phone} or contact us at {email} and we can help you decide on the services that will add true value to your company.
by Felicien | Jun 7, 2017 | Education
Here’s why you should never wait for security updates – oh and a bit about the Queen’s birthday!
As followers of British royalty doubtless already know, Queen Elizabeth II recently celebrated her 91st birthday – sort of. You see, because of the way these celebrations work, the “birthday” that the Queen has celebrated for so many years isn’t actually her birthday. Instead, it’s simply a week in early June that is roughly designated as the time to celebrate the birthday of the current British monarch. The real birthday could be – and has been – anytime throughout the year, but this small window is typically when the country actually celebrates it, and so when many people think of the Queen’s birthday, they think, “Oh, of course, it’s sometime in early June, I remember it being on the news.” Queen Elizabeth II’s real birthday is in April, actually, and you may (or may not) be surprised how many of her own people don’t realize that.
So, why the two different birthdays, and what in the world does this have to do with data security? Well, the reason for the birthday celebration is easy: It’s all about British weather. You see, the weather in England is notoriously difficult to predict, with a tendency toward rain (again, not a surprise), but of course, the country doesn’t want it to literally rain on the parade when celebrating a royal birthday. So they carefully ignore the real birthday date and plan the celebration for some time in May or June, even going so far as to put this “party” birthday down in official records. They just want a little bit of sunshine.
The data security connection is all about this curious behavior, and what it means for updating security processes. Because, you see, like Britain, many organizations find it easy to put a plan into action “when the sun is shining” instead of on the real date when action needs to be taken. Let’s take a look at why that’s such a serious problem.
The Problem of Patches vs. Apps
The Queen may celebrate her birthday in warm months because it is convenient, but businesses do not have this luxury when it comes to updating their security. It’s not a matter of picking the most convenient date: It’s a matter of recognizing that organizations don’t have a choice to delay or avoid patching their systems. There is no such thing as waiting for fairer weather. There is no gaming the system. Unfortunately, businesses have a difficult time recognizing this when conflicts arise between a noted security update and normal business operations.
This problem is exemplified perfectly when it comes to app updates and compatibility. Let’s take a look at a WannaCry ransomware example to underline the point. Say that your company depends on a particular app for operations – an inventory management tool, for example. That tool is compatible with an older version of Windows 10, which your company uses. Now, Microsoft released a security patch for WannaCry and related attacks back in March 2017. Your IT expert knew about this patch and recommended that it be applied to all Windows 10 systems in the business for protection. Unfortunately, the patch is designed for a newer version of Windows 10: It looks like you need a larger update to include the patch.
That’s a problem because the all-important inventory management app just won’t work with a newer version of Windows. You have contacted the vendor but haven’t received any news about whether an updated version of the app will be provided. So your organization sits tight on the older Windows 10 so it can maintain traditional business operations, at least for a few months…which is right around the time that WannaCry infects your network and starts hitting computers around the office that have no protection.
This happens a lot! It happened to many of the organizations hit by WannaCry, some of which were still using Windows 8 because of the aforementioned compatibility issues. So this isn’t just a theoretical issue, it’s a real problem – and one that your company must learn how to deal with.
The Importance of Immediacy
We’re going to make this really easy for you: If a decision comes to a choice between updating your operations for security and using an important app, choose the update. Every time. You can always find a vendor who is actually on top of their security maintenance or another app that accomplishes similar goals. You can’t find another way to patch vulnerabilities. Take the costs associated with the decision as part of security expenses, and move on.
We would love it if every organization could understand this. But we also know that the logistics behind this decision can be tricky. If your {city} business is struggling with older apps and security updates, {company} can help! Call us at {phone} or send us an email at {email} to learn more about our services!
by Felicien | Jun 7, 2017 | Education
While you’re working out your long-term data security plans, here are the steps to take in the meantime.
There are three general responses to a data attack like WannaCry. The first is the immediate, “What do we do to stop this and resume operations again,” the second response is a short-term, “What can we do to shore up data security while we recover and look at our strategy” and the third is a long-term, “What permanent changes do we need to make so this never happens again?”
The first and third responses get a lot of airtime, but we’d like to talk about the second response – the short term, immediate action that you can take once you get your business up and running again. These steps are vital to ensuring customers that you have improved your security and preventing aftershock-like malware created by copycats in the wake of a successful attack. Even if your company hasn’t been attacked, if a data attack has made you a little nervous, these short-term steps are a great idea to increase protection and prevent future problems.
Patching Schedule
One of the notable things about WannaCry is that it could have been prevented with the right patches. Microsoft actually provided patches to fix that particularly vulnerability months before the WannaCry ransomware (which targeted Windows computers in networks, especially older versions of Windows). The reason WannaCry was such a huge problem was that companies had just ignored the patch: Not for any good reason – they had just gotten into the habit of never patching their systems.
It’s puzzling because we know some of those organizations had IT departments, but we can’t figure out what they possibly could have been doing. Patching schedules are IT 101, and these businesses flunked out: Fortunately, it’s never too late to check on your own patching schedule and make sure that…well, that it exists. Your organization needs to be aware of when a patch is released and must mandate that the patch is uploaded to all applicable platforms ASAP. For some adaptable companies, continual awareness and automated “as soon as you get them” updates is the best policy. For other companies, it can be more helpful to set up a schedule of checking for updates, such as a weekly or bi-monthly inspection. Either way, have a plan!
Updated Antivirus Software
Antivirus software is in a curious period of evolution at the moment. Older antivirus software looks at DAT files kept on a malware registry, basically a collection of the information about current malware (sort of like matching fingerprints to a criminal database). However, malware moves so quickly these days that some of the DAT files aren’t updated fast enough to catch the latest attacks.
That’s why the newer versions of antivirus software use advanced tracking technology to find actions and data that appear to be DAT files in the making – and warn administrators ahead of time. Obviously, the latter is more effective than the former, so making the switch makes a lot of sense in the wake of an unfortunate data attack (or fear of one).
Employee Training Session
Yep, it’s time: Call all the employees together for a company meeting. Explain the data threat, why it’s a problem, and what employees need to do to protect their devices and company data. Lay out the requirements in a few clear steps that everyone can understand. Communication is very important at this stage, and a forgetful or confused employee can cause a lot of damage. Educate and reiterate to help prevent problems.
Expired Apps
This point is easy, to sum up: If an app is not compatible with the latest version of your operating system, stop using it. Companies simply can’t afford the risk of using apps that fall behind the latest updates (Windows 10 and macOS in their latest versions, for example). In practice, this is a difficult step to take for many companies, but we encourage you to make it part of a strategy. If an operating system has been updated but one of your apps is incompatible, give that app a month or two to come up with a patch. If it doesn’t, drop the app. This makes it far easier to keep up with the latest security methods and vulnerability fixes.
There are plenty of other short-term steps you can take to improve security and make sure your company is ready, including more careful partitioning and server management. If you have any questions about how to create your own strategy for your {city} business, we can help! Contact {company} at {phone} or {email} to learn more!
by Felicien | Jun 5, 2017 | Education
Cyber insurance helps ensure business profits in case of data attacks: Here’s what you need to know.
Cyber insurance is business insurance that covers costs associated with data attacks, offered by insurers and via plans with certain vendors. When many companies here about that, the automatic thought is, “Yes, that is exactly what I need!”
That may be true – but it’s important to note that cyber insurance is not cyber security. It will not actually protect you, and there are strict limits to what it can do. So let’s go over some facts about this type of data insurance that you need to know about.
Coverage Does Vary Based on the Policy
Cyber insurance isn’t as strictly codified as some types of insurance, and its coverage can vary greatly between policies. What one standard policy covers may be very different from what another insurer or vendor offers (we’ll talk more about this later). In other words, you can’t really count on any particular coverage without reading the fine print, so get ready to put on your glasses. Fortunately, like other types of insurance, you can usually attach various riders and clauses to create coverage for the specific events or costs that you are worried about. This will, however, raise the price of the coverage.
Human Error Is Not Covered
Basically, cyber insurance doesn’t really cover people being dumb, and this can cause a whole lot of problems with making claims. For example, let’s say that one of your employees opens a phishing email and downloads some really nasty malware. Will cyber insurance cover that? Quite possibly your claim would be declined because the problem has its roots in a human mistake instead of an attack that your company couldn’t avoid. It’s even more unlikely to find coverage for poor password management or leaving a computer unattended and logged in. Take this as an important reminder that employee education should be a best practice no matter what type of insurance you have or what you want to protect again.
Known Vulnerabilities are Rarely Covered
Here is where matters of liability become tricky. You see, few cyber insurance policies will cover problems that result from known vulnerabilities. That means that if a security policy is known, and the provider or manufacturer announces a patch to fix it, it is on you to download the patch and fix your security. If you do that, coverage shouldn’t be a problem. But of course, a vast number of data attacks happen because businesses have not patched known vulnerabilities (just look at WannaCry) even though patches have been made available.
There may be additional, customizable add-ons for protection even from known vulnerabilities, but it’s going to be a lot more expensive. So, once again, even with cyber insurance, you still need smart security practices and a strict update policy to protect your company. Are you getting the theme here?
Data Restoration May Not Be Covered, Either
Yeah, this one throws a lot of companies off balance: Isn’t cyber insurance supposed to recovered data restoration? Isn’t that the point? Well no, it isn’t. “Data restoration” is a complex process that may or may not work, no matter how much money you throw at it. It usually relies on things like proper data backup, which is a company responsibility, not an insurer responsibility. It’s not really an area that an insurance policy is well-equipped to deal with. So cyber insurance focuses primarily on interruption costs – on “refunding” you the profit that your company lost while dealing with the data attack. Don’t make the mistake of thinking that all associated costs will be covered.
Third Party Insurance is Different From First Party
Typical cyber insurance covers the first party – that is, your company. And that’s it. If data is lost, mishandled or attacked while with a partner or third party, your insurance coverage won’t touch it. However, there is a second type of cyber insurance that is specifically designed to protect your data when it is in the hands of third parties. This is particularly useful in sectors like the healthcare industry, which finds itself transferring sensitive data to other organizations regularly.
Cyber insurance or not, it’s pretty obvious you will need a robust data security plan in addition to any coverage you may choose (or be required to have). We can help here! {company} provides IT services in the {city} area for a variety of different data goals. Let us know what you need by contacting us at {phone} or {email}.
by Felicien | Jun 5, 2017 | Education
Learn about some of the much anticipated new features Microsoft recently announced for the Surface Pro and Office 365.
Microsoft Office 365 and the Surface Pro tablet have been innovative products since their introduction, but the past month brought the announcement of a slew of new updates for Microsoft’s landmark software and hardware offerings that aim to change the game for users. At {company} in {city}, we want you to get the most out of your Microsoft experience by keeping you up to date on all of the exciting new things you can do with your Surface Pro combined with Office 365.
Redefining expectations for tablet inking
Digital pens are one of the areas where tech innovators still have ways to improve, mostly because users’ hands are so used to the specific experience of using traditional pens and ink that switching to a digital version often still feels artificial. By introducing these new updates, Microsoft is stepping up to the challenge of creating a digital pen and ink interface that feels more intuitive for users and includes a wide array of new features.
It all starts with a more expressive inking experience throughout the Office 365 apps on the Surface Pro that responds to users’ commands more quickly and feels more fluid to the touch. Microsoft has increased the number of pressure points on the tablet surface from just over 1,000 to 4,096, resulting in a more natural feel as soon as you put the pen to the glass.
Other updated features include new dynamic ink effects in Word, Excel, and Powerpoint, and innovative whiteboard tools for enhanced collaboration. The Whiteboard app features enhancements such as geometry recognition and automatic table shading, so you and your colleagues can seamlessly work together and stay on the same page.
Facilitating innovation for commercial customers
Office 365 commercial subscribers will find a lot to get excited about in this new batch of updates as well. Microsoft’s Power BI, the suite of business intelligence tools, is now enhanced with the Office 365 adoption content pack. Office 365 usage reports are displayed in a clear and visually-engaging format, and leaders can seamlessly integrate the data into their BI analysis and decision-making matrices. Office 365 usage reports are a powerful source of data for business users, and companies can use this comprehensive information to make more informed decisions about inter-office communication and efficiency.
Enhanced accessibility provides true data freedom
Microsoft understands that data access, reliability, and security are on everyone’s minds these days. To that end, the OneDrive Files On-Demand feature facilitates access to any files that are stored on the cloud from any connected device at any time. The age of buying mobile devices that are weighed down with extra storage is over. Consumers and corporate users alike are clamoring for agile mobile devices that will provide a seamless transition from the desktop experience, and that they can take anywhere at a moment’s notice.
Since everything these days is stored in the cloud, it should all be accessible directly from the cloud as well. With OneDrive Files On-Demand, all of your files will show up in, and be accessible from, File Explorer, whether or not they are stored directly on your device.
Better SharePoint integration to keep you connected
Sharing is also getting more simple, fast, and intuitive courtesy of a new unified sharing experience for Microsoft OneDrive. You don’t even have to click away from your desktop screen to share files and links with specific contacts. What if you need to quickly grant or revoke editing privileges for certain people on a file? In OneDrive, you can easily modify the permissions settings in an instant, and you have the ability to set time limits on access permissions.
The recent SharePoint Virtual Summit also brought news of the integration of PowerApps with the SharePoint platform. This feature hasn’t been rolled out just yet, but users will soon be able to combine the breadth of data in PowerApps with the customization power of SharePoint to create unique digital experiences.
To learn how to get even more out of these exciting new updates for Microsoft Office 365 and the Surface Pro, contact us at {email} or {phone}.
by Felicien | Jun 5, 2017 | Education
Marshmallow operating systems, candy-colored computers, and other sweet innovations for national candy month.
June is national candy month, and to celebrate, we’ve decided to share some of the sweetest moments in candy-related IT history. Each of these cultural tidbits is paired with a little lesson or a few tips on how to integrate the sweetness of innovation into your company.
1. Candy-Colored Computers
In 1998, Mac released the iMac G3. This candy-colored computer was arguably the first technology to tie style so closely with function. Buyers got a great home or work computer, but they also got the fun of picking a color to match the personal style—the iMac G3 came in thirteen flavors from lime to flower power to ruby.
This computer didn’t offer a floppy disc drive, a main staple since the Commodore 64 and even further back, and Apple was criticized for the decision. Instead, the iMac G3 integrated the newly emerging USB port, and ultimately, the computer was a successful seller for the next five years. For small business owners, the moral of the story may be to take a risk, pursue innovation and find a sweet, stylish way to sell it to customers.
2. Cupcake-Flavored Mobile Phones
In 2009, Android released the Cupcake. The first in a long line of sweetly named operating systems, this was the first cell phone operating system to support keypads from third parties. As a result, whether users were on email or social media, a keypad appeared on the screen, allowing users to finally say goodbye to the pull out keyboard.
That shift helped usher in the age of the small, tablet-esque smartphones, and it also helped position the smartphone as an essential work tool. Eight years later, Android has brought out operating systems named after eclairs, gingerbread, honeycomb, marshmallows, and jellybeans to name just a few, and smartphones have become an essential part of most businesses.
When setting up properly, they can streamline everything from tracking receipts to communicating about group projects, and small business owners should find strategies to sync smart phones to office computers as needed.
3. Candy Crush
In 2012, Candy Crush released a mobile app version of its browser game. Entertainment and gaming companies quickly realized that the adults of today will download and play games on their phones, and in fact by 2014, over 93 million people (the equivalent of nearly a third of the United States were playing the game), and the company was raking in hundreds of millions of dollars per year.
This surprise also brought changes to the world of business, and many businesses finally began embracing apps. Now, you can get everything from accounting software to virtual time clocks in an app, and it’s even becoming easy for small businesses to download templates and create apps to market their services or facilitate consumer engagement.
4. Full-Sized Candy Land
In 2014, Google moved its set of foam candy-shaped sculptures to the front of the Google headquarters, and the statutes became a popular tourist attraction. Google had been erecting the statues in front of its Android development offices as each new system was developed, and over the years, kit kats, lollipops, and ice cream sandwiches were added to the ranks.
These full-size foam renderings of sweet operating systems underscore how people engage with a brand. As a business owner, it’s critical to think about your own brand. For instance, if you want reliability to be part of your brand image, you need to work with an IT managed service provider that keeps your site up and that helps ensure your staff has working computers and a minimum of delays.
5. Easter Eggs
Although it’s last on the list, this sweet bit of tech history actually took place first. The first tech Easter egg appeared in 1979. For those who haven’t heard the term, an Easter egg is a hidden joke or feature in a computer program or video game, and the first one appeared in the Atari game Adventure.
Google, in particular, has lots of Easter eggs. For instance, if you google the phrase “do a barrel roll”, the window will turn before your eyes. Similarly, if you google “askew”, everything will appear slightly slanted.
Is there a lesson in Easter eggs? Yes, and it’s the importance of having a bit of fun. Whether you’re dealing with employees, customers, product development, tech issues, or anything else, try to mix it up with a little fun.
Ready to shed some of your IT burdens so you can focus on productivity and fun. Then, maybe it’s time to indulge in the sweetness of a managed IT service provider in {city}. To learn more, contact {company} at {email} or give us a call at {phone}.
