Where technology experts at Endsight share their expertise on IT Management, the issues that arise for clients, and the benefits of technology for medical practices, biotech firms, law firms, financial services and other small businesses in the San Francisco Bay Area.
May 7th, 2010
by Jason Clause Filed under: Email, Managed Services, Outsourced IT Support, Software
My father worked in corporate America before everyone had a personal computer. Instead, my Dad had a tray on the left side of his desk that acted as his in box and a tray on the right that acted as his out box.
He traveled to Asia on multi week business trips and upon his return, he’d be greeted by a giant stack of memo’s, directives and other inter-office correspondence. His solution was to take the stack of paper from his in box and move it directly to the trash can. “If it’s important, they can call me,” he would say.
Dad’s approach to managing his data (paper) wasn’t glitzy or fancy, but it worked and I think it has some application in the digital world.
I’m pretty sure that if I deleted everything in my email store that was more than 6 months old, I’d probably never miss 99% of it. But I know to my core that 1% of that email data set is vital, and so the whole thing lingers on the mail server. That data is then replicated to Endsight’s off-site back up cloud and so now, this blob of mostly useless data exists in two places.
In his article entitled, “The big data addiction” Matt Prigg shares some of his insight into how this very issue is impacting organizations of all sizes today. In it Prigg says, “In a cruel twist of fate, our dependence on ever-expanding digital data has created a feedback loop that fuels its own growth. Within the past 10 years or so, we’ve grown more productive by using business technology. As a result, we’ve created even more massive mountains of data, and we rely upon those mountains to such a degree that we need to duplicate them – multiplying the problem again.”
In addition to email, Prigg is writing about business system data, file shares and a litany of other administrative and back up data sets. In a large organization, this data grows and duplicates at a much faster rate than in a small organization, but a small business isn’t immune to the problem.
I think that for most small businesses that data can be broken up into two parts, email and shared files. I recently contributed an article to the East Bay Chapter of the Association of Legal Administrators that highlights a few technologies that I think can be used to help manage email data without pressing the “delete” key. http://www.ebala.org/Topic.aspx?wiki_id=87#VendorArticle
For file shares, I think one of the prime culprits for expanding data is the fact that no one is really responsible for the files stored on the file share. For example, Endsight had a file on its sales and marketing drive called “2003 archive.” It hadn’t been opened since 2004. Every time I saw the file I thought to myself, “I should just right click & select delete.” But I didn’t create any of the files and so I couldn’t say for sure that someone wouldn’t go looking for a file housed in the archive.
I think the best solution for this problem is to create and publish a document retention policy. For an example of one click here: http://www.abanet.org/lpm/lpt/articles/sampledocretentionpolicy.pdf . This can help to eliminate any guess work and replace it with simple policy enforcement. You can even use technology to set rules and automate the document retention / purge process.
More and more of Endsight’s outsourced IT clients are encountering data store limit issues. We expect these issues to increase as firms move their on-premise computing systems to cloud computing.
To help our clients address this challenge, Endsight provides Planning Services: CIO/Sr. IT Management level consulting & strategy as part of our fixed fee, outsources IT approach. If you’d like to talk in-person about your data situation click here to schedule an appointment.
Tags: Cloud Computing, Email, Endsight, it management, Outsourced IT
Dec 3rd, 2009
by Jason Clause Filed under: Business & Management, Email, Hosted Services, Managed Services
In my opinion, the key incite to glean from Pete’s article is that your data is probably worth WAY more than you think. In fact, it is likely the very life blood driving your organization.
Many of Endsight’s clients operate a service business. They count on the intellectual property locked in their email and business applications to meet their customers’ needs. For them, data is the business.
As Pete’s article notes, “The Department of Commerce has determined that 90% of companies which do not have access to data for more than 5 days go out of business within 1 year.”
By itself, that statistic is alarming, but in the Bay Area it’s further exasperated by this one:
On April 15 2008, the San Francisco Chronicle reported that The US Geological Survey believes “A strong and deadly earthquake is virtually certain to strike on one of California’s major seismic faults within the next 30 years”
I’ve reposted Pete’s article below and invite you to consider what kind of impact a “day without computers” might have on your business. If you find the impact as alarming as Pete, contact us and let’s talk about how we can help mitigate that risk.
I’ve embedded a slide deck to a free seminar Endsight has provided about disaster preparedness. If you belong to a professional association or business / community group that might have an interest in the topic, let me know and I’d be happy to present it. If you’d like more information about the presentation, Email me and I’ll send you a topic abstract.
The Value of Data: What is your data worth to your Organization
By Pete Heles, Founder/CEO Framework IT, LLC
What is your data worth?
This question is one that will have a unique answer to each and every entity in existence. There is no easy answer. This is obvious in the fact that this very question has been asked many times without a quantitative foundation for the answer. It is the objective of this document to assist you in better determining the value of your firm’s data, how to increase its value and ensure the ongoing retention of value.
In researching this question, there are several current themes for determining the value of an organization’s data. The most basic formula is the data of an organization is equal to one times annual revenue. This theory is supported by the fact that if a company’s data is lost or handed over to a competitor, the firm is worthless without it. This is a rather simple formula that points out a fundamental flaw in attempting to establish a universal formula for determining the value of data: The value of data has much to do with the type of organization.
A flower shop, a paint manufacturer and a not-for-profit cannot use the same formula. Think about a dental office: new data is established on each visit and the data collected from prior visits is mostly negated. In the dentist’s case, the security of the new data is far more important than the “old data” with the establishment of HIPAA Guidelines.
A flower shop has names, addresses, credit card information and transaction history. The credit card data is again important from a security risk stand point, but to say the value of a flower shop’s data is 1 times annual revenue seems to be grossly overstated, as the majority of the information can be collected from a variety of sources and the confirmation of credit card information can and should be done with each transaction.
The paint manufacturer on the other hand is very different. In the recent past, a specialty paint manufacturer was purchased by a sizable competing firm. Within 6 months of the acquisition over 90% of the acquired firm’s employees were terminated and all but 2 plants shut down. The data was the only thing of true value. The purchase price was 4 times annual revenue. Formulas and client data in the sole possession of the acquiring firm were deemed to have that significant value.
In today’s business environment Certified Public Accountants and the Federal Government determine the value of tangible assets. Merriam Webster defines tangible as “capable of being appraised at an actual or approximate value <tangible assets>.”
If a firm buys a list of names and addresses it is a business expense and the initial value is easily determined. That list becomes valuable data with use and definition by the firm for its profitable use. The additional data that is built along with the name that was purchased is of significant value. In theory, it is no longer an expense, but becomes an asset. Only the tangibility of value is at question.
There are other considerations that must be realized in determining the value of data. A basic factor in value is the cost to maintain and collect data. What is the budget for computers, software, support, and people in the data systems group at a firm. This is a statement, not a question, as this is a cost of data for any firm. If, in fact, that amount is treated as an expense, it must diminish the value of data by the same amount.
On the other hand, it has been determined by the management of the firm that the value of data will increase in an amount greater than the expense; otherwise it would be a bad business decision to incur that expense. Conclusion: the data processing staff at a firm is critical in increasing the value of the firm’s data. Unfortunately the value of data is too often determined by the purchase price of technology which is used to house the data. That is like telling someone the $1 bill in the $100,000 vault is worth a hundred thousand dollars! In 1978 when a 73mb disk drive was $38,000, was the data more valuable than today when a 300 GB disk drive is about $250? Be careful not to get caught in this determination of data value.
Issues for consideration
1. Is it goodwill? What is that in accounting terms?
2. Is a patent an asset, and how is the value determined?
3. Is data the same as intellectual property?
4. Increasing the value of Data
5. Protecting Data
6. Handling, use, and availability of Data
7. Misuse of Data
8. Where is the Data?
9. Role of individuals and Data
10. Assault on Data
11. Treating Data as an investment
The topics noted above are best answered by the key management of your firm with needed participation from both accounting professionals and lawyers. A strategy for the proper collection, use, protection, and ability to compound data and its value can be an eye opening project that WILL increase the awareness of and value to your firm’s data.
Before starting the process of determining the management of your firm’s data, take a minute to answer the following questions. If an employee took (embezzled) all of your company’s key client, vendor, and financial data to his new employer (a prime competitor of yours), what could the financial affect be to your firm?
If there were a fire (or other situation) that destroyed all the file servers in your data center, how long would it take for your firm to recover from this calamity?
What is the cost/loss per day to your firm if corporate data is not accessible?
What would the financial impact be to your firm if the data that was backedup could not be restored and had to be rebuilt from scratch? These numbers are actually larger than you initially estimate. The Department of Commerce has determined that 90% of companies which do not have access to data for more than 5 days go out of business within 1 year. Does this fact change the way you think about the value of your firm’s data? The protection and assured availability of your company data?
A thorough Business Continuity and Disaster Recovery Plan is a key part of ensuring the “Survivability” of your company in the event of a business interruption or serious data loss. It is estimated that less than 5% of unregulated* businesses have a current and thorough Business Continuity and Disaster Recovery Plan.* (Banks, financial institutions, and publicly held firms are some of the business types that are federally required to have a BC/DR Plan.)
As a business professional it is essential (and possibly legally required) that you protect your firm’s assets. After reading this article and answering a few simple (maybe complex) questions you should have a new appreciation for the value of your firm’s data and understand the need to be more proactive in the protection and assured availability of your data. Start the BC/DR Plan development process today.
Tags: Bay Area, disaster preparedness, Email, Endsight, Technology
May 26th, 2009
by Jason Clause Filed under: Managed Services, Network Security
2009 has been a tumultuous year for the small-business Owner. Cutbacks and spending freezes from our customers have forced many of us to make some very difficult decisions with regards to employee retention.
Some of us have been forced to lay off some really good people as we attempt to reduce our cost structures, collect on outstanding receivables and most importantly find new revenue.
I came across a recent article by Roger Grimes entitled “Do you have a handle on your managed resources?” The article is really geared towards a larger IT department but I think it sheds some light on a new challenge that the small-business owner needs to consider.
From a computer infrastructure perspective each employee must exist as a user on the network. In addition to being assigned a physical workstation, that user needs the workstation to be assigned as a resource on the network. Each user and resource are then granted permissions and assigned to groups based on their job roles.
For example, you hire a new controller, and want to give him or her a workstation with access to email, shared files and your accounting data.
To accomplish that on the network your controller is created as a network users in your network directory. He or she is then assigned a workstation as a resource. The controller is granted permission to access email, shared files and your small businesses accounting system as a member of the finance group.
Proper maintenance of this directory is essential to maintaining a secure, reliable computing environment. As new employees start and others move on, this directory must be updated to avoid risks to security. (stale accounts give malicious hackers great opportunities to exploit your network)
This is a difficult process to maintain under normal circumstances, but for the last nine months our business environment has been chaotic. It’s a good bet that network directory maintenance has taken a backseat to far more pressing issues. But it should be addressed and the sooner the better.
Roger’s article is a pretty easy read and it should help provide some direction for those of you that feel like you can take care of this issue by yourself. But as Roger related his story, it’s really easy to delete items from the directory and cause a catastrophe. (Follow this link to read the specific example) So if you’re going to attempt to do this yourself you need to know that you might delete something that could take your entire network down.
At Endsight, we’ve developed add move and change policies that we’ve baked into our internal systems and procedures. Our team does this all the time and we can guarantee our work. If you need help with this issue or with any other aspects of managing your computer network please feel free to contact us.
Tags: computer infrastructure, directory maintenance, Email, hackers, reliable computing, Roger Grimes, small business owner, small-business
Jun 11th, 2008
by Mike Chaput, President & CEO Filed under: Email
Has wading through your inbox become as tedious as waiting in line at the DMV? Do you find yourself wondering what type of person would buy Viagra or trade stocks from random emails?
It’s hard to fathom that SPAM is the problem that it is, but disbelief won’t clear your inbox from this pesky problem.
The good news is that a solution is possible. There are basically three types of SPAM filtering technology:
- RBLs (real-time black lists)
- Heuristics (computer instructions)
- Firgerprinting (third party approach)
First, a RBL is simply a list of domains (web-sites) that are known for sending spam. The idea is that if you are caught sending SPAM you get put on the RBL and are thus blocked from anyone using the list. Unfortunately, spammers have figured out clever ways to outsmart the filters, such as constantly changing their domain names. In some cases, they will actually breach the security of your domain and hijack your own mail server to send out their SPAM.
Heuristics is a computer science term. In the context of blocking SPAM, it refers to an algorithm, or complex set of computer instructions, that decides what is legitimate e-mail and what is SPAM. For example, an algorithm might flag words, phrases, or character strings like “Mortgage, Viagra, $$$$, HOT STOCK, etc.” There are many more colorful examples, but I think you get the point. The problem with this approach is that algorithms aren’t perfect and oftentimes good e-mail gets categorized as SPAM. We call this a “false positive.” When that happens, you either lose out on important information or have to dig through your spam folder looking for miscategorized messages.
The third approach, and in my opinion the best, is the use of “fingerprinting.” With this approach a third party sets itself up to receive as much SPAM as possible. The third party receives, identifies, and takes a “fingerprint” of hundreds of thousands of SPAM messages. This works because SPAM messages are not unique. The sender crafts a message that they will send to millions of recipients, over and over and over again. Once the message has been identified as SPAM, it can be filtered by everyone subscribing to the fingerprinting service. The key advantage of this methodology is that no unique message will ever get blocked - thus eliminating the problem of false positives. My own company has had great success with a product called Cloudmark
Tags: Email, RBL, SPAM, SPAM filtering technology
