Archive

Category Archives for "General"

This is the default category

What is your IT support provider costing you?

“Around half of all enterprises (49%) in the UK have outsourced some part of technology to an IT support provider. Also, outsourcing is more common among small and medium businesses than others” – Cyber Security Breach Survey 2019

Almost half of SMEs struggle to find IT staff with the necessary level of skills and experience, which is just one of many reasons why many SMEs look to outsource their IT operations. Outsourcing IT can either be merely offloading support and maintenance or outsourcing an entire IT department. More often than not, small companies find it difficult to justify the cost of more than one full-time IT support person but working with an IT provider can mean having access to a full team of experienced consultants.

However, not all IT support providers offer the same quality of support and services. Outsourcing should not be viewed as a simple cost-saving exercise. An unsuccessful IT support provider can cost more than you can imagine. The cost can be in terms of money, operational downtime, company reputation, losing your competitive edge and loss in staff time. So, it boils down to one question: what does your IT support provider cost you?

Consider these five factors to determine whether your IT support provider is costing you money

Recurring Issues

The most important factor to consider is recurring faults. If your IT support provider does not solve the root cause of the problem, then the same issues are going to crop back up. Problems like this indicate your IT support provider does not track issues correctly or are just patching things up when they go wrong.
Quality IT support providers prevent issues from recurring by identifying the root cause of a fault. They continually monitor systems and take pre-emptive measures to stop problems before they stop your business. They will also likely have a suite of value-adding Managed IT services to help reduce and mitigate various unpleasant possibilities such as unacceptably long periods of downtime, cyber-attacks and lack of system resources or resiliency to handle peak demand.

Delay in adoption of the latest technology

SMEs need to aggressively adopt technology to stay competitive. If your IT support provider is unable to keep pace with your technology needs, then this should be taken as a negative sign that this partnership is no longer fulfilling its purpose. In a rapidly changing technology landscape, IT support providers should encourage their clients to remain agile, control costs, quickly respond to competitive opportunities and align IT with ever-evolving business objectives.
Reputed IT support providers use the latest technologies and equipment to deliver services which are updated regularly with no additional cost to the business and thus eliminating the risk of an obsolete IT infrastructure.

Slow response time

At any moment SMEs can be struck by show-stopping issues such as internet outages, server crashes and cyber-attacks. When a problem arises, your IT support provider should get on it immediately. If there is a lag in response time, then your business could come to a grinding halt.
There are many reasons for this. Maybe your IT provider has not invested in the technology necessary to continuously monitor and track your IT systems, are short on skilled resources, overstretched with their commitments or even this is the level of service you have agreed to. If this is an ongoing issue though, then it’s time to act.

Poor Communication

If your IT support provider is not completely clear about the support services which they provide, then you should consider changing. You outsource IT services for several reasons including fixing costs, or at the very least to have a handle on them. Yet, far too many businesses are being hit with unexpected invoices due to their provider’s lack of transparency or poor communication on a non-technical level. This often erodes that all-important trust and damages the working relationship.
Reputed IT support providers will communicate regularly and in non-technical language - often through an account manager. They should report not just on how healthy your IT systems are but on your levels of usage, customer satisfaction, industry trends, and any areas of concern. Your IT partner is just that – your partner in technology, and you rely on them to look out for you, present opportunities, and plan for the future.

Lack of strategic planning for the future

In the past, a reactive approach would have done the job. But with the increasing complexities and security vulnerabilities of the modern enterprise, a proactive approach is a must-have. A reactive IT support provider lacks the foresight to plan ahead and may be driving you head-first into entirely preventable issues. Whilst your provider may be an expert in solving problems, somebody must plot the course and steer the ship. Otherwise, things are going to go off-course!

An engaged and proactive IT support provider will regularly analyse your business requirements and work with you to maintain alignment between IT systems and business objectives, which they may formalise by way of a strategic road map.

Four elements your IT support provider should support you with in the long run

1.Reduce downtime: Your IT support provider should reduce operational downtime. UK SMEs experience 45 minutes of downtime each week, which is approximately £500 per employee, per year, in lost productivity.

2. Improve security: According to Cyber Security Breach Survey 2019, the average annual cost of a cyber-attack on businesses in the UK is £4,180. Your IT support provider should be able to reduce the risk of a cyber-attack and improve the overall security of your enterprise.

3. Company reputation: 60% of UK consumers would be willing to stop doing business with a breached enterprise. The provider should be able to protect your enterprise from data breaches. 

4. Business efficiency and competitiveness: Without a coherent and consistent plan, a significant amount of time, money and resources are spent on patching IT infrastructure and security issues as and when they arise. There is an inevitable loss in staff time during the restoration of services, particularly for IT staff.

Any IT support provider can fix issues, but a quality provider brings much more to the table. They shouldn’t just add value; instead, they should be invaluable. They should be working hard behind the scenes to prevent problems from ever arising. Also, your provider should communicate clearly and regularly, steer the business clear from disasters and develop strategic IT roadmaps to enable the company to leverage technology to achieve maximum business benefits. It’s true that so many SMEs see IT as a cost centre, but the truth is that IT can and should be the driving force behind your enterprise’s profit centre.

5 Must-Have Agenda Items your IT Strategy Should Address

Having a robust IT strategy is critical to the success of any business, whether they realise it or not. No longer is IT just an enabler for businesses to run software, answer emails or take phone calls – IT has transformative effects on their ability to grow effectively and efficiently. However, for this to ring true, IT must be aligned with the business, and this comes from a carefully thought out IT strategy. Yet many businesses are moving forward with a poorly designed IT strategy or with no strategy at all.

The IT strategy serves as a road map that will help businesses understand how to leverage existing and emerging technologies to support business objectives. Below are five must-have agenda items your IT Strategy should address:

Agility and flexibility – The IT strategy should be agile and flexible to address changing technology needs

Agility is an essential factor for a business to survive in fast-moving and dynamic markets. Business strategies should be flexible, and businesses should be able to reprioritise, change direction and include or exclude capabilities quickly based on market conditions.

To compete in today’s world of dynamic and disrupted technology markets, SMEs should be able to operate swiftly. They should be able to respond quickly and efficiently to changing technology needs of customers and the market. As such, the IT strategy should be flexible enough to address regular changes in SME's strategy and technology needs. SMEs mostly operate in a dynamic environment which requires an agile plan.

People and process – Your IT strategy should consider the non-technical aspects of your business

Many businesses focus on the technical aspects of their IT strategies without considering the process or employees involved. Your IT strategy should address organisational change management and business process reengineering both of which are necessary to realise the full benefits of technology implementation.

Support business goals – IT strategy should align with your business strategy

To create a successful IT strategy enterprises must make sure it is aligned with their overall business strategy. In many cases when SMEs decide to implement a new IT strategy, they have good intentions, but sometimes, those intentions are not aligned with the business’s overall strategy. Before creating an IT strategy, enterprises should first define their strategic business goals, then outline specific IT risks, opportunities and objectives that support those overarching business goals.

Improve business performance – IT Strategy should support optimal business performance

The IT strategy should address the businesses most important priorities to improve performance. The strategy should help the business outside of the direct application of technology in the workplace. It will guarantee that the budget is used to create value, both in technology and in supporting the rest of the business to perform at its best.

Affordability – The IT strategy and support should be cost effective

Should our business outsource IT strategy development and IT support services or develop it in-house?

This is the one question which most SMEs ask before they begin with the IT strategy development plan. In-house IT strategy and systems are built based on the businesses requirements born from a day to day knowledge of business operations. Whilst this is valuable in meeting real challenges and daily objectives, it can often cause the IT strategy to be misaligned with the overall business direction.

On the other hand, outsourcing the development of your IT strategy to an IT provider is not only cost-effective, you are getting a truly subjective review from somebody who is not concerned with or bogged down by these daily challenges. Not only that, but outsourced IT providers often bring them with a plethora of highly specialised skills and extensive partner networks in key areas such as security, disaster recovery and cloud computing

Has your business decided to build or revamp your IT strategy? Do you even have one?
Get in touch with us and let’s get started!

How to protect your company’s sensitive information from being traded on the dark web

Did you know that your employee identity or customer details can be illegally sold on the dark web for as little as £7 to £10?

Businesses may or may not have heard the phrase "dark web", and even if they have, it may be difficult to understand what the dark web is and what it can mean to their business. In today’s digital world, online interactions have increased tenfold with digital payment systems, online databases with sensitive information, personal identities and digital corporate information. It has led to an explosion of digital crime with hackers stealing sensitive data and selling them on the dark web.

The three levels of the Internet:

Level 1 – Surface Web: The surface web is accessible by all and is what we all know as the internet. The surface web represents about 4% of the internet. Surface web is also known as the public web which is anything that can be indexed by a search engine like Google, Bing, etc. Online shopping, sharing posts in social media, searching for information, etc. are all part of the surface web.

Level 2 – Deep Web: Deep occupies around 93% of the internet. Internal company sites, intranets, databases, members-only websites are examples of the deep web. These sites are not indexed in search engines, i.e. they won’t show up in searches unless either you are connected to your company’s network or you know the web address and have access to it.

Level 3 – Dark Web: 3% of the internet belongs to the dark web. The Dark Web is intentionally hidden and is inaccessible through regular web browsers. Multiple layers of encryption and security help the dark web in maintaining its anonymity. The dark web is the go-to place for large scale illegal activities and online crimes.

Why should SMEs be Wary about Dark Web?

Criminal activities on the dark web can directly affect your business. For example, your customer data, employee information or other sensitive information can be stolen and sold on the dark web. 

Recently security specialists at m3 Networks recently uncovered alarming results from research investigating more than 600 businesses which are members of Dundee and Angus Chamber of Commerce. Almost 24,000 security breaches with an average of 39 per company were found on the dark web – over 57% of all these businesses appeared on the dark web with breached credentials.

How can SME’s Protect themselves from the Dark Web?

  1. Ban employees from using TOR: Don’t allow employees to access the TOR network; they can easily expose your business to malware. TOR is the most common software client used to access the dark web. Provide clear and strict employee guidance on how to cleanly use the internet.
  2. Train employees on security protocols: Cybersecurity experts always advise that employee error plays a major role in a successful cyber-attack. The fact that most SMEs are unaware of the dark web is argument enough that additional training on IT security is essential. This will help increase employee awareness about cybersecurity measures and compliance so that they follow your businesses security protocols.
  3. Treat passwords carefully: Don’t use the same password for multiple accounts. Creating a strong password is best practice as well as storing these with a reputable password manager such as LastPass or OnePass – but this is not a guarantee. You could have the strongest password but if your business does not protect it in a secure format then it could be stolen. Knowing your password has been breached as soon as possible is critical so you can change it in all the locations it has been used. Or it WILL be used against you.
  4. Limit employee access to sensitive information: Many SMEs cannot differentiate between sensitive data and publicly accessible information thereby offering a much larger possible attack surface. Limiting employee access to sensitive data can limit a cybercrime incident. Therefore, it is advisable to restrict access to sensitive data on a need to know basis.
  5. Take help from dark web monitoring experts: At m3 Networks, we offer dark web monitoring services to alert when a business has been compromised so that passwords can be changed quickly. We have tools that can trawl more than 600,000 forums and websites on the dark web. 

We also offer a suite of other security services such as security awareness training, penetration testing,  real-time network and security event monitoring, incident response and virtual CISO services, amongst others

Our technical director Mark Lamb recently gave an interview on the dark web to The Courier “Personal details of thousands of workers from Tayside firms being sold on dark web”. Follow the link to learn more about our investigation and what Mark Lamb’s recommendations are for enterprises.

Advantages of Outsourcing your Cyber Security Services

“Almost half of businesses in the UK including SMEs (43%) suffered a cyber-attack in the last twelve months.” - Department for Digital, Culture, Media and Sport

Reasons for outsourcing cyber security services

Current Scenario

Advantages of Managed Service Provider (MSP)

Breadth of cyber security knowledge

In the UK:


- 43% of micro firms,

- 41% of small firms,

- 39% of mid-sized firms


don’t know the reasons which lead to a cyber-attack.

- Lack of proper knowledge on the contributing factors and sources for most of the disruptive breaches makes SMEs vulnerable to cyber-attacks. 

- As such its best to outsource cyber security to a Managed Security Service Provider (MSSP). Experience and knowledge of managed cyber security service providers will reduce the chances of a cyber-attack considerably.

- Also, a managed security service provider will be able to educate employees through cyber security awareness training programs and monitor your organisations exposure on the dark web, amongst other things

Fixed monthly or yearly cost

- 34% of SMEs in the UK find it challenging to invest in IT security as the cost has historically been high

- 30% of SMEs spend less than 3% of their overall budget on cyber security.

- Managed Security Service Providers (MSSP) offer cyber security services at a very affordable and fixed cost.

- Majority of MSSPs offer their services to SMEs on a monthly subscription fee, but some may charge it annually.

- The fixed cost helps SMEs to plan their cyber security investment efficiently.

24/7 peace of mind

On average it takes around 3 days to neutralise the effect of a cyber-attack, leading to lost staff time and deviation of focus from the core business.

- Managed security service providers will perform around-the-clock monitoring.

- Continuous monitoring is an essential aspect of security as an enterprise can come under a cyber-attack at any time of the day.

- With 24/7 monitoring and security support, SMEs can enjoy peace of mind to focus on their core business operations and revenue generating activities

Availability of cyber security professionals

According to industry experts, there will be a shortfall of 100,000 cyber security professionals in the UK by 2022.

- Outsourcing cyber security is the best option for businesses these days, and it is especially crucial for SMEs that have limited budget or employees. 

- SMEs often have trouble attracting and retaining top security professionals.

- Some do not have the time or resource to deal with routine maintenance, which will ultimately lead to an inefficient security system.

Better Security Management

The cost of cyber attacks


- for small enterprises amounted to around £894

- while for medium-sized enterprises it was around £8,180

- Managed security service providers (MSSP) use a suite of detection and prevention tools and robust backup protocols to try and prevent cyber-attacks and shorten recovery time.

- Outsourcing cyber security services to MSSPs will reduce and mitigate cyber threats.

- MSSPs maintain cutting-edge security technologies to provide endpoint protection, web and dark web monitoring, security awareness training, penetration testing, vulnerability scans, firewall management and much more.

Why it is Important to Fix Your IT Costs

Organisations across the world are undergoing an extraordinary transformation. A new generation of technology is changing the way businesses maintain security, customises a product, enhances the customer experience, markets their products and more. In time, and possibly in a short period, the entire way UK companies engage with their customers will be different, or rather will be very customised. Driving this change is the rise of new technologies. UK companies which combine this with the right IT budget (which can be tricky at times) can seize this opportunity.

Type of IT Cost

IT budget is a combination of total information costs which include IT spending and salaries of all IT users. Information costs include buying of services from service providers, advertising agencies, consultants, and accountants to support the information workforce.

IT Cost Segment

Sub-Segment

Type of Expense

Description

Acquisition Cost

Hardware

Direct

Initial hardware purchases or lease costs. Customers can choose a cloud-based platform or build it in-house which would incur a significant expense.

Software

Direct

It includes software costs with a monthly, yearly or one-time plan.

Implementation

Direct

The cost associated with setting up a new system.

Subscriptions/ Licenses

Direct

Either each license to be purchased separately for each user or it can be a package with access to multiple users. The cost would differ based on the type of license/subscription.

Data migration

Direct

Data migration can be surprisingly expensive, so it is advised to check with vendors on what the pricing policy is and if they offer this for free.

Training

Direct

Though this is considered to be the largest cost in the acquisition stage, investing in training will improve business efficiency.

IT Cost Segment

Sub-Segment

Type of Expense

Description

Operations Cost

Security

Direct

Managed security services to help reduce and mitigate various forms of cyber threats.

Ongoing training

Direct

Ongoing training can be for current users looking for training on specific complex features or for new users to expand the knowledge of the platform.

IT Maintenance

Direct

Overall IT platform maintenance and software upgrades comes at an additional cost.

IT Support

Direct

IT support services for the installed system will come at a cost. It is advised to check with the vendor if they offer 24/7 support to keep operations running at all the time even if it comes at a premium.

Data Center

Direct

Another cost to consider is the costs associated with maintaining in-house servers and hardware.

Downtime

Indirect

The cost associated with productivity and revenue loss due to inaccessible systems during a disaster.

End-user operations

Indirect

Productivity lost due to troubleshooting, bad end-user interface, etc.

IT Cost Segment

Sub-Segment

Type of Expense

Description

Resource Cost

IT staff

Direct

Salaries for a team of IT professionals to keep systems secure and running.

Strategy consultant

Direct

External vendors/consultants offering clear and structured strategic IT planning support to businesses. Ensuring the IT strategy is aligned with the needs and demands as the company grows and develops.

Administration

Direct

Salaries to additional resources to manage CRM and other marketing automation tools.

Why fixing IT costs is important

Effective IT spending plan: IT cost allocation is a complicated process even for large organisations. Budget constraints and limited IT expertise often keep SMEs from making effective IT spending decisions. Better visibility into the type of IT costs can help SMEs come up with a definite IT spending plan based on their business requirements.

Cushion against surprise cost: A better knowledge of hidden hardware and software costs can help enterprises reduce unnecessary costs and reallocate resources to more critical business operations. Before investing in new IT equipment, it is essential to evaluate an enterprise’s spending history and implement best practices that will improve the bottom line.

Balance cost among hardware, software, and services: Fixing IT cost will balance the spending among hardware, software and services. Strong systems management is the key to overall cost reduction, per a report by Gartner. The more budget allocated for direct IT expenses, like operations, training, support and services, the less budget will be wasted on lost productivity and downtime.

Reduce total cost of ownership (TCO): Enterprises when planning for IT cost, should factor in the total cost of ownership (TCO). IT systems need to be upgraded and maintained continuously. Constant costs related to IT security, software updates, labour, repair and tech support are unavoidable. However, simplifying the IT infrastructure and management processes will increase productivity, efficiency and reduce TCO to a great extent.


“For IT, total cost of ownership (TCO) includes hardware and software acquisition, management and support, communications, end-user expenses and the opportunity cost of downtime, training and other productivity losses.” - Gartner

How fixing IT cost can benefit an enterprise

Managing annual IT expenses will help in understanding the actual IT implementation cost and how to avoid costly and ineffective solutions. Estimating IT infrastructure cost over a period of time helps enterprises make better buying decisions when deciding which solution provides the best possible ROI.

Options

Cost

Review

In-house System

Expensive

Generally, in-house systems are built based on the company's requirement by a team of IT professional. This type of IT solution is costly for SMEs, hard to maintain, and will always be on the lookout for experienced IT professionals.

Enterprise Suite

Expensive

Enterprise Suite usually is an enterprise CRM as the core technology stack and requires different custom integrations with third-party systems. 3P systems may include sales automation, social media, project management, website tracking, predictive analytics, among others. Purchasing different platforms from different vendors and user training for individual platform makes this option an expensive one.

Integrated Solution

Moderate

CRM platform integrating marketing, sales, customer service, operations, etc. into one single platform. This complete solution offers a much more profitable ROI when it comes to technology purchases as all the tools come in one package. Enterprise's all data and information are stored in one location, which is accessible to employees of different departments. These features make this option a better choice as compared to option one and two.

Managed Service Provider

Affordable

Among the four options, the best is outsourcing IT services to a Managed Service Provider (MSP). MSP is often recommended as the cost-effective IT solution for SMEs. For a minimal fixed monthly fee, MSPs provide customised IT solutions and services based on the business need.

5 ways Cyber Essentials can Improve your Business

“1 in 6 UK small and mid-sized enterprises fell victim to a cyber attack in the last 12-month duration. Of the enterprises affected, more than one-fifth stated that it cost the company more than £10,000, and 1 in 10 mentioned that it cost more than £50,000.” - Zurich SME Risk Index

The Cyber Essentials scheme is backed by the government to help companies protect themselves against cyber threats. Cyber Essentials helps organisations guard against the most common cyber threats by implementing cyber security best practices. Following are five clear benefits of Cyber Essentials.

Protection against cyber threats

According to a report by NIG, almost 80% of data breaches can be prevented by implementing Cyber Essentials which are simple security practices. Daily, hackers are trying to steal data, money or cause severe disruption to SMEs and mid-market companies. Following the Cyber Essentials scheme is the best way for businesses to approach cyber threats. The Cyber Essentials scheme includes highly effective precautions such as using stronger passwords, updating software regularly, limiting access to sensitive information, background checks of employees, among others.

Improves existing and potential customers’ trust

Per a report by KPMG, almost 60% of UK consumers would be willing to stop doing business with a breached enterprise. Enterprises rigorously following the Cyber Essentials scheme have a competitive advantage in comparison to competitors without accreditation. Cyber Essentials certified enterprises show its commitment to security, demonstrating to customers, investors, suppliers, and regulators that it takes cyber security very seriously. Cyber Essentials accreditation becomes even more critical for enterprises using and storing personal data like medical records, financial information and other sensitive data to build trust.

Cyber Essentials an essential step towards preparation for GDPR

GDPR is the new data privacy regulation which aims to give protection and control to the EU populace over personal data. Typically, the law will affect how businesses can collect and use personal data. By so doing, companies will be required to be more transparent when it comes to collecting and utilising data from customers. Cyber Essentials is a significant first step in preparation for GDPR as violators will have to pay a potential fine of up to €20 million or up to 4% of a company’s annual turnover.

Improves business efficiency

Without a coherent and consistent plan, a great extent of time, money and resources are spent on patching IT infrastructure and security as and when they arise. There is an inevitable loss in staff time during the restoration of services, particularly for IT staff. Implementing Cyber Security Essentials will allow both technical and non-technical staff to remain as productive and efficient as possible by focusing on core business without the need to fix bits and pieces of the company’s IT infrastructure.

Better chance of winning government contracts

The government is using the Cyber Essentials scheme as a step towards reducing the levels of cyber security risk in its supply chain. Since October 2014, the UK Government requires all enterprises bidding for contracts which require handling of sensitive and personal data or the provision of technical products and services to be Cyber Essentials certified.

5 Benefits of Fixed IT Costs

When you are looking for business IT support, you can find various types of contracts and agreements. You could just decide to Pay As You Go (break/fix) basis, pay in advance for blocks of hours, or choose a fixed price IT support contract which includes the majority, if not all, the things your business will need on a monthly basis.

The biggest benefit of a fixed price model, is that you know exactly how much your IT support costs will be each month. This is great for cash flow and essentially your IT costs just become another commodity – just like paying your rent, electricity and insurance. But there are some other major benefits that you may not have realised.

Continue reading

5 Steps to Email Compliance

Your email is NOT secure.

For most businesses, email is a vital method of communication. Many organisations rely on email to send confidential information within and outside the business. The widespread use of email for confidential information makes it highly vulnerable to exploitation. In fact, email accounts for 35% of all data loss incidents, a recent study found. So with huge potential to cause harm to your business, there is a need to secure, control and track email messages and attachments wherever you send them.

Continue reading

Can your IT provider prove how good they are?

We are delighted and very proud to shout from the rooftops that our overall customer satisfaction score for 2017 was a staggering 98.7%!

Industry averages are around 93%, so we’re outperforming most of our competition. All IT companies will say they provide amazing service, but how many can actually prove it?

Continue reading

>