Cloud Computing 101

As you prepare for 2019 and beyond, Cloud Computing should be part of every technology discussion for your business.  Today the “Cloud” means everything and anything.  So, what is Cloud Computing and what does it really mean for you and your business?

What is Cloud Computing?

Let’s define Cloud Computing.

Cloud computing is the Delivery, using the Internet or a Direct data connection, of Network-Based Services hosted in a Multi-Tenant Environment.

What does this mean?

Network-Based Services – this is a service running on a network.  Usually networked in a datacenter, not your own.

Using the Internet or another Direct data connection – You are accessing this service from a remote location from the source.  You are using it over the Internet or another data link.

Hosted in a Multi-Tenant Environment – Hosted means it is running on someone else’s hardware and they are just making a service available to you.  Multi-tenant means the provider is ‘hosting” many users at the same time. They serve multiple tenants.

For example, look at Gmail.  The provider (Google) manages the software and the hardware running Gmail.  You just use the service from a distance over the Internet.  Cloud computing is just a form of outsourcing when you use Gmail, you outsource your email application to Google.

There are three major kinds of Cloud Computing Services

  • SaaS – Software as a Service
  • IaaS – Infrastructure as a Service
  • PaaS – Platform as a Service

Software as a Service is probably the most common use for Cloud Computing.  A company will run Cloud-based software similar (or identical) to a premise-based, boxed software solution. Some advantages of SaaS are

  • No expensive hardware (server) needed to run the program
  • No updates or patches to maintain
  • Easier support
  • Equal fixed monthly costs

SaaS works well for software applications you use all the time.  You pay monthly (or annually) whether you use the product or not.  On the downside, there are applications I use only a couple of times a year.  It is tough to justify paying for them each month over and over.  For these types of applications, I found the alternative open source or “buy once” substitutes.

Infrastructure as a Service – IaaS is using hosted hardware, usually virtualized, running in a datacenter to conduct business.  If physical (not virtualized) hardware is used or needed, it is usually purchased and co-located in a datacenter to be used like IaaS.  IaaS is a suitable alternative for most on-premise computing functions that can be virtualized.

Closely related to IaaS is Desktops as a Service (DaaS).  With DaaS, a host vendor provides access to virtual desktops (VDI) from a Public or Private Cloud.  DaaS can take the place of your local PC or workstation or supplement them.  Instead of buying a computer for each employee, you can buy a cheap connection device (thin client) and provide access to a virtual desktop running in a datacenter to handle all your Desktop computing needs.

Platform as a Service is the least used of these three types of Cloud Computing.  Businesses will deploy applications using programming languages, libraries, services, and tools managed and maintained by a hosting provider. The end user does not manage or control the underlying Cloud infrastructure but controls the deployed applications running on the Cloud Platform.

What is Private Cloud Computing and how is it different from the Public Cloud Computing?

There are many companies offering services over the public Internet; these are public Cloud providers. I am sure you are familiar with many of them, from social networking sites like Twitter and Facebook to strictly business applications like Office 365 and Salesforce CRM.

A Private Cloud solution is also accessed over the Internet or a dedicated private circuit. In contrast, a private Cloud usually connects two locations, the customer and the provider, and is housed in a private datacenter.  A Private Cloud is generally dedicated to a single company.  A Private Cloud can take the place of premised based servers and desktops.  You can run just about any hardware or software in a Private Cloud.  A Private Cloud is generally more flexible and customizable than a Public Cloud.  You can run your entire business from a Private Cloud environment, not just a single application.

Most companies use a mix of traditional, Public, and Private Cloud services, a Hybrid Cloud. Keep in mind, with a Hybrid Cloud you must manage multiple Cloud vendors.  There is no one best solution, do what makes the most sense for your business.  Use the Cloud Services you need to support your business objectives and implement them as needed.

Why should I use Cloud Computing?

Cycle of Technology

All technology follows an adoption path according to the cycle of technology. With new technology adoption, there is a continuous cycle of value.  New Technology provides a competitive advantage. As a technology grows older, the competitive advantage eventually diminishes to a point it becomes a competitive necessity, everyone has it and needs it and uses it.  Finally, for those that continue to use older technology well past its useful life, technology becomes a competitive disadvantage.  You are losing productivity by using outdated obsolete technology.

Don’t spend time, money and effort on technology that doesn’t give you a competitive advantage.

“Technology has reshaped Industry. Briefly, these technologies provided real advantages. But as their availability increased and their cost decreased, they all became ubiquitous commodities. From a strategic standpoint, they no longer mattered.” – Nicholas Carr

Conventional Technology has become a commodity and no longer provides a competitive advantage.

Technology is analogous to the electric grid.  Companies used to own and maintain their own power generation facilities until they realized it was faster, cheaper and easier to simply buy their power from a utility company.  They outsourced power generation.  That is exactly what is happening to conventional technology today, it is being outsourced to the Cloud.  We outsource many things, you drive a car, you don’t build one, some of us don’t even make coffee anymore, we outsource it to Starbucks.

There are advantages to outsourcing your technology needs to a Private Cloud Computing Provider.

  • There are great “economies of scale”, especially in a multi-tenant environment. This can lead to lower costs.
  • Business Critical Applications are being ‘Cloud Enabled’ at a rapid pace. You can run your entire business from the Cloud.
  • Well managed datacenters offer greater flexibility to expand and contract quickly and offer services that are less expensive to rent rather than to own.
  • You can focus on Business, not IT. Cloud Computing provides stable IT spending.
  • You pay for ONLY what you use. You plan for today’s needs and scale up later as your needs grow. You don’t pay for extra capacity you don’t need today or may never need.
  • Cloud Computing is infinitely scalable – not only can you easily scale up, but you can scale down as well. This is one of the most powerful advantages of Cloud computing. The ability to shrink as well as grow.  You cannot do this with physical hardware. You buy it, you own it.
  • Because it is multi-tenant, you can use Enterprise class hardware at a Small Business price.

 Why Cloud Computing now?

Source: Gartner 2014

This chart is the 2014 Gartner Hype Cycle for Emerging technologies.  We have been talking about the Cloud for several years. Why Cloud Computing now, what has changed?

  • Bandwidth costs are still falling.
  • Most major business functions have moved to the Cloud.
  • You can run your entire business from the Cloud.

The hype is over, and Cloud Computing is ready for prime time.

According to the Gartner 2014 Hype Cycle, Cloud Computing will reach the Plateau of Productivity (mainstream adoption) by 2016-2019.  Cloud Computing is poised to be the driving force for business productivity. It is here now and ready to use.

Is my Data Safe in the Cloud?

Is your data safe in your office?  What happens if your data is in your physical office and there is a fire/flood/hurricane (Sandy)?  If you’re worried about risk, buy insurance to protect against risk.  Cloud computing has a lot of insurance built in.

  • Your data is housed using redundant hardware. The hardware is designed to be risk tolerant.  In most cases, you would not even notice a datacenter hardware failure.
  • Your data is backed up at least daily, probably more often, and you can go back and retrieve any deleted files and projects.
  • Your data is replicated to multiple datacenters (geo-redundant).
  • Cloud computing providers are in the business of keeping their client’s data protected. Their systems and practices are more redundant and more secure than 99% of businesses doing it themselves.

How do I use the Cloud to Gain a Competitive Advantage?

Using the Cloud – Infrastructure as a Service / Desktops as a Service

Running your entire IT infrastructure including your desktops in the Cloud is a new way to think about technology.  The future is using connected devices.  You can run almost any application, perform almost any task in the Cloud. Software and hardware as we think of it today is going away. The Cloud is the future in desktop computing, delivered as a service.

 Using the Cloud – Infrastructure as a Service / Servers and Networks

You can run your entire IT Infrastructure in the Cloud. You can run servers in the Cloud, switches, your entire network. Using Cloud Computing you don’t need premise-based servers or PCs any longer, you can connect to the Cloud Infrastructure using thin clients.  Thin clients are small cheap connection devices that don’t break or wear out. You can eliminate nearly all your on-premise IT equipment.

 Using the Cloud – Online Backup

You back up your files, right? Backup is a critical IT function.  Unfortunately, everyone has a backup horror story.  The best practice for backup is to copy your backup offsite.  You should always have three copies of your data, the original, a local on-premise copy, and a copy offsite.

Whether you use tape, CD, or disk backup you need to get those backups OFFSITE.  Backups are useless if they are destroyed along with the rest of your office.  Cloud backup is a perfect way to easily get backups offsite.  Obviously, if your whole IT infrastructure is already in Cloud then you don’t have any local data to back up.

To back up to the Cloud is easy, you install backup software onto the local hardware and it periodically and automatically copies your data to the Cloud.

Using the Cloud – Disaster Recovery and Business Continuity

 The Ultimate Disaster Recovery (DR) solution is a Hot Site hosted in the Cloud.  A Hot Site completely replicates all your on-premise hardware and data in the Cloud.  It is ready to use and updated continuously. It is also less expensive than a premise-based DR solution.

We had clients in New York who lost everything when Hurricane Sandy hit. Their office buildings were closed, the power was out, but their technology was working and safe in the Cloud datacenter.  They just worked from home until their office was usable again.  They did not experience any downtime or a single problem.  When things returned to normal, they moved back to their office and resumed work without missing a beat.

Using the Cloud – Consolidation / Centralization

For a company with multiple locations, it is easy to see how the Cloud changes the game. If you have three locations, chances are, you have 3 times the hardware and probably a lot of duplicate data.  Scale this up, 5 locations, 10 locations, 100 locations. The numbers get big very quickly.  A business can consolidate and greatly reduce the amount of hardware used to support their business.

Not only can a business reduce costs, but also complexity.  By moving from distributed IT to centralized IT in the Cloud, a business reduces the amount of hardware needed while increasing hardware utilization.  The savings are evident, by reducing the amount of hardware and maintenance, you reduce costs.

Using the Cloud – Cloud Collaboration Hub

Working on a big project with other firms?  You can store all your project data in the Cloud and make it available to each firm.   A Cloud Collaboration Hub allows multiple firms to work in real time on shared projects.  This is accomplished using secure private connections to a Cloud Workspace hosted in a datacenter. This type of collaboration creates a robust and secure environment and allows firms to work together while keeping their intellectual property safe and secured.

Benefits of the Cloud Collaboration Hub:

  • Privacy and security of Intellectual Property.
  • Real-Time Collaboration and file sharing
  • Reduced project “latency”, improved project productivity.
  • Accelerated project information visibility
  • Mobility, accessible from anywhere

 Using the Cloud – Hosted Phones

Fire the phone company. You can have your phone system in the Cloud. You can save real money by moving your phone system to Cloud.  In addition to saving money, you reduce maintenance costs.  Your phone system works over your data connection.  Office moves are a breeze, just unplug your phone, take it with you and plug it in at your new office and you are ready to go.  You are completely location independent.  A hosted phone system has all the typical phone options found in a premise PBX, call forwarding, find me follow me, voicemail, all features of a PBX without a PBX.  The sound is HD quality. Your voicemail and faxes can be sent directly to email.

With hosted phones you have Built-in Business Continuity – if your Office is closed for a week, you can work from anywhere, take your phone with you or use a full-featured mobile phone app.  Are you on the phone all day?  You can use a softphone running on a PC and a headset to manage all your calls, you don’t need to buy phone handsets or wireless headsets.

Communication as a Service – You have free 4-digit dialing between all your offices, there are no charges between locations on the same system.  Incoming calls are free as well.  You only pay for outgoing and long distance but the price per minute is very competitive and you can buy prepaid minutes to save even more.

Using the Cloud – Hosted email / Office

Is there anyone who does not use Cloud-based email for your personal email? When it comes to email, individuals are ahead of business.  Today, there is little reason why any business should be running their own email servers and managing their own email.  Using Office 365 or G Suite, you have business productivity applications bundled with business email at a very competitive price.  These are very compelling reasons to move your business applications and email to the Cloud without any downside.  In most cases, you can reduce costs as well.

Using the Cloud – Helpdesk

Remote assistance technologies and the ability to time shift make Helpdesk an easy fit for the Cloud. You can get Helpdesk support from a Cloud-Based Provider 24/7/365.  Outsourcing your helpdesk is an easy and low-risk way to move to the Cloud.

 Using the Cloud – Mobility

Using the Cloud, you have complete mobility, connect from any device, from anywhere you have a data connection. (which is almost everywhere these days) Work sharing, hoteling and job sharing are all enabled by increased mobility.

But my boss says, “No way I am going to let my employees work from home!”

There have been numerous studies about telecommuting that show productivity increases the more mobile the workforce.  Increased Mobility and Cloud Computing also support Bring Your Own Device (BYOD) and Choose Your Own Device (CYOD) further reducing IT expenses.

 Using the Cloud – Software as a Service – SaaS

Run your software from the Cloud. Virtually any software that runs on a desktop will run on a Virtualized Cloud Desktop.  Many major business applications now offer Cloud options.  SaaS allows you to stabilize your software cost. You can increase and decrease the number of seats of each application.  You reduce maintenance costs and are always running the latest version.  You run your application from anywhere you have data connectivity.  SaaS makes you more mobile and flexible.

 Using the Cloud – Video Conferencing / Web Conferencing

Video conferencing works great for small meetings, up to 25 participants.  There are several Cloud-based Video / Web Conferencing applications available.  They offer many options for video, they interface with phone systems for participants that don’t have access to a web camera.  Video conferencing works very well for smaller meetings up to about 25 participants.  If you have more than 25 users, the advantage of seeing the participants gets lost in the quantity/quality of the interaction.  But for small team meetings, it is ideal.  You get more face time with your clients.

Using the Cloud – Hosted wireless

The Cloud is great for hosting wireless, centralized management of wireless resources. With the Cloud, you have one place to control and manage content, security, and access.

How is the Cloud Transforming Work?

Sustainability

The Cloud reduces the need for non-renewable energy.  When businesses move IT from on-site facilities to consolidated Cloud datacenters, it saves energy and cuts pollution — just as relying on power companies is better for the environment than if everyone ran their own power plant.

As a vendor, we also make sure our datacenters are running as green as possible.  We use renewable green energy sources – hydroelectric power and passive cooling whenever possible.

Innovation

Cloud-based collaboration drives Innovation.   Innovation creates a competitive advantage.  The Cloud supports and promotes collaboration.

Data Storage needs are growing exponentially

As bandwidth improves more centralization is possible.  Data Centralization reduces the need to duplicate data in multiple locations.  It also allows you to deduplicate and reduce the total amount of storage needed.  And storage in the cloud is infinitely scalable. (practically speaking)

Mobility – Remote access

Work from anywhere –home, hotel, airplane, client office, anywhere you have an Internet connection which is almost everywhere. Connect using any device, Smartphones, Android, IOS, Macs, PCs.  You are device independent.

Security

With security, the key is to assess risk.  Are premise-based computers, networks and servers better protected than Cloud-based assets? In most cases, the answer is no.  Cloud Providers invest far more on security than the average business can, it is their business. But what about Government / Cloud Provider snooping?  Make sure you read and understand Privacy Policies and insist on absolute privacy for your business data.  You will have more flexibility and more privacy using a Private Cloud rather than a Public Cloud.  For example, as a Private Cloud Provider, we will not allow government access to your data without informing you first and not without proper legal authority.  Your data belongs to you. Period.

Budget

Using the Cloud must make sense from a financial point of view.  What is the return on your investment?  Many factors affect your ROI, download our free white paper to determine your Cloud ROI.  We’d love to have an opportunity to help you save money.

How do I Choose a Cloud Provider?

Ask a potential Cloud Provider these questions:

  • Mature Services Offering – Are they “Full Service” or do you need to do most of the work?
  • Data Center Operations Excellence – Do they own/operate their own Data Center?
  • Committed Ownership – will they be around in years to come?
  • Geographical reach – Can they service all my locations?
  • Internal Engineering Expertise – Do they have the right people with the right knowledge?
  • Established Client Base – Are they a healthy organization? Financially stable?

Assess

What is the next step after you have chosen a provider? This first step is assessing your needs. What are your needs? Where are you today? Where do you want to be?  A good Cloud Provider can help you develop an assessment.

An Assessment is a deep dive into the current state of your technology with specific recommendations on improving your IT Infrastructure and Operations.  Remember your Technology Initiatives must align and support your Business Goals.

Identify Gaps

During this assessment, look at all aspects of your technology and your business and identify ways to improve productivity, save money and protect your business.

Recommendations

Next, identify specific recommendations to improve your technology.  Create a plan for improving PCs, your network, network servers, security, backups, email, wireless, printing, all things technology related.

Also, consider how you can use technology to build your business.

Implementation

Once you have identified your initiatives, meet with your Cloud Provider and develop a plan for implementation.  The plan takes into consideration your priorities, your time and your budget.  Prioritize and budget and then develop a schedule to get it done.  The faster you can implement, the faster you can realize the benefits and savings afforded by moving to the Cloud.

Service and Support

Finally, make sure you have on-going support.  No technology is 100% foolproof, you will need help at some point.

Advance2000 provides a 24 / 7 /365 Help Desk and can provide your staff with any type of IT Support.  We offer 4 different levels of support from Basic Support all the way up to full Managed IT services.  You determine how much support you need and then buy what you need.  We also provide Full Turnkey Support whether you are hosted in Cloud or still using equipment in your office.

Sounds Great, how do I get started in the Cloud?

We’ll leave you with ONE BIG IDEA. Centralizing and Outsourcing your Technology is called the “Cloud”.

Cloud = Scalability, Mobility, Agility and Speed

Is there anything you could do better in the Cloud?

  • Identify your Business Objectives; is your technology supporting those objectives?
  • Are you using old outdated technology?
  • Is your technology putting your company at a Competitive Disadvantage?

Cloud Computing can help.

What’s next?  Do you have questions?  Contact us today.

 

 

 

Strategic IT Assessment

9 Digital Transformation Statistics That Every Business Should Know

We’re living in the digital era. From smartphones to smartwatches, we are constantly glued to our devices. Today, there are an estimated 8.4 million “things” on the internet, with the IoT growing every year.

With that said, it’s no surprise that businesses are realizing the tremendous impact digital transformation can have on their success.

What do we mean by digital transformation?

IScoop defines the term as “the profound and accelerating transformation of business activities, processes, competencies, and models to fully leverage the changes and opportunities of digital technologies and their impact across society in a strategic and prioritized way.” In other words, digital transformation is a journey that aims to constantly improve and innovate with the ever-evolving technologies.

Now it’s more important than ever that businesses have quality professionals (whether it’s in-house or outsourced) to help them understand what technologies are available and required to effectively run their business and provide the best possible customer experiences.

If you’re still not sure how crucial digital transformation is to long-term business success, here are 9 statistics that might persuade you. With technology continuing to evolve at a rapid pace, we can only expect these numbers to grow in the years to come.

digital-transformation-infographic

 

Strategic IT Assessment

Back to Basics: How to Write a Company Email Policy

Introduction

Every company needs an email policy.  This is to protect employees as well as the firm.

The purpose of an email policy is to set proper expectations with your employees.  What are the rules and guidelines regarding email and what happens if you ignore the rules?

The email policy should be written and reviewed with the employee at the time of employment.  A signature block is optional.

DISCLAIMER: I am not a lawyer, any legal policy you implement at your company should be reviewed and signed off by your legal team.  The following are merely guidelines and sample text to help you create your own email policy.

Typical Sections included in an Email Policy

  • Introduction
  • Email Ownership and Privacy
  • Email Usage Guidelines
  • Email Misuse and Abuse
  • Email Retention and Backup
  • Personal Use of email / Opinions / Personal Views
  • Security / Trade Secrets / Personal Information
  • Questions / Who to ask
  • Signature line and Date

Introduction

The introduction should state the purpose and reason for having and enforcing an email policy.  It should state the business purpose of email and explain the need for an email policy.

SAMPLE TEXT

[COMPANY] Email Policy [version or date]

Date

[COMPANY] provides email to all authorized employees. email is a business tool to help [COMPANY] employees serve our customers, communicate with vendors, streamline internal communications and reduce unnecessary paperwork. The email system is intended primarily for business purposes. This email policy outlines the acceptable use of business email for {COMPANY].

Email Ownership and Privacy

This section explains the Company owns the email and email systems.  The company can access email for ANY reason and the employee has NO expectation of privacy.  Email is a company owned tool (like your desk and PC) and the employer can access any email at any time for any reason.

Employees must realize email is not private.  If required, email access can be cut off and all email sent and received may be restricted for any reason.  This is very important in the case of harassment accusations.

SAMPLE TEXT

All communications and information transmitted, received, or archived in [COMPANY]’s computer system belong to the company. Management has the right to access and disclose all employee email messages transmitted or received via the organization’s computer system. [COMPANY] may exercise its legal right to monitor employees’ email activity. Regarding email, employees should have no expectation of privacy. Be aware management may access and monitor email at any time, for any reason, with or without prior notice.

Email Usage Guidelines

This section outlines the basic use and guidelines for company email.  It discusses email etiquette and stresses the business use of email.  It should remind employees to abide by all corporate standards including logos, signatures, and copyrights. You should warn about the use of CC and BCC and inadvertently sharing email addresses in a group email.  You should caution against using inappropriate language and tone and what to do if you receive an email that does not conform to these guidelines.  Employees should be told sending confidential or sensitive information over email is not secure.  They should never include user names, passwords or other client or personal information in an email.

SAMPLE TEXT

Exercise sound judgment and common sense when sending email messages. Client-related messages should be carefully guarded and protected, like any other written materials. You must also abide by copyright laws, ethics rules and other applicable laws. Exercise caution when sending blind carbon copies (BCC) and carbon copies (CC) to ensure you don’t violate addressees’ privacy by inadvertently sharing email address information.

Email usage must conform to [COMPANY]’s harassment and discrimination policies. Messages containing defamatory, obscene, menacing, threatening, offensive, harassing, or otherwise objectionable and/or inappropriate statements and/or messages that disclose personal information without authorization will not be tolerated. If you receive this type of prohibited, unsolicited message, do not forward it. Notify your supervisor, the HR department, and the Director of Information Technology about the message. Handle the message as instructed by management.

Email Misuse and Abuse

Email should not be used for frivolous purposes.  Company email should not be used to share jokes or other inappropriate or suggestive content (pornography).  Also, include a warning about sending firm-wide (ALL STAFF) email.  I have seen firm-wide email regarding after-hour parties/outings and lost and found items sent using ALL STAFF distribution lists.  This is not a good use of the company’s resources and should be avoided.

SAMPLE TEXT

E-mail messages should be treated as formal business documents, written in accordance with [COMPANY]’s correspondence guidelines. E-mail creates a permanent and documented communication and must not be treated casually.

Employees are prohibited from sending jokes, rumors, gossip, or unsubstantiated opinions via email. These communications, which often contain objectionable material, are easily misconstrued when communicated electronically. Employees should not waste [COMPANY]’s computer resources or colleagues’ time.

Send email messages and copies only to those with a legitimate need to read your message. Chain messages, jokes and large graphics should be deleted, not forwarded, as they can overload the system.

Employees are prohibited from sending firm-wide email messages to All Staff without prior authorization and this practice is limited to only necessary correspondence. In addition, employees are prohibited from requesting replies to firm-wide email without prior authorization. Sending firm-wide email is generally discouraged.

Misuse and/or abuse of [COMPANY]’s electronic assets (wasting productive time online, copying or downloading copyrighted materials, visiting inappropriate sites, sending inappropriate/abusive email messages, etc.) will result in disciplinary action, up to and including termination.

Please address any questions or concerns regarding firm-wide email to the Director of IT or the Director of HR.

Email retention and backup

Email should be retained according to the company’s Document Management guidelines and legal requirements.  Your policy should explain the difference between “record” email and “non-record” email, email that should be saved versus email that can be discarded. In this section, you can also explain the means and limits of email backup.  Depending on your legal requirements and the type of email, you need clear standards outlined for saving and deleting email.

Many companies deliberately delete non-record email.  When email is backed up, depending on your backup system, you may not have the ability to retrieve individual emails for each account.  Employees need to understand the limits of the email backup and retrieval and plan accordingly.

SAMPLE TEXT

All email messages (whether in electronic form or printed) with an ongoing legal, compliance, business, or project value (considered a “business record”) must be retained in accordance with the company’s records management policies and applicable retention schedules. Project related email, particularly critical project email, such as milestone progress reviews and approvals and scope changes must be filed using the [name of email archiving or filing software’s] filing system.

 (See the most recent Records Documentation Policy for further information)

 It is the responsibility of every email user to maintain email records. It is the responsibility of each user to retain email records (defined as any email having an ongoing legal, compliance, business, operational, project or historical value) like all other records in accordance with the company’s retention policies.

 Project electronic files are regularly backed up and retrievable. Email accounts are not typically permanently backed up or retrievable except in the case of disaster recovery. For this reason, it is essential all important project-related email is transferred to the network project folders on a regular basis using the [name of email filing software] program.

 To maximize the operating efficiency of the company’s email system and to minimize the storage costs associated with retaining large volumes of unnecessary email, every employee has a limited amount of email storage in their email account. Requests for additional space will be considered on a case-by-case basis.  Keep your email storage cleaned out and up to date. [describe the email storage limits if any]

 Email will be backed up daily for disaster recovery purposes only and will thereafter be retained for [X] months. The company is not able to restore individual email messages. If you are unable to access your email account for more than 14 days, please contact IT or HR to make arrangements for your email account during your absence.

 All copies of non-record email (those with no ongoing legal, compliance, business, operational, project or historical value) can be deleted and paper printouts of such messages disposed of when no longer needed.

 Non-record email messages include, but are not limited to, administrative email (such as an invitation to the company holiday party or a meeting notice); they do not need to be retained as a company record, according to the records retention schedule. Such messages only need to be kept if they are needed to conduct business. Failure to dispose of such messages wastes valuable company computer resources and employee time. However, if you would retain the message if it had been sent in paper form, then you should retain record copies of the email transmission. Email can be archived electronically using [email archive software]. Please see IT for instructions on archiving email.

 You should, unless otherwise directed:

  1. Purge drafts and non-record email messages immediately when no longer needed.
  2. Purge convenience or reference email copies immediately when no longer needed.
  3. Purge duplicate email immediately when no longer needed.

Personal use of email / Opinions / Personal Views / Solicitation

Employees will unavoidably use their company email for personal reasons.  While almost everyone has a personal email account, inevitably there will be an intermingling of personal email and work email.  Employees corresponding to each other may by default use the company email rather than a personal email.  They may not even know each other’s personal email address.

Recognizing this will happen, you should include language in your email policy to describe the acceptable personal use of company email.  If it is 100% prohibited, you should say that.

SAMPLE TEXT

[COMPANY]’s electronic mail service is reserved primarily for business use. All users should consider this in their decision to use the firm’s email services for personal purposes.

Employees may use [COMPANY]’s email service for incidental personal reasons with the following guidelines:

  1. Communication with non-business contacts is permitted but should be minimized during business hours.

Employees also are free to correspond during the lunch hour and other break times. Personal email should not interfere with the email user’s employment or other obligations and responsibilities to the firm.

  1. Personal email communication that exceeds the limits outlined above is prohibited unless justified by family emergency or otherwise specifically authorized by [COMPANY]’s Human Resources Director. Personal email should not directly or indirectly interfere with the firm’s operation of computing facilities or electronic mail services or burden the firm with noticeable additional cost.
  2. The use of [COMPANY]’s email system to solicit for any purpose, campaign for a political candidate, espouse political views, promote a religious cause, and/or advertise the sale of merchandise is strictly prohibited.
  3. Personal Email usage must also conform to [COMPANY]’s harassment and discrimination policies.

Security / Trade Secrets / Personal information / Viruses

This section discusses email security.  Users are required to use secure passwords and change their password often.  Include a warning about sending personal information or trade secrets via email.  Email (unless encrypted) is not secure. Employees should know any sent email can be intercepted or read.  Phone and snail mail are both more secure than email.  Finally, warn employees about opening email they do not recognize or are not expecting.  Most email systems have SPAM and virus protection but occasionally something will slip through security.  Employees need to think before opening email and if they suspect an email, they need to know what to do with it and who to notify.

SAMPLE TEXT

Email passwords are the property of [COMPANY]. Employees are required to provide the Director of Information Technology with current passwords upon request. Only authorized personnel are permitted to access another employee’s email without consent. Misuse of passwords, the sharing of passwords with non-employees, and/or the unauthorized access of another employee’s password or mailbox for any reason will result in disciplinary action, up to and including termination.

Security is difficult if not impossible to achieve in the electronic age. Confidential or personal information should never be sent via email understanding it can be intercepted. This includes the transmission of client information, Social Security numbers, employee health records, proprietary data and trade secrets, or other confidential material. When sending sensitive material (or any message, for that matter), employees should use extreme caution to ensure the intended recipient’s email address is correct.

Be careful when opening email with attachments.  While [Company] has email SPAM and virus filtering, there is a possibility a malicious link or new exploit can bypass our system.  If you receive strange messages or unexpected email from someone, use caution and common sense before opening.  When in doubt, contact the sender to verify the email is legitimate and safe.  If you accidentally open an unknown file or click on an unsafe link, notify IT as soon as possible and they can determine if it was safe.

Questions / Who to ask / Signature line and date

Finally, let staff know who to contact if they have questions or concerns.  When reviewing this policy with a new employee or introducing an email policy for the first time, you can include a signature line to state the employee has received and read the email policy.

SAMPLE TEXT

If you have any questions about the above policies, please address them to the Director of Information Technology or Human Resources Director.

I [Employee Name] have received and read [Company]’ Email Policy [version or dated]

_________________________ Signature

_____________ Date

 

I hope this article has convinced you every company needs an email policy.  If you need help writing your company’s email policy, click here and we can get you started.

 

The Truth About Remote Working

Remote Working Success Factors:

According to a 2016 survey of American remote workers, about 91 percent of people who work from home feel they’re more productive than when they’re in an office.  Forbes Magazine and Harvard Business Review have both written extensively about the productivity gains from remote working.

I have worked remote for the past 6 years.  I think working remotely is great for productivity and work-life balance but it might not be for everyone.

Let’s look at the pros and cons of remote working.

Remote work can be good or bad, it depends on you, your job and employer

What kind of a job do you have? Studies show Knowledge and Creative workers will benefit most from remote working.  Obviously, if you have a job that requires face to face meetings or special equipment then working remotely is not going to work for you.  There is no way a Starbucks Barista is going to work remotely. The exceptions might be phone or chat-based customer service jobs, they are tailor-made for remote workers.

Remote working flexibility is great.  It allows you to schedule life around work.  You can take a 15-minute break to pick up the kids from school or meet the plumber.  These little conveniences improve work/life balance.

Commute time is eliminated.  People don’t realize how much time (and money) is spent commuting.  I live in a large urban city and my wife spends 3 hours and $15 a day using public transportation.  That is a big expense and time commitment.  My commute is one minute to my home office.

If you spend a lot of time working in teams, remote working can still be very productive.  There are many factors that determine if remote work works for you. Let’s look at those that can make you a successful remote worker.

To work remotely, you need appropriate technology

Remote working requires the ability to work from anywhere, ideally, you need complete mobility.

Depending on your exact situation, you need a laptop (or desktop PC), mobile phone and some kind of screen sharing or online meeting tool.  You might also use a chat client or an online project management tool.  There are many solutions out there, you need to investigate which tools work best in your situation and with your employer.

I use Google Voice.  Google Voice allows one number to ring in many places at the same time,  my desk phone, my mobile phone and my Skype number all ring together. I can be anywhere and you can reach me by phone.  Many telephony systems allow you to forward your calls to another number or to your mobile phone.  There are phone features like Find me / Follow me that ring at multiple locations, one after another until you pick up or it goes to voicemail.

If you work in teams, you need technology to support teamwork.  Technologies like Infrastructure as a Service (IaaS) or VDIs (Virtual Desktop Interface) give you complete access to your work computer and all your office files and programs from anywhere you have Internet connectivity.

If your company does not use VDI or allow remote access, then you are going to have a harder time collaborating with colleagues and access the programs and data you need.  Most companies, even if they do not use VDI, have some way to securely access company infrastructure.  This is typically done using Virtual Private Network (VPN) and some kind of secure authentication.

I am fortunate my company, Advance2000, provides technologies to enable our entire staff to be 100% mobile.  We also help other companies become 100% mobile and work remotely.  We can provide an “office in the cloud” and supply servers, desktops and phones all completely hosted in our private cloud and accessible from anywhere you have an Internet connection.  Some of our clients don’t even have physical offices any longer.

Dedicated Workspace

You need a comfortable place to work.  Companies provide a comfortable productive place for their employees to work.  Working remote, you need that too.

When setting up a home office, keep these things in mind.

  • Door – I find having a door on my office, especially when my kids were younger, was a necessity. If the door is closed, no kids or cats are allowed in.
  • Full-size desk – Get a full-size desk for your computer and two monitors. Dual monitors have been shown to boost productivity.  Spend some money on quality monitors, keyboards and mice.  You spend 8 hours a day on these tools, make sure they are high quality. You want to minimize the chance of eye strain and RSI and you need reliable technology that will last.
  • Network/Internet – a wired Internet connection is faster and more reliable than using WiFi.  If needed, have an electrician run wiring from your Internet Router to your home office.  If you have multiple devices using the Internet, you can invest in a small switch to share your Internet connection.
  • Hotspot/phone fallback – I recommend you have a cellular backup in case your home Internet service goes down. You can use a mobile phone or tablet with cellular data to create a mobile hotspot to use in case your primary Internet goes out.  Or you can just pack up and head to the nearest coffee shop to work.
  • Good desk chair – Get a good office chair.  Do not buy a cheap box store chair.  You are going to spend 8-10 hours a day in your chair.  There is a reason office chairs are so expensive, they are designed for all-day comfort.  Don’t scrimp here, if you can’t afford to spend a lot, check out office equipment resellers.  They have lightly used office chairs by all the major office furniture providers.  Go and sit in the chair, make sure it is right before you spend hundreds of dollars.
  • Private space – I recommend a private office space not shared with the rest of the family.  You need to separate from the family distractions.
  • Windows / fresh air – it is a bonus if you have natural light and operating windows in your office.
  • Monitor/keyboard/headset – These are the tools you use all day. Along with a good chair, get a good keyboard and mouse and monitors.  Ergonomic tools are a plus.  If you spend a lot of time on the phone, consider using a lightweight high-quality headset.
  • Office in a wardrobe – Tight on space? You can house an entire office in a piece of furniture.  There are also desks that hide the office equipment from sight.

Photo: Bowery Hill Computer Armoire

  • Build an office? – Depending on your local building codes, you might be able to build an office in your backyard. This gives you the mental and physical separation from the home.  You leave your house but still have all the amenities of home just a few steps away.

Photo courtesy Will Leger

Office parks/coworking spaces – Finally, if you can’t stand working alone, there are many coworking spaces available everywhere.  For a very small monthly investment, you have access to a shared desk and workspace.  Coworking spaces offer Wifi, refreshments, shared desks and team/conference rooms.  You just bring your laptop and work.  Some people find the social activity stimulating to work.

Photo: WeWork – Chicago

Staying Focused

Successful remote working ultimately depends on you.  It requires discipline and organization.  If you are the type of person whose attention wanders you might not be a good candidate.  Here are some things you can do to improve concentration and reduce distractions.

  • Music – some people use music to provide “white noise” to help them focus on tasks at hand.
  • Minimize interruptions – Be careful of distractions / Internet / social media. Stay away from distractions online.  Consider using browser extensions to block all websites for a period of time.  (RescueTime)
  • Pomodoro technique – Work 25 minutes without stopping and then take a 5-minute break. Specialized Pomodoro apps and websites can help you use this technique to stay focused.
  • Set time for lunch and breaks – every 20 minutes look away from the computer screen for 20 seconds. Plan a regular time for lunch and get away from the computer.
  • Face time – Plan regular trips to the company’s office. You need face time occasionally.  This makes working remote more successful.  Once you meet someone in person, it is much easier to work with them remotely.
  • Demographics – Surprisingly, younger people prefer working in an office for the “social” aspects.

Tips for remote workers

  • Keep a professional attitude – When remote working, it is tempting to not get dressed or shave or get out of your pajamas. Resist these behaviors, they affect your thinking.  Maintaining professional behaviors will help you be more productive.  Don’t take conference calls in bed.
  • Turn off social media – Use organizational technology to keep on track, create lists. If you know what to do next, it will help you resist the temptation to waste time.
  • Schedule all your time – Schedule your todo tasks as well as your meetings and appointments. When you have free time, refer to your to-do list and move to the next item on your list. Stay busy and your mind will not wander.
  • Use fill-in tasks – I have a list of projects to do right now, to do in the future and to do someday. Having those lists prepared keeps you from wasting time by not knowing what to do.
  • Establish regular hours – Keep regular hours. I start work at 8 AM and take lunch 11-11:30 and end my day at 5.  Beware of the trap of working all the time.  It is tempting to answer email and phone calls 24/7/365.  Unless you are required to do this, working remotely is not an excuse to work 12 hour days.  Working remote can improve work/life balance.  Working all the time increases stress and is unproductive.
  • Take regular breaks – Take time away from the computer screen, rest your eyes every hour. Take lunch every day, I take a shorter lunch (30 minutes) since I don’t have to get food or go anywhere to eat.

Pulling it all together

Positives

  • No commute
  • Flexibility
  • Fewer distractions / interruptions
  • Lower employee attrition (higher retention)
  • Better home/work balance
  • Self Management (responsibility)
  • Save money – no commuting costs = instant raise, eat at home
  • No office space required/create a virtual company for startups

Negatives

  • No face time / alone / isolation
  • Lose “social” aspect of the office
  • Time management harder / requires more discipline
  • No physical presence in the office – out of sight …
  • Need to over communicate to be heard – you are not seen
  • Must be a good time manager

Convincing the Boss

So how do you convince your company to allow you to work remote?  In the studies on remote work, middle management seems to be the most resistant to allowing staff to work remote.  This might be because they can no longer see their staff working in front of them.  There is a certain amount of trust required on the part of managers to let go.

One suggestion might be to rotate the days you work remote.  Maybe you go to the office on Monday and Friday and work remote Tuesday, Wednesday and Thursday?  Or maybe part of your department works remotely while the rest are in the office and then you switch.  Companies using remote workers need less office space.  Fewer offices/cubicles and less office furniture reduce costs for a company.  It is a win-win for employees and their companies.

Try It

Remote working is not for everyone or for every company.  Set up a remote working trial and see how it goes.  I think you will be surprised how it can improve productivity, create happier employees and save money.

For more information on setting up a virtual office and working remote, contact us today.  Click here and we can get you started.

Ransomware: What it is, Who’s at Risk, and How to Stop an Attack

Last year was riddled with ransomware attacks with thousands of systems compromised as a result. With technology evolving at the current rate, hackers are finding more and more ways to attack. For example, ransomware is no longer limited to affecting desktops or laptops — it can also target mobile devices. A report by Kaspersky noted that there was a 250% increase in mobile ransomware attacks just within the first few months of 2017.

Thankfully, the ever-evolving technology also gives us more ways to protect against these attacks.

The first step toward protecting yourself and your business against ransomware is knowledge. Understanding what ransomware is and how it works can help you take the necessary security precautions. Below, we’ll delve into the history of ransomware, the various ways it accesses devices, who is at risk, and some of the technologies and best practices you can follow to prevent an attack or save encrypted data.

Are you prepared for an attack? Click here for our free checklist and learn how to stop ransomware in its tracks.

 

What exactly is ransomware and where did it come from?

Ransomware is a form of malicious software that blocks and/or locks your computer and prevents you from accessing your data until you pay a ransom. Both the attacks and the ransoms can come in many different forms. Some demand payment, some threaten with harm, and others do both.

According to an article by Heimdal Security, ransomware first appeared in 1989 in the form of the AIDS Trojan; where malware was spread using floppy disks and demanded victims to pay $189 as ransom. More commonly noted instances of ransomware occured in Russia and Eastern Europe between 2005 and 2009. Victims were demanded to pay using SMS messages or by calling a premium rate phone number, since online payment wasn’t as available as it is today.

Since then, ransomware attacks have continued (and continued to evolve) at an alarming rate. In 2013, CryptoLocker — a software that locks and unlocks victims’ files — infected over half a million victims, extorting around $27 million from the percentage of users who paid the ransom. In 2017, victims were hit by WannaCry, one of the most wide-spread malware attacks, which infected Windows users by encrypting files on the hard drive and demanding Bitcoin payment from the victims.

Ransomware today can generally be classified into two types: encrypting and locker. Locker is also known as MBR or Master Boot Record exploit. Encrypting ransomware blocks files using encryption algorithms, and demands payment in order to decrypt the blocked data. Examples of this type are CryptoLocker and CryptoWall. According to Wired, “with the development of ransom cryptware, [it] encrypts your files using a private key that only the attacker possesses, instead of simply locking your keyboard or computer.” Whereas, locker ransomware locks the user out of the operating system, blocking access to the entire desktop without actually encrypting any files, such as police-themed ransomware. There is also a less common type of ransomware known as leakware or doxware, that threatens to release sensitive data from the user’s computer unless the ransom is paid. To read about the different variations of encrypting and locker ransomware, check out this source.

How does ransomware spread?

Understanding exactly what ransomware looks like is crucial because you’ll know how to look out for phishy signs. Heimdal Security goes into detail describing the various characteristics that make ransomware unique from other forms of malware. Keep an eye out for these actions, which may indicate a ransomware attack:

  • Encrypting all kinds of files
  • Scrambling file names
  • Adding extensions to files
  • Displaying an image or message that your data has been encrypted (and asking for a ransom)
  • Requesting payment in Bitcoins
  • Limiting the time available to make a payment (and/or threatening if payment is not met)
  • Spreading to other PCs (within a local or wide area network)

All forms of ransomware can be spread through infected email attachments (phishing scams), software apps, external hard drives (e.g. flash drives), drive-by downloads, SPAM, out-of-date anti-virus, and compromised websites. Not to mention there’s now infected SMS messaging to target mobile devices.

Now that you have a better grasp on what signs to look for, we’ll discuss who are the most likely targets of a ransomware attack and what you can do to protect yourself and your business.

Who is at risk of a ransomware attack?

Unfortunately, basically everyone. Since there are variants of each type of ransomware and new forms are coming out at an ever-increasing pace, it’s nearly impossible to predict who the next victim(s) will be. That being said, we can make some educated guesses.

By analyzing the circumstances and characteristics of past victims, we can figure out why some users were attacked — helping us predict who might be at risk in the future. Presently, we know that some attackers aim for businesses only, while others aim for the average individual user. Here are some of the reasons why:

If users don’t have any kind of data backup, attackers will definitely take notice. And users are less likely to have knowledge about proper IT security, therefore they’re more likely to open phishy emails or click on suspicious links. Attackers also look for users who don’t keep their software up to date and lack of basic cybersecurity knowledge.

As for businesses, they’re targeted often because they’ve proven more lucrative than the individual. If a ransomware attack is causing a major disruption, they’ll likely pay off the ransom quickly, no matter the amount. In addition to all the computers housed within a business’ building, Heimal Security points out that ransomware can infect “servers and cloud-based file-sharing systems, going deep into a business’s core.”
It’s no surprise that large businesses and corporations are targeted because they have the ability to pay off a large ransom if all or some of their computers and data are attacked.

Small businesses also fall prey to ransomware because of IT security negligence. Many — especially new startups —- don’t have security in place and are unprepared to deal with security breaches.

Some businesses and individuals are guilty of thinking a malware attack won’t happen to them. But, according to Wired, “at least $5 million is extorted from ransomware victims each year.” The damage caused by ransomware attacks cannot and should not be ignored. Experts say that a ransomware attack can cost a user between $200 and $10,000, and more than 50% of businesses surveyed have paid anywhere from $10,000 to $40,000.

Thankfully, there is technology available to guard against malware, and some practices you can learn to protect yourself or your business from becoming another victim.

What are some technologies and best practices you can follow?

As we mentioned previously, understanding what ransomware is and how it works can make you less vulnerable to an attack — knowledge is power!

The next step to ensure basic IT security for anyone is to install antivirus protection on your computers/devices, and to keep all your operating system and software up to date. Updating promptly and on a regular basis gives attackers fewer vulnerabilities to exploit.

Then — and we can’t stress this point enough — backup all of your data. This doesn’t stop a ransomware attack, but it will make it a whole lot easier when it comes to recovering from an attack.

Some of the best practices you can follow to prevent falling victim to ransomware are:

  • Never open spam emails or emails from unknown senders;
  • Never download attachments from spam/suspicious emails;
  • Never click links in spam/suspicious emails.

Pro tip: If you receive emails from Microsoft or some other well-known brand name asking for your account information or payment, be sure to check the sender’s email address. If it’s not directly from @microsoft.com, or looks suspicious in any other way – don’t open it or click any links within them.

If you’re removing ransomware (on a Windows system) you can follow these steps lined out by CSO Online:

  • Reboot Windows 10 to safe mode
  • Install anti-malware software
  • Scan the system to find the ransomware program
  • Restore the computer to a previous state

As soon as you notice either the ransomware warnings or evidence of encrypted files, unplug you PC from any network! The virus will crawl your network and infect any files or machines it finds — you need to contain the infection.

There are also professional cybersecurity researchers working around the world to break the encryptions on large-scale ransomware attacks. Unfortunately, if you didn’t backup your data, there is no way to get your data back or decyrpted without paying the ransom. Remember, you need to remove any malicious software before you restore from a recent backup. When in doubt, always reach out to your IT department or an IT professional service like ours at Advance2000 as soon as possible. We can help you recover your files and hardware.

Recap

There is no reason for anyone to feel helpless when it comes to ransomware. With basically unlimited information about ransomware on the internet and the ever-evolving technologies to keep your computers and data secure, you should be able to safeguard yourself against most malicious ransomware attacks.

To help, we’ve partnered with Sophos to provide you with a comprehensive checklist outlining exactly how to stop malicious ransomware attacks in their tracks. Click below to ensure you’re prepared in the event of an attack:

ransomware-security-checklist-CTA

Understanding The Technology Structure and Needs for AEC Firms

The needs of the modern AEC firm are ever-evolving. As technology continues to become more sophisticated, it increasingly lends itself well to the collaborative and often geographically dispersed teams of the AEC industry.

I have the unique opportunity to work for a company that has over 75 clients ranging from just two employees to 1,000 solely within this unique industry. Because of this, I have had the privilege to assist in solving the technology challenges that firms face on a day-to-day basis. Whether it’s DR and backup, data archiving, collaboration or BIM — my team and I have helped our valued AEC firms come up with the best IT solutions possible.

With that said, I have a unique perspective on technology as it relates to the AEC firm. From experience, I categorize technology for AEC into three main categories: Infrastructure, Design, and Knowledge Management.

Let’s take a look at what each category entails:

Infrastructure Technology

Infrastructure technology keeps you running day-to-day.  This is the behind-the-scenes technology, the “plumbing” that supports daily operations.  You never notice it (until it fails), but it is very important to the stability of your operations.  Infrastructure technology supports system stability, remote access, mobility, collaboration, facility support, and sustainability. Infrastructure technologies RUN the business.

Examples of Infrastructure Technology:

  • Servers
  • Desktops / Workstations
  • Internet
  • Virtualization
  • Networking (Local Area and Wide Area)
  • Telecommunications
  • Remote access
  • Video conferencing
  • Wireless
  • Mobile Devices

Design Technology

Design technologies are the tools used to manage and administer projects. BIM is the essential design technology.

Design technologies support mobility and collaboration. This includes the ability to work outside the office, the ability to connect to the network from anywhere, and the ability to collaborate and work with both internal and external project teams.

Design technologies author and document your projects. These tools also communicate design solutions to your clients. Design technologies GROW the business.

Examples of Design Technology:

  • Authoring (Revit / AutoCAD)
  • Project Information Management (PIM)
  • Collaboration tools
  • Email
  • Analysis tools
  • Visualization software
  • QA / QC / risk management
  • Quantity take-offs / estimating / commissioning
  • Scheduling
  • Construction administration

Knowledge Management

Knowledge Management (KM) is a key business support technology for AEC. It defines what you do, how you work, how you stay productive, and how you promote innovation and creativity at your firm.  Knowledge Management is recording, storing, and retrieving knowledge and information, and documenting and sharing best practices.  

Knowledge Management technologies provide access to information. Web technologies such as blogs, intranets, wikis, and social media help build and market the collective knowledge of your firm. In addition, training is a key part of Knowledge Management. Your staff needs adequate training and more importantly the ability to save, seek, and find information.

Examples of Knowledge Management:

  • Training
  • Network folder organization
  • Project information access
  • Design and technical libraries
  • Best practices and procedures
  • Historical project data
  • Business intelligence
  • Collaboration and communication software
  • Intranet
  • Internet
  • Digital asset management
  • Project process documentation

All of these KM technologies contribute to team and organizational knowledge flow, which is essentially the transition of the managed knowledge from where it’s stored, to where it needs to be applied. Naturally, knowledge must and does flow through the design process.

Here’s a look at the basic knowledge flow for collaborative AEC teams:

AEC Knowledge Flow

Knowledge Management technology can make your firm more competitive in the marketplace by increasing your expertise and providing better service to your clients. It’s safe to say that KM Technologies TRANSFORM the business and ensure every team member has the information, education, and overall knowledge to perform optimally.

The Technology Life-Cycle

Any of these technologies can provide a competitive advantage for your firm, but you must weigh each against the technology life-cycle (TLC).

Within each of these categories of technology there are new solutions and products that initially provide a competitive advantage. Early adopters and more tech-savvy firms take advantage of new technologies to gain a competitive edge over their peers. But they also accept the learning curve and higher costs associated with new technology adoption. Right now, AR and VR technologies are examples of competitive advantage technologies.

As technologies become generally accepted and widespread, their use instead becomes a competitive necessity. By this time, most firms have heard of or are already using these technologies and they are required if you intend to keep up with the competition. These technologies don’t provide a competitive advantage, but if you don’t use them you run the risk of falling behind the competition. CAD and BIM authoring tools are good examples of competitive necessity technology.

Finally, as technology ages and is replaced, it becomes a competitive disadvantage. If you continue to use older, outdated technologies, your company falls behind the mainstream, and you actually lose productivity by not replacing old technology. Are you still using AutoCAD 2004 on 10-year-old workstations and CRT monitors? Sure, you can, but you are paying a steep price in productivity and are at a competitive disadvantage to your peers.

Quick Recap:

In today’s technologically-driven world, it’s no secret that technology adds value to your products, provides additional marketable services, supports decision making, increases productivity, and provides timely financial data. This demonstrates to your clients a leadership role in the use of technology applied in the design profession.

The three categories of technologies featured in this article — infrastructure, design, and knowledge management — form the basis for understanding the IT needs of an AEC firm. Any experienced IT firm, like Advance2000, will work with you within this framework to build a comprehensive IT strategy to run your IT operations, and, in turn, keep your entire business operating efficiently.

 


With over 75 AEC clients ranging in size from 2 to 1,200, Advance2000 understands the unique technology needs of AEC.  Whether it’s backup, DR, data archiving, collaboration, or BIM, we have experience solving the technology challenges facing your firm.  We work with Autodesk, Bentley, Dassault, Deltek, Newforma, Primavera and many other AEC-specific vendors.  

Ready to explore how we can help you strategically run, grow, and transform your practice? 

Strategic IT Assessment from Advance2000

Revit Collaboration Strategies Presentation

Last year, in October of 2017, Chris France, Regional President of Advance2000, presented some useful Revit collaboration strategies to the Orange County Revit User Group. In his presentation, Chris discussed the four aspects of the Revit Collaboration Matrix (App Local, Data Local, App Remote, and Data Remote), and the pros and cons of each strategy.

Below is Chris France’s full presentation, or you can view it on our YouTube channel here. We hope you find it as interesting and helpful as we did!

Revit Collaboration Strategies:

Created by Autodesk, Revit is building information modeling (BIM) software that allows users to create buildings, structures, components, etc. in both 2D and 3D. Architects, engineers, and designers often use Revit to collaborate on projects — even when members of the team are working in different locations. While collaborating in real-time, across geographical boundaries can be very challenging, there are plenty of Revit collaboration strategies you can follow to make your work easier to manage for all team members.

13 Eye-Opening Cybersecurity Facts

In light of recent global cyberattacks (read: WannaCry), it’s more important than ever to understand the risks of poor cybersecurity.

According to Skyhigh, virtually every organization experiences at least one cloud-based threat per month. In fact, three out of four IT professionals cited their businesses were at risk for cybersecurity (and man-made) disasters.

Many businesses may not have the budget for high-end security, or may consider it an unnecessary expense. Unfortunately, the cost of not having a solid security plan and strategy in place can far outweigh the price of investing in security. According to IBM, the global cost of cybercrime will reach $2 trillion by 2019 and $6 trillion by 2021. And money is not the only aspect of your business you can lose to a security breach. You can lose years of your organization’s and your clients’ data, which can result in loss of trust and even overall business from your clients.

With the recent security breaches and ransomware attacks, we thought it pertinent to remind you of the seriousness of cybersecurity. Below are a collection of staggering facts and statistics about cybercrime and cybersecurity to keep in mind.

Be smart and stay safe!

cybersecurity-facts-infographic

 

IT Security Consultation

 

HIPAA Compliance and Ransomware: What You Need to Know

If you work in the medical field or for a health care provider, chances are you’re very familiar with HIPAA guidelines and how they pertain to patient care. But are you familiar with how HIPAA affects your IT environment? When it comes to HIPPA and patient care, most people are already familiar with the HIPAA Privacy Rule, but how familiar are you with the HIPAA Security Rule? Due to recent events regarding ransomware and the Erie County Medical Center, HIPAA compliance – along with data security – has become more important than ever.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulates the use and disclosure of Protected Health Information (PHI). This applies to (but is not limited to) health insurers, medical service providers, health clearing houses, and employer sponsored health plans. From April of 2003 until January of 2013 there were over 91,000 HIPAA complaints, which led to 22,000 enforcement actions. As if going through legal litigation isn’t bad enough, violators also pay a pretty penny per HIPAA violation. In 2010, Cignet Health of Maryland was fined 4.3 million dollars for simply not providing patients copies of patient medical records when requested.

How can HIPAA compliance affect your daily operation?

Now that we’ve established how important HIPAA is, lets break down how this may affect your operations on a day-to-day basis. To do this, I’m going to refer back to ECMC. When ECMC was initially hit with the cyberattack, they were given an option to settle for 1.7 bitcoin (which is the equivalent of $4,644 U.S. dollars). This may not seem like an astronomical amount of money; however, the $4,644 dollar figure was in reference to each infected machine. If you take into account how many machines a small- to medium-size office may have (likely around 10 to 15), you’re looking at a starting point of around fifty thousand dollars and up (now the fee seems a bit more severe). On top of the monetary losses, you also must take data security, HIPAA fines, down time, productivity loss, and reputation into account.

Hopefully now we see how the consequences from not being HIPAA compliant, but how does HIPAA compliance help protect your data?

The first step in becoming HIPAA compliant, from an IT perspective, is to have an audit of your environment completed. This way a managed service provider can provide a detailed scope of your environment, along with an IT roadmap, which will help you to plan for future expenses and potential issues. During the audit, multiple scans of the environment will be run. Some of the scans will make sure your hardware and software is up to date, and will also check for any security vulnerabilities or possible holes in your infrastructure configuration management.

After the audit has been completed, an engineer will sit down with you and explain his finding and recommendations. Sometimes the recommendations may be very minute in scale and will be able to be implemented in a very short amount of time. On other occasions the engineer may find larger holes or more serious issues which may need to be addressed in a more urgent matter.  As an example, a main part of being HIPAA compliant is having a full off-site backup. If the audit is completed and no backup is found, an engineer will sit down with you and provide you with a detailed proposal which will help you protect your data in the event that you are ever attacked by a malicious software and data loss does indeed occur.

As technology continues to advance and hackers become more sophisticated, data security increasingly becomes a top priority for organizations like yours. We’ve seen foreign countries/governments “hack” U.S. computers with the explicit interest of stealing intellectual property and extorting money from U.S. business. A HIPAA security audit is great way to make sure this doesn’t happen to you.

Free HIPAA Security Checklist

How to Plan a Successful VDI Implementation

Implementing a New Technology

Implementing VDI, whether hosted (Desktop as a Service) or on-premise is big undertaking involving a lot of change.  Managing that change is crucial to the success of the initiative. When implementing any new technology for the first time, there are several things to consider.
VDI Implementation

Evaluate: First, evaluate your current processes, procedures, and practices.  What’s working well, what isn’t?  Where can you improve? Decide where technology will make the biggest impact in the way you work.  Target the areas that will have the biggest payoff on your investment dollar – the best ROI.

Strategize: Next, think about your optimal business situation. What are your goals? Where is your company headed – ideally? How will you get there? What are the gaps between where you are today and where you want to be?  Identify the technologies that will take you to the next level.

Plan & Implement: Once you’ve identified the areas of improvement and decided on a technology solution to close the gap, you need to form an implementation plan. Identify and prioritize your “quick wins” to build momentum and buy-in from staff and management.

Educate, Communicate and Document: With any new technology or way of working there will be questions, concerns, and skepticism. Staff development, training, and good communication are essential to the success of any new initiative. Bring everyone up to speed and keep them informed, and the change will be much easier to manage.

Continuous Improvement: Once your implementation is completed you’re certainly not finished. Look for other opportunities to build on your success. Uncover ways to continually improve (Kaizen). Especially when it comes to technology, you can’t stand still or you’ll be left behind.

Getting Started

We take a Crawl – Walk – Run approach to VDI implementation.

Crawl
Start with a demo. This is your proof of concept. Does this technology really work? If it does work, will it provide me the performance that I need? At Advance2000, demo accounts are free and a good way to vet the solution without spending any money – just a little time.

Walk
The next step I’d recommend is a pilot. By a pilot, I mean a small implementation for a project or the office. This is a real test. You should set up goals and metrics for the pilot; you can measure uptime and test support. Then verify the actual performance: does it meet or exceed your expectations? What questions and problems do you encounter? Is it easy to use? And what training is needed?

Run
Finally, once you are satisfied and believe that all is good and this new endeavor will save you time and money, plan a full implementation that can be a single project or involve your entire company.

Migrating to a Hosted VDI Solution

There are 7 steps to a successful VDI implementation:

  1. Decide on an approach
  2. Infrastructure plan – hardware
  3. Software integration
  4. Communication plan
  5. Training plan
  6. Wrap up
  7. Measure success

Decide on an Approach

How are you going to implement VDI?  There are three approaches that we see used frequently: by project, by department, or by office. (Or you might use some combination of these three.)

Some firms start with a single project as a pilot and then once that project is running well, move a second project to the cloud. They continue to migrate to VDIs – project by project – until most of the work is being done on VDI. At that point, you will have most of the firm in the cloud. You can then migrate the rest of the company using one of the methods described below.

One option is migrating by department. Sometimes it’s easier to move entire departments to the cloud. Departments like HR, accounting, and other independent departments can move to VDI without disrupting the rest of the firm. This approach is usually less disruptive to the projects, as well.

For a multi-office company, you can migrate to VDI office by office by cutting over their desktops and storage one office at a time. You can even space it out and do one office per month. This approach can be difficult if you collaborate a lot between offices, but if each office is independent it works well. Make sure you don’t make the migration longer than necessary. If VDIs provide a measurable benefit, you want to take advantage as quickly as possible.

Infrastructure Plan

The next step is to identify and formulate an infrastructure plan. You need to determine which assets are going to be virtualized and run from the data center. Conduct an inventory of the types and quantities of desktops and servers you operate so you can determine what you need in the data center to support your staff.  What kind of bandwidth and firewalls do you need to connect to your VDIs? Keep in mind that data circuits can be one of the longest lead time items on your implementation schedule.

Next, build the VDI Infrastructure in the data center, migrate your data, set a date, and plan the cutover on a weekend.  The following Monday morning everyone should be prepared to use the new technology.

Lastly, determine what to do with older desktops and laptops. You can keep them and run them until the wheels fall off, sell them, trash them, or give them away to employees or charity.

Don’t forget to follow up and make sure that everything is working well.

Infrastructure Plan Overview:

  • Circuit upgrades (long lead time)
  • Server inventory
  • Desktop inventory
  • Set up virtual infrastructure in data center
  • Copy all data to the data center
  • Verify data is synchronized
  • Complete WAN upgrade
  • Set cutover date
  • Deactivate local servers
  • Do the final data sync to the cloud
  • Setup cutover – usually over a weekend
  • Test all systems – printers, scanners, etc.
  • Go live!
  • Follow up: uncover issues / develop a punch list / troubleshoot

Software Integration

Make sure all your software works well on a VDI. Verify that your software can legally run on a VDI.  Some software manufacturers strictly forbid use on a VDI or in a virtualized environment. Test all programs to make sure that the performance is good. If you have any software that requires special hardware (dongles, card readers, cameras, etc.), verify it works on a VDI and that you have any necessary interface hardware needed.

Communication Plan

Good communication can make or break any technology initiative. Take time to tell staff what to expect, keep them informed throughout the process, and follow up after the completion of the initiative.

What exactly should you communicate to your staff?

Here are some ideas:

  • What is a VDI?
  • Why are we using VDIs?
  • What is the plan to migrate to VDI?
  • What can you expect, how will we work differently?
  • Share your migration plan and milestones
  • Conduct a post cutover Q&A
  • How will you get help / support?

Good communication will ensure your success.

For some extra help communicating about your new initiative and answering staff questions, click here to check out our comprehensive post on VDI FAQs.

Training

Conduct training to help staff use their new tools. Make sure to document all the training in either written or video formats so people can review the material on their own time.

Ideas for training:

  • Login procedures
  • Access VDI from outside office
  • How do I get support / help?
  • New procedures or processes – how will you work differently
  • Troubleshooting problems

Webinars and screen capture are easy ways to conduct training and document the new information.  During the presentation, record the webinar and save it to the network so that others that missed or want to review the information can access it.

Wrap up

Have you covered your bases? Make sure that you’ve addressed all the questions and concerns of your users. Start a list of questions or issues and address them before project closeout. Are there any unforeseen items or changes that need to be addressed? Maybe there are special security concerns or integration with another office system that was overlooked. Take the time during your training and communication to discuss problems and concerns and resolve each one.

Measuring success

Once you’ve completed the implementation, how do you measure success? Go back to your original implementation plan and review the goals and objectives you had for the VDI initiative.

What business problem were you trying to solve?

  • Improved mobility?
  • Reduced cost or maintenance expense?
  • Improved collaboration?
  • Reduced capital expense?
  • Rapid deployment?

Did you meet your expectations? Are your users happy?

All technology initiatives must align with and support the company’s business goals. Did you accomplish that? If you did, congratulations on a successful VDI deployment. If not, where did you fall short?

Getting Started

Are you ready to get crawling with VDIs?  Contact us today and we’ll set up a free demo for you.

Moving to a Private Cloud Ebook