Synapse Blog
- 5 min read
- 5 min read
In previous whitepapers, we have discussed the importance of an IT department. After all, Information Technology continues to play a crucial role in the development of every facet of society, let alone businesses.
However, IT is not the core competency of most businesses. This means that many businesses tend to divert their attention away from IT, as they are confident that their IT department “just works”; or worse, they accept mediocrity because they think it is the norm.
In many cases, these businesses are technically correct. An IT department will still function and the business will run, even with a lack of attention towards IT. However, there is a major advantage to be had for businesses that acknowledge the importance of IT, regardless of their core competency.
Ultimately, if you want to give your business a competitive edge, you must not give into the misconception that all IT providers are the same.Not only does your IT provider need to make IT their core competency, they must also be able to:
- Keep their finger on the pulse of the dynamic technology landscape
- Maintain a thorough understanding of the business so that IT changes can be seamlessly integrated into business procedures
- Assess the problems facing the business so that there is a distinguishable purpose behind every IT solution
What are the benefits of success in your IT department?
Contrary to popular belief, the difference between highly profitable companies and their more mediocre competitors is actually fairly minute. While their daily operations and the services they provide may be similar, the way in which these businesses address their IT department is one of the important differentials that makes the difference.
This makes sense when you consider that the benefits of success are more than just a slightly more profitable business. When your IT department succeeds, it improves your business in a broad number of ways.
Success Motivates Staff
The simple fact is that employees want to work for a business that will reward their effort. It is incredibly demoralising to have to spend countless of one’s personal time and energy on a business without getting to experience its success.
But how does that relate to IT? If a business is encumbered by a less than successful IT department, it can result in all kinds of technical problems that directly affect a staff member’s capacity to work, such as:
- Tasks that should be automated being performed by staff (wasting effort, time and resources).
- Software glitches/hardware failures that staff need to navigate.
- Outdated technology that does not meet the needs of staff, etc.
A successful IT department means the rest of the workforce is perfectly equipped to complete their tasks, which is a source of staff motivation.
Success Means Great PR
While this might not always be obvious, a successful IT department reflects well on a business’ image. For example, it is always a bad look for a business if;
- It is subject to a malware attack that results in the leaking of sensitive customer information.
- Its website goes down due to an increase of traffic during a significant event such as a sale.
- Its transactional processes are unoptimised and unwieldy for clients, etc.
As technology becomes more pervasive for everyday people, your business needs to adapt. If your business is not compatible with the technology of your customers, they will find a competitor whose business is. The only way you’ll achieve that compatibility is with the help of a successful IT department.
Success Lets You Know Where You Need to Improve
No business is perfect. There is always room for improvement. A successful IT department is aware of this, and always analyses the business for any inefficiencies that can be rectified, regardless of how well the business is performing.
The worst thing that success can do is make a business owner complacent. The major advantage of success is that it highlights the business processes that are effective, as well as those that an IT department can stand to improve.
How do you measure your IT Department’s Success?
The answer to this question revolves around the structure of your business, focusing on the roles of the decision makers and the IT department. In order to obtain a full picture of success, you have to measure the efforts of both groups.
The decision makers of your business should focus on your business’ desired outcomes, the objectives that make those outcomes actionable, and the strategies that will lead to those objectives being achieved.
The IT people, on the other hand, are focused on the tangible processes that will lead to the business outcomes being met. Thus, it is important to measure your IT department’s success based on how these processes are implemented.
Every IT decision needs to solve a problem, otherwise it is a waste of time and resources. IT solutions also need to be updated regularly in order to meet the many problems that arise in the dynamic IT environment.
However, it is important to remember that the outcomes of your business don’t change. Your business will retain objectives that IT solutions work towards (such as enhancing communication, aiding employees, automating processes, etc.), but the IT methods that allow your business to reach those outcomes change. Failing to adapt your business’ IT methods will leave your business in a vulnerable state, where what once gave you a competitive edge now has the capacity to make you lag behind your competitors instead.
One of the difficulties of measuring your IT department’s success is that there is no strict tried-and-true method. Instead of a singular algorithm that you can insert your business metrics into to empirically determine your IT department’ success, there are a series of qualitative and quantitative factors that can inform your definition of success.
However, there is a simple process that can be implemented to make the act of measuring your IT department’s success as easy as possible. There are only two basic steps, and they apply to any IT department.
Choose Your Critical Success Factors (CSFs)
Before you determine whether or not your IT department is successful, you have to define what success means for your IT department in the first place. It sounds complicated, but it’s actually very simple.
Critical success factors come in the form of goals that your IT department should aspire to. These come in different forms, such as;
| Industry Factors | The goals that your IT department needs to achieve in order for your business to remain competitive in your particular industry. |
| Environmental Factors | The goals that your IT department needs to achieve in order for your business to remain adaptable in the constantly changing climate of your industry. |
| Strategic Factors | The goals that your IT department needs to achieve in order for you to implement your proposed business strategies effectively. |
| Temporal Factors | The short term goals that your IT department needs to achieve in order to respond to the current state of your business. |
Set Your Key Performance Indicators (KPIs)
While CSFs are proactive, as you are preparing your IT department for whatever happens to your business, KPIs are reactive. Your KPIs are a set of measurements that you will use to identify your IT department’s achievements.
KPIs can be;
- Finance focused (i.e. the reduction of costs, a boost in profits)
- Customer focused (i.e. positive customer feedback, easier transactions)
- Process focused (i.e. are other departments able to meet their KPIs thanks to the efforts of the IT department?), etc.
What are the factors that determine your IT department’s success?
There are many factors that a business owner can observe to determine the success of their IT department. Typically, you should aim for factors that best reflect the strategies and operations of your business. These will likely include the following;
How does your IT department operate?
- How efficiently does your IT department complete their day-to-day operations?
- Is there a direct correlation between the efforts of your IT department and any success that your business has recently seen?
- How effective have the solutions that your IT department has implemented been?
How does your IT department respond to a crisis?
- What is the extent of your IT department’s security measures, and are those measures effective?
- Is your IT department prepared with contingency plans that are ready to implement in the event of an IT problem?
- How effective is your IT department at monitoring systems for potential threats?
- How reliable is your IT department at mitigating the effects of an IT problem after the fact?
How do the rest of your staff work with the IT department?
- What is the extent of your IT department’s communication with the rest of your staff?
- What is the consensus amongst your employees regarding the IT department?
- Are there any instances where the IT department has obstructed any other departments from reaching their KPIs?
How has your IT department affected your bottom line?
- Have you seen an increase in profit due to measures enacted by the IT department?
- Are you seeing the full benefits of the time and resources that you have invested into your IT department?
- How often do you have to stretch your budget or delegate extra time to compensate for unforeseen IT problems?
In Summary
Because IT is not a core competency of many businesses, there are a large number of businesses that neglect their IT department. While this will not necessarily kill a business, it will give an advantage to competitors that do acknowledge their IT department, regardless of their core competency.
The success of an IT department results in widespread benefits that create a competitive edge for the business, such as:
- A boost in employee morale
- Great PR that positively impacts customers
- Useful opportunities to identify any weaknesses that can be rectified
Because of this, it is useful to regularly measure your IT department’s success. While success to an IT department is subjective, depending on the business, there is an easy way to measure an IT department’s success.
- Identify the factors that are critical towards your business’ success
- Set the goals that your IT department should be aspiring too
Once you have those factors and goals set in place, you can measure your IT department’s success by determining whether or not those goals are being met. These can be based on;
- The daily operations of your IT department
- How your IT department responds to a crisis
- How your IT department interacts with the rest of your staff
- How your IT department impacts your bottom line
Because this is a job that is both big and important, it is imperative that you seek help from our team of business analysts and tech specialists. At Synapse IT, we have the knowledge and experience to thoroughly assess your business and determine whether or not your IT department is meeting its full potential.
Contact us for a free 60 minute session with our senior consultants so we can help you use IT to make your business grow.
- 5 min read
Most business owners and managers are aware of the importance of good cyber security but often other concerns take precedence. Managers are busy dealing with the day to day running of the business and can’t spare much time worrying about the “what ifs” posed by cyber threats.
Additionally, small businesses have limited funding so they need to make sure they’re getting the best “bang for their buck” in all areas including cyber security. It is difficult for business leaders to keep abreast of the risks posed in the current environment and set the right budget to combat these risks. This means their business, data, clients and reputation are often vulnerable to cyber attacks.
Why are we sharing this?
In the last month, we’ve seen an increase in the number of cyber attacks in the industry. The most common cyber breaches that we see occur when an attacker gets a username and password for one of your internet facing systems. They may get the password through a variety of different means, but once they have your username and password they can do anything they like with your data. This is obviously a major problem!
The common targets for these attacks are email and file storage systems such as Office 365, remote access technologies such as Remote Desktop Servers, and VPN systems that grant access to your internal networks from across the internet.
What do hackers do with their access?
Usually when a hacker breaches your network they do not announce themselves straight away. On average, networks are breached months before the attacker does anything noticeable. During this time they may sell your details to other hackers, or can sit in the background reading your data and working out how best to exploit your weaknesses.
There are lots of different possible attacks, but the most common ones we see are:
- Ransomware: The attacker gains access to your network and encrypts all of your files so you can no longer access your data. Your data is then held for ransom; you need to pay the attacker their requested sum of money to have your files decrypted.
- Extortionware: The attacker gains access to your network and copies your sensitive data. They then threaten to release the data, thereby causing you significant reputational and legal damage, unless you pay.
- Impersonation: The attacker gains access to your email. They read your history and get an understanding of who you are, who you deal with, who they are, and what you commonly communicate about. They can then effectively impersonate your business contacts to trick you into sending money, stealing information, etc.
What should you do immediately?
A study by Microsoft shows that 99.9% of password based attacks can be prevented by implementing Multi Factor Authentication. Synapse strongly recommends that all organisations deploy MFA on all internet facing systems, particularly Office 365, Remote Desktop, and VPN systems. Doing this is relatively cheap and easy, and offers significant additional protection.
In addition to this, we also recommend a more broad assessment of your security posture to make sure your business is adequately protected from threats such as ransomware, hackers etc.
How do you know if you’re adequately protected?
MFA is a great start, but it’s just one piece of a complex puzzle. There are a lot of other things that may or may not be required depending on your business.
To understand how you compare to a reasonable benchmark we suggest utlising a Cyber Security Framework. There are a number of internationally recognized frameworks, all of which are proven processes for delivering a good cyber security outcome. Originally most were designed for large enterprises, governments or other large bodies. As time has gone on, these frameworks have been broadened and cut down so that they’re more broadly applicable even down to small organizations.
One of the common frameworks is NIST, which is an American framework. NIST has 5 main components as outlined below.
Let’s take a high level look at the what each component means.
Identify – You can’t effectively protect assets you haven’t identified, right? The first step to protecting yourself is to identify what information do you have, how critical it is, what software, hardware and people access that information, where is it stored, etc. The first step is to identify what you are trying to protect.
Protect – Now that you’ve identified the assets, you can take steps to put protection in place to reduce risk. It’s worth noting that even if appropriate protections are in place, no protection is 100% guaranteed. Consequently you may still have a breach.
Detect – If / when you have a breach, how do you detect it? We already know that in many cases the damage is not done until months after the initial breach occurs. Ideally you need a way to detect and contain the breach early before significant damage is done.
Respond – When you detect the breach, either before or after serious damage is done, what do you do next and how to do you respond? Making it up as you go is not the best way to handle a crisis. A clearly thought through plan outlining who will be involved and what they’re going to do is required.
Recover – Obviously if there’s an incident you want to be able to recover. You need to make sure you have the appropriate systems, processes and people in place to enable this.
The more work put in at the early stages leaves less risk in the later stages. If you are more effective with identifying and protecting assets, and then detecting breaches when they occur, you should find responding and recovering to be a much easier task.
The table below shows some of the common considerations in each of the 5 stages.
Why is following a framework best practice?
A cyber security framework provides a formal process for improving your security posture. Without one you can end up putting in systems reactively, or just guessing what you may need. Without a structure it’s easy to spend money on security and still accidentally leave big gaps in your coverage.
We encourage everybody to think about how the 5 areas outlined above are addressed within their organisation. How good are your systems and processes in these areas?
Why should you care about cyber security risk management?
Ultimately it is the responsibility of business owners and leaders to protect their own data. They are the ones who have the most to lose if their data is destroyed or stolen, and they can also be held personally liable for any damages caused by data breaches in their organisations. Business leaders need to understand, at a high level, what the risks are and make sure they are happy with the protections that are in place.
If you’re a business leader and have questions about your cyber security please get in touch with us for help protecting your business and its reputation.
Contact Us
1300 903 405 | support@itconsultants.com.au
www.itconsultants.com.au
- 5 min read
January was intended to be our last month of competing in our teams fitness challenge. For those of us actually competing (bar Hayden), we had some underwhelming results. See the table below.
Our Managing Director Hayden is again, very clearly the winner of fitness challenge in January. Hayden travelled up to a record of 198km by the end of the month. The only way from here is up, clearly.
Hayden’s choice of charity for January is 🥁… The Australasian Leukaemia and Lymphoma Group, a not-for-profit group dedicated to improving the treatment and lives of patients with leukaemia, lymphoma and other haematological malignancies.
After a high volume of requests, we decided to continue with our monthly exercise challenge for the foreseeable future. We’d like to invite some of you to join in on the fun, but suggesting some charities. If you have a favorite charity you’d like us to donate to in a future month, see our contact details below.
Lets recap some of the teams achievements so far in this challenge, we have donated:
- Over $500 to Food for Families,
- $448 to Cystic Fibrosis Australia and now,
- Just over $400 to The Australasian Leukaemia and Lymphoma Group this past month.
- …will it be you who chooses the next charity? 😃
We look forward to updating you further on our fitness challenge. If you’d like to recommend your favorite charity drop us a message at support@itconsultants.com.au.
Contact Us
1300 903 405 | support@itconsultants.com.au
www.itconsultants.com.au
- 5 min read
It was during November 2020 when the Synapse exercise challenge took off. After many months in lockdown, committing to walking, running, biking, rowing etc. to increase the amount of kilometers we each took daily seemed like a positive goal for the month of November. As well as making us all feel a bit fitter, the team member with the highest score was able to select a charity that Synapse donated to on their behalf.
In November, Synapse’s Marketing Assistant Carly won the first month of our exercise challenge, helping donate just over $500 to Food for Families, a Melbourne based charity that collects food and toiletries for families in need.
As we enter January, it’s time to review December’s monthly totals and announce the exercise challenge winner for that month.
The overall stats were looking a bit low during December, perhaps some of us were being a bit complacent, but given it was the Christmas holidays the team deserved to be a bit slack.
Our Managing Director Hayden is very clearly the winner of December, travelling up to 127km by the end of the month. Thanks to our IT friends from Sydney, Lookup IT, for suggesting Cystic Fibrosis Australia as this month’s charity. We have donated $448 to their cause.
Not yet part of Synapse’s Network’s?
Join us on social!
- 5 min read
After being stuck at home during lockdown for many months, the team and I engaged in some healthy competition during the month of November. At the beginning of the month, we each began tracking how many kilometers we each, walked, ran, biked, rowed etc for the entire month of November. As well as making us all feel a bit fitter, the team member with the highest score was able to select a charity that Synapse donated to on their behalf.
(Some of the team are taking this challenge more seriously than others it seems…)
Our Marketing Assistant Carly took home the first win for our monthly exercise challenge, with roughly 160kms walked in November. Carly’s choice of charity was Food for Families, a Melbourne based charity that collects food and toiletries for families in need. After Carly’s win in the November exercise challenge, we’ve now donated just over $500 to Food for Families.
We plan on running this competition until the end of January 2021. Stay tuned to find out which member of the Synapse team will take home the exercise challenge win for the month, and the respective charity they select!
Not yet part of Synapse’s Network’s?
Join us on social!
- 5 min read
The Good, The Bad, and the Ugly of Mobility and BYOD
There are a lot of advantages to mobility in today’s workforce, but the Bring-Your-Own-Device (BYOD) movement has also brought its share of headaches as well.
We live in a society where everyone must have the newest technology. We are inundated with ads reminding us that the smartphone or tablet we just bought a year ago is laughably outdated and inferior to the upgrade that just hit the market.
People who have just bought the latest technology don’t want to have to set it aside to use a separate company-issued device. As a result, businesses are beginning to grant these employee-owned devices access to their file and email servers, databases, and applications.
While this brings certain competitive advantages to employers, it naturally carries many risks, too.
Let’s begin with the pros of BYOD…
The Advantages of BYOD
Greater Flexibility and Productivity – Personal devices allow workers more flexibility, which in turn can increase productivity. Today’s employee isn’t restricted to their office workstation or cubicle. They can carry out job responsibilities from home, a coffee shop, their child’s dance recital, or while traveling.
Reduced Costs – Purchasing even the most basic Blackberry for an employee can cost a company $900+ per worker. Costs like that can be completely eliminated by adopting a BYOD policy where employees are required to use their own device.
Happier Employees/Attractiveness to Job Seekers – Recent studies have found that 44% of job seekers are attracted more to employers who are open to BYOD and occasional remote work. Beyond this hiring advantage over competition, it has been found that employees as a whole are generally happier using the devices they own and prefer for work purposes.
Better Customer Service – This goes hand and hand with more flexibility and productivity. Mobility allows employees to occasionally resolve or escalate urgent client issues outside of normal working hours, and clients remember that kind of response time.
And now the cons of BYOD…
Disadvantages of BYOD
Compromised Data Security – Unfortunately, letting employees use their own smartphones, tablets, and laptops increases the likelihood of sensitive company or customer/client data being compromised. It is important for companies to establish a comprehensive mobile device security policy and never make any exceptions to it whatsoever. Really. No exceptions. Ever.
Employee Privacy – Many employees may oppose using their own devices for work, especially if it’s a company requirement that they aren’t reimbursed for. You have to remember that these are the same devices employees use to log into their Facebook and Twitter accounts or do their online banking. In this age of constant paranoia over big brother watching our every move, employees may be concerned that their employer will spy on them or access their personal passwords and information.
Handling Employee Turnover – Companies must consider how they will address the retrieval of company data and information from an employee’s device if the employee either quits or is fired. Some companies may require that employees only save or edit company files on their servers or use cloud-based sharing software like Dropbox to share and edit docs.
The Importance of a Mobile Device Management Tool
Obviously, businesses must keep track of all of the devices that access their server, applications, and data. Mobile Device Management helps enterprises centralize what is an otherwise chaotic hodgepodge of devices and operating systems. This ensures that all devices are configured, deployed, and properly monitored and managed. This is a smart way for businesses to embrace BYOD while securing data and applications across multiple devices.
Contact us at Synapse IT Consultants Pty Ltd
Contact Us Today
Reach new heights in your industry through beginning the transition to managed IT solutions.