Security·4,715 discussions

Top 10 biggest technology mistakes small businesses make!

Locked

I was working on a project the other day on security policies and it occurred to me that many small to medium sized companies all typically make the same technology mistakes (like not having proper policies in place) and I thought why not explore this in a forum maybe others are catching mistakes that I am not.

So like the title says lets all contribute our opinions and experience, there may be things that I we are missing when engaging our clients that others are not, and vise versa.

Cheers
Brett

Topic

Security policies and proceedures

In reply to Top 10 biggest technology mistakes small businesses make!

I will start off with security policies and proceedures. I would say almost 99% of the smaller business clients I works with (under 100 employees)never seem to have any sort of AUP or security policies and proceedures in place.

this includes things like regular updates to virus software, remote access policies, the afore mentioned acceptable use policies and proceedures for reporting security related issues. Many small businesses could benefit from having even these basic items in place, especially if there is a need to represent your companies interests in a legal dispute.

If your boss came to you today and asked for all the emails sent/received to/by a particular client, partner or employee would you be able to produce them?

this is just an example, and I look forward to hearing everyone elses input.

Cheers
Brett

Security policies and proceedures

In reply to Security policies and proceedures

We have a tech with very little experienece that was given system admin rights over the network. This guy is a joke. We had a project to upgrade Win98 PC’s to Win2k. This was done so we could have more “control” over users that were installing unauthorized software on the company’s PC’s. This guy goes around turning on the local admin rights on machines and forgets about what he did. Giving people unauthorized access to the internet is another thing he does. He DOES NOT document his tasks which makes things VERY difficult for the rest of us. This guy wants to be liked, so he sucks up to everyone. He has no clue to what he’s doing on clients or servers. NONE!

Our supervisor is afraid of confronting him to avoid an argument since this guy is so short-tempered. So, we gone on with a network that is vulnerable. Our clients are being turned into Win98 machines since their local admin rights are turned on. We also have divisions with admin rights since our supervisors has a fear of saying NO!

What does one do?

fire him or

In reply to Security policies and proceedures

Who ever gave him that job needs to be fired too. Who reviewed his expertise, especially when he was given such a high access level. It sounds like references are ignored

Here we go again….

In reply to Security policies and proceedures

WutDunHell.
Maybe, company politics has a play in this. Maybe it is not the case of whom he knows, but, who knows him.

Be careful if it involves company politics.

Instead, why not train him. Let him attend some trainings or seminars. That, if my suspisions are correct. it will be coming bonus points to you if you can become his mentor. Even for the sake of politics, then nobody will be blaming you for that. Boy, I guess, we are a little off topic.

Bret (BMN).
You did not mentioned if you are alone, or with a team. Why? When it comes to this, two is better, and defintely, far more better if there is a lot more people doing this sort of thing. Let me explain. Even though you have thinked it over a lot, these policies, procedures and the like, there will be always be a “thing” that you did not thinked of.

My suggestion? Sit down with a group of people related to IT, or perhaps, your job, say, in you IT dept, if it has one, and also include the management in some point. Or, your friends might help. Then you guys think it over. General Idea? Of course it is. There a lot of technological and social issues to be addressed. One single person might think it all over, but it will definitely take time.

Some pointers about:
1. Technical side. discover more about what is new and max. the use of what you already have.
2. Social issue. The management. Definitely, they will be asking for more access rights. And beyond.
3. Security. It covers both 1 and 2.
4. Psycological and mental issue. This will be related to stress in the working environment thus affecting productivity.

I did not elaborate on much of the details. But that suggestions I gave is the ones WE did in where I am.

I hope this helps.

Fire his supervisor!

In reply to Security policies and proceedures

C’mon now, whoever hired him should in fact be fired. The company simply should have implemented and agreed upon, documented procedure as to steps of upgrading desktop machines. Everyone on the committee who is in charge of the directions will then also know who knows what and the lack thereof. In his case, IF in fact he sucks as you say he does, then his input would have been very little, and would not have been permitted to make those types of stupid changes….Of course I could go on and on about this topic but don’t have the time. Good Luck

Needs re-evaluation

In reply to Security policies and proceedures

That sounds like management not taking control. The supervisor should know if this guys knows what he is doing. If not you need to get someone in there that does. There are a lot of IT people out there looking for jobs that are know what thay are doing. But if that company is cheep and doesnt want to pay decently for the better service. Then I guess you get what you pay for.

Use a third party, don’t make it personal

In reply to Security policies and proceedures

Everybody knows what should be done, get rid of him.
Though easy to say but not to do, maybe first because you don’t have much legitimate say about this.
Well gain that legitimacy.
Manage to convince whoever has the power to do so to hire a security consultant. Someone totally outside of the company politics and that is not scared to call a cat a cat. As a consultant we do know that part of our role is take the blame in order to preserve a social peace whilste solving delicate and potentially emotional issues.

You may want to trigger the need; you know that a machine is vulnerable, well expose it to the open.
Target someone important enough, but make sure you don’t kill you company’s business and endanger your position. Don’t make it personal.

I hope this will help.

Cheers.

CFT

face the fact

In reply to Security policies and proceedures

its obvious the fellow dont know the implication of his actions on the network, his expertise is in real doubt so as consultants, there is a need to let the fellow know his shortcomings and the long term effect that it would have on company’s resources and the image of the consulting firm. so lets face the fact, he has to understand the responsibilities of a network admin thats if he is qualified enough if not let him be fired. that it.

Don’t forget DR

In reply to Security policies and proceedures

Small Business, especially the one-person office types, seem to always forget about disaster recovery. Oh, they MEAN to back up the computer someday, but it always takes too long and they can never find the disk or don’t know how to restore anyway. . .

And it’s not just backups, it’s also an alternate internet &/or phone access, etc. In my world, anything that could take you out of business for even a day should be at least looked at. (JMO)

Who Cares

In reply to Security policies and proceedures

Who cares if your end-users have local admin rights.You’re going to find that MANY programs and/or services are going to require admin rights locally. Scripting, mandatory profiles, Active Directory and good network security is all you need. Oh, and did I mention a copy of Norton Ghost. Who cares if they blow up their local machine. You can ghost another machine up in under 5 minutes and give to them. Why spend countless hours troubleshooting permissions or registry based problems?

Gee….

In reply to Who Cares

Isn’t that a time saver?

If you are talking Technology mistakes – different than security

In reply to Top 10 biggest technology mistakes small businesses make!

Now – which are you talking technology mistakes or security mistakes. Becuase they my be totally opposites.

The biggest technology mistake I see these samll firms get into. Is selecting a pure Microssoft environment – not creating an adaptive environment. They lock themselfs into the Microsoft environemt which ends up costing them more than having an adaptive environment.

I am not saying all open platforms – so all you MS Biggots back up. OK they run on the XP environment – but why not use Netscape, Appachie, and other open products that are just as functional as MS Office.

Other mistakes – is they purchase high speed machines for secretaries – and junk for the technical staff. Management always wants the latest bells and whistles – Blackberrys…

Now for security they want all the hardware and software security money can buy… But when it comes to creating the policies – and enforcing those policies – “Forget-About-It” … they don’t want to hear it…

Small firms need to be Adaptive to market conditions – and secure to hacks and craks…

The MS bandwagon

In reply to If you are talking Technology mistakes – different than security

Hi Jim,your point about everyone wanting MS is very true.
I’ve had numerous companies call me to resolve the constant security issues and patches for thier MS servers, I quickly pass them to a friend as I won’t even drive to a site that’s dependant on MS.

What happens is that many companies will hire a Network Administrator (as if it is a generic term) and ask him to recommend and build a network. First of all the admin rarly invetigates tha company or work floa before recommending hardware and software to get started. Many (MOST)are trained as MCSE’s and the only thing they will recommend is MS Server 2003, Exchange etc. IN a way this is clever because they will always have work to do, in other ways it is neglecting the employer by not properly assessing needs before the recommendation.

Smaller businesses need to deal with a consultant hwo will recommend from a choice of NOS’s that will suit the customer needs.

It is cheaper to hire an entry level net admin and let him/her set it all up than seaking to consultants (my last network recommendation cost $6,800.00, with nothing instaled or purchased, just the network plan. A small company is not going to pay for this service when a $4,000.00/mo employee can do it while he/she is doing other things.

I see this as a huge setback for many companies as they try to save money in the wrong places, many controllers don’t understand IT and therefore will not justify the expense of consultants.

This also goes for telephone systems, computer hardware and peripherals, ulimately costing the company a lot of money and resulting in garbage that needs to be upgraded, replaced and patched on a regular basis.

I Agree

In reply to The MS bandwagon

The real problem is that most small to medium businesses lack the skills to link their business objectives and business requirements to their technology objectives. Instead, they react to peers and press.

As you have pointed out, this extends beyond just workstations and data applications and includes all aspects of technology.

Inquiry

In reply to I Agree

I’ve recently had a meeting with a smaller firm and they certainly have a very limited knowledge of how to parallel both tech and buz.

Does any one have any good advice on how to work around this problem and helping customers understand that quick solutions are not always the way to go?

Make the Business Case First

In reply to Inquiry

The one mistake that technology oriented people typically make, is they forget that the technology is the widget being sold to solve a problem, and that they MUST make the business case for buying the widget in the first place.

You techies are dealing with business people for whom a computer network is a necessary evil. Typically, it is also something they don’t understand, and don’t WANT to understand. It is your first job to present information in ways that your customer will comprehend, and be comfortable with.

That means you need to present the company CIO/CEO with a Business Plan, taylored to his specific company and circumstances. If you, techie, don’t speak “Business Plan”, then I suggest you hire a business consultant to teach you how and why!

Having a sound business plan for your own consulting business will bring tangible benefits to the operation of your own company, to say nothing of what you will then be able to do for your clients!

Once you have written business plans for several similar clients, you will find you can pretty much do a “fill-in-the-blank” for others of a like nature. It will be a feature that will set aside your firm from all the others, a distinction that makes a difference.

Former business Owner, MCSE, A+

Boy I forgot about the PBX and phone solutions

In reply to The MS bandwagon

Boy – I forgot all about the problems these small firms get into purchasing Vendor PBX Hype on the voice side of the home ..

Oz – you hit that one right on the head.. that’s another area.

If these small firms spent their IT dollars wisely and developed an Adaptive environment they would save many times the dollars spent – at the end of the game.

I guess – it all depends on the consultant and the mandate from the firm… You can provide ROI’s until your blue in the face – but if they don’t see it and you want to work again – you do what the customer wants – just got to CYA big time..

In house vs Outsourced

In reply to Boy I forgot about the PBX and phone solutions

Excellent stuff, and I was really trying to identify some of the typical problems that small business face with regards to technology (voice and data) and how they almost predictably make the wrong choices. Along with the consulting and ROI topics, many small businesses can profit by outsourcing their IT and other technology management functions, but somehow come to the conclusion that hiring a cheap paper certified tech is somehow going to be more efficient and cost effective.

Small businesses have to really evaluate what their communications technologies are costing them and the best way to do that is to hire an experienced consultant. Without that basic understanding of how technology compliments their business strategy they are wasting their time and money.

Outsourced? Not always better

In reply to In house vs Outsourced

When I started working where I am now, 2 people replaced a staff of 5. The staff of 5 still required nearly all work on the network and hardware to be outsourced. So, on top of a yearly salary bill of roughly $150,000, there was a consulting bill of $90,000+ for network and hardware.

Why there was an IT staff of 5 in the first place is beyond me – although I did clear out 5 file cabinets full of unnecessary paperwork. Heck, they were even keeping track of Y2K information on the toaster in the break room!

The 2 of us manage a blended network of Windows/Netware/Open source. We handle all hardware repairs except for warranty work. We also have an evolving security policy – which was nonexistant 2 years ago when I arrived. Neither of us feels overworked or hassled in any way. Actually, this is probably the sweetest job I’ve had.

On-site personnel can save a small to medium business money, if you have the right personnel.

With “friends” like you…

In reply to The MS bandwagon

“…numerous companies call me to resolve the constant security issues and patches for thier MS servers, I quickly pass them to a friend as I won’t even drive to a site that’s dependant on MS.”

…who need enemies! 😉

Question…

In reply to With “friends” like you…

do you only support UNIX and Linux? How can you afford to pass off any work that involves MS?

Question…

In reply to With “friends” like you…

do you only support UNIX and Linux? How can you afford to pass off any work that involves MS? Microsoft is a cash cow! the more it breaks, the more I get paid, how does your contract work?

Bagging MS Bandwagon

In reply to The MS bandwagon

While I see some merit in some of Oz Media’s comments I can also say from having worked in this business for more than 20 years that there is a lot wrong with their approach.

As for it being: “cheaper to hire an entry level net admin and let him/her set it all up than s[p]eaking to consultants”.

Let me say that you are better to spend some money up-front, look seriously at what you want from your computer network, now, in 2 years and in five years than pay for an entry level net admin to come in and bulldoze whatever they think is best through.

While not as cheap in the short-term, a consultant is a lot less costly in the longer term. No newbie net-admin is going to have seen the number of mistakes that I have – both those I have made when I first started out, and those I have had to fix from other’s poor judgement.

If a company cannot afford to plan, they surely cannot afford to be constantly upgrading their network and telelcommunication services becuase of bad decisions.

As for the following: “telephone systems, computer hardware and peripherals, ulimately costing the company a lot of money and resulting in garbage that needs to be upgraded, replaced and patched on a regular basis”.

No system can be allowed to run from the day it is installed until the day it is replaced without care and maintenance. Regular system checks taking only a couple of hours per month are the best solution for companies with a tight IT budget.

It is irresponsible of anyone to tell a customer that any operating system can be left alone. And while I am sure this is not something that Oz Media meant to imply in this post it is certainly what it sounds like.

Once a company makes the leap into an integrated IT infrastructure they will always have to set aside a vertain budget line item for hardware, software, consultant costs. It is a cost of doing business. Less invective and more common sense might lead to better service for all clients in this dicussion.

Andrew
Kyle, Texas

Evolving IT

In reply to Bagging MS Bandwagon

I could not agree more with your last paragraph: “Once a company makes the leap into an integrated IT infrastructure they will always have to set aside a certain budget line item for hardware, software, consultant costs. It is a cost of doing business.” I always tell a client that IT is like Accounting, you don’t solve accounting it’s a process. So is technology, its constantly evolving and they need to plan for this. There should be a monthly line item in the budget for technology, if only to allocate monies for future upgrades/problems/expansion.

Choice vs. Need

In reply to The MS bandwagon

Oz makes a good point about not narrowly focusing the solution, but we also have to consider the capabilities of the consultant who is required to support the customer. It makes no sense for someone who only has experience in MS systems to try implementing some other platform. By stepping too far out from his/her skill set, the consultant will provide lower quality service and customer satisfaction. We should have the maturity to recognize our limits, and inform the customer up front about their options. If they require a BrandX solution, it makes our decision easier, but often the customer doesn’t know what they want (or else they wouldn’t hire a consultant).

4,000/mo

In reply to The MS bandwagon

Holy s&!t. That would be US or Canadian? Where do I sign up for this job. I do everything that is computer related/connected and I barely make 1500/mo Canadian. I’ve been in the biz for 2 years now after a 1 year intensive course. I love the work I do, except the part about stepping on eggshells to explain to the end user it was their fault. Why can’t people accept their faults?

I’ve tried to implement other OS’s where I work. I have to test them twice as long for my boss to approve these “unknown”. Everytime we purchase new pc’s, I always slip in a linux OS for price comparison but they go for the more costly MS. MS is bigger so it must be better. Yeah, right!

My personal 2 cents.

4000 a month…

In reply to 4,000/mo

It’s not at all unreasonable for an IT person, even in a small or medium sized business to make $48,000 a year USD, especially in city with a population of more than a couple hundred thousand people.

NOS & Tech choices

In reply to If you are talking Technology mistakes – different than security

True, technology is often built backwards. Companies need to:
1) determine the applications that are needed in their business. Timekeeping, database, POS, Accounting, etc,etc.
2) determine the OS which will support all or most of these. Maybe more than one OS is needed, or maybe some apps can be switched to achieve a common platform.
3) finally, pick the hardware to support the OS and apps. Choices regarding CPU, RAM and storage shouldn’t come in until the final stage. Allow for growth, of course.

Sometimes the secretaries need more powerful machines than the tech staff. Either way, if the needs are determined before the solution is proposed then the right choice will be made.

MS Bashing… partially empty

In reply to If you are talking Technology mistakes – different than security

>> The biggest technology mistake… is selecting
>> a pure Microsoft environment
huh. You need to create an environment that is manageable and sustainable. MS generally holds strong market shares for many of its products. It is also very empowering for companies developing products for MS OS. Despite the antiMS sentiment that is around, they are strong company for a reason. Adopting MS products is not the worst choice available.

>> I am not saying all open platforms – so all
>> you MS Biggots back up. OK they run on the XP >> just as functional as MS Office.
FTR I’m not against MS alternatives.

>> Other mistakes – is they purchase high speed
>> machines for secretaries – and junk for the
>> technical staff. Management always wants the
>> latest bells and whistles – Blackberrys…
And secretaries also tend to be very productive important employees. Junk for technical staff is a separate issue.

Eric

And it’s easy to hire a new MSCE

In reply to MS Bashing… partially empty

Aside from the fact that a lot of small business run software that requires Microsoft networks, another truly valid reason to go with Microsoft is the abundance of MSCEs in the job market.

Imagine that you are a small company who loses your NetAdmin only to discover that you can’t find or afford someone with the eclectic assortment of skills your hybrid network requires.

To me, that’s a huge business mistake for a small company with limited resources. They may find that they are paying out thousands of dollars a year to high priced consultants to keep their alternative network opearable in the event of staff turnover.

I couln’t agree more

In reply to Top 10 biggest technology mistakes small businesses make!

Having worked for small companies exclusively I concur with everything that has been said. Additionally I would like to add the following.

Small companies are generally run by entrepeneurial people that consider themselves “in the know” on the latest technology. They don’t necessarily cringe on spending money on technology, but rarely listen to advice on how that technology might or might not fit their needs.

This leads to an endless cycle of buying something new to solve a particular need and then realizing once it’s in place that it doesn’t work with other key elements.

I think the #1 technology mistake small businesses make is not developing a master technology plan. It takes time and effort and money to do so and most small firms don’t believe they need to dedicate those resources to “just planning”. Big mistake.

Another Thing

In reply to I couln’t agree more

The reason they don’t develop a technology plan is that most small businesses just don’t appreciate and understand how important their “information systems” are and how it effects their future. They are usually very successful at what they do, but they are “far behind” where they could be, only if they had a better understanding of their “information systems”, and how to utilize today’s technology to move them ahead of their competition.

I just experienced a situation where a business owner turned his “information systems” over to a 19 year old future son-in-law! Good luck I wished him!

<> <>

In reply to Another Thing

It has been my focus since the beginning of my IT career, to focus on the small business technology needs.

This thread is EXACT in everything said so far. I have had clients that already called the other IT firms in th area, only to find that it’s going to cost them $6,000 to $12,000 just for a technology review, adaptive plan, timeline, job scope, and price quote for machines, delivery, and installation.

This scares the heck out of the small businessman, who has usually built the business from nothing, and basically created money out of thin air. This fear factor, (sorry for the reference to the crappy TV show), is doubled or tripled if they know nothing about “them there new-fangled computer thingies”…

They just have no clue that my monthly maintenance visits that cost them a couple hundred dollars, are keeping them from getting any viruses, crashing, burning out, blowing up, etc…

It tough to explain this part of the business to someone that doesn’t understand, because in the customer’s view… we might as well be selling insurance. It’s an intangible.

“Yeah but Mr. Customer, you should’ve seen what DIDN’T happen!”

I concur

In reply to I couln’t agree more

3 mistakes that I have seen in working in small business for the last ten years:

1. Not understanding why technology upgrades are necessary. The quote I received was something like this,”Why replace a server installed in 1997 if it is still running well?” If your business changes, then your approach to solutions needs to reflect the changes that have been and will be necessary for the business to succeed.

2. Not willing to accept the changes to your business’ culture imposed by new hardware/software realities. Installing new equipment requires changes to your training, management and service guidelines especially if they are out of date. Small businesses cannot afford custom solutions tailored specifically to their own business and must be willing to adapt their culture to work with cheaper, more generic solutions.

3. “Even a paranoid is right once in a while.” When changing over to new technology, small businesses generally make the assumption that they are “off the beaten path” and invisible to the rest of the world. Not so. Too many small businesses compromise their security concerns because it is “too cumbersome” and only too late realize that they have been hacked, cracked or otherwise compromised.

I agree and….

In reply to Top 10 biggest technology mistakes small businesses make!

What everyone said about strictly MS environments but another BIG mistake is implementing ANY technology WITHOUT properly researching security implementations. The trap of thinking “we are a small company, who would hack us?” or just abiding by what the low-cost internet access provider says – No firewalls or not considering the implications of connecting the PBX to your LAN are just some of the problems I’ve seen…

It all comes back to hiring good people, doesn’t it?

In reply to Top 10 biggest technology mistakes small businesses make!

Small businesses should definitely avoid hiring the cheapest techie they can find when it comes time to bring on a full-time IT staff member. In fact, if the person is going to be a one-man (or woman) IT shop, then the individual should have some varied experience and should not be titled network administrator, but should be more properly titled IT Manager, because the person will likely have to handle IT budgeting, IT policies, deployment decisions, etc.

Therefore, small businesses need to hire a more experienced IT pro, even if it costs an extra $5K – $10K per year, because in the long run it will save them money on bad software purchases, downtime, and a more efficience IT infrastructure.

In my experience, I’ve seen small businesses that hire cheap when it comes to IT talent and I’ve seen those that take their time and hire the right person (even it it involves forking over a little more money than originally planned). The ones who find the right person are infinitely more happy and usually save a lot of money and headaches — and they don’t have as much turnover in the IT staff position.

It all comes down to hiring an IT Manager rather than a Network Administrator to be the one-man IT department.

Do you agree or disagree?

Here’s some additional help

In reply to It all comes back to hiring good people, doesn’t it?

The following TechRepublic resources can help IT Manager and Network Administrators get a better handle on small business IT management:

Small Office IT Policies
https://techrepublic-secure.com.com/5106-6242-26-22385.html?part=tr&subj=22385

Small Office Tool Kit
https://techrepublic-secure.com.com/5106-6242-26-21007.html?part=tr&subj=21007

Small Office Networking
https://techrepublic-secure.com.com/5106-6242-26-15840.html?part=tr&subj=15840

Agreed

In reply to It all comes back to hiring good people, doesn’t it?

Your only as good as the tools you have to work with – simple as that!

Can ever be cheaper than us?

In reply to It all comes back to hiring good people, doesn’t it?

Do you know how much IT people cost in Hong Kong? only 6K to 15K HKD for an university graduate!

==================
http://pccm.blogspot.com
A typical Hong Konger sees a dim future ahead. That’s why I am working
harder to gain an edge under this adverse circumstance.

Too short on the money

In reply to Top 10 biggest technology mistakes small businesses make!

Today most small to medium businesses rely to a much larger extent than they imagine on IT.
It’s a pity that IT is poorly involved when securing the ongoing of business is asked. Just imagine what happens if due to a powerblast your computers are broken …..
– How long will it take to have business running? – Will U be able to restore a running environment?
– Did U take into account the technology evolution?
– Did U take into account the OS and Application Software upgrades?
– When did U last check Ur backup concept by applying a restore?
– are U sufficiently safe from virus attacks? Mind U an antivirus software has to be kept updated and is insuffiscient without a firewall.

I think when it comes to IT U should first think of what may happen in the event of a disaster and think of actions to prevent it. Think of the threat first, weigh it, quantify it’s impact on business, and then U will have arguments for the dime splitters.

Agree -Too short on the money

In reply to Too short on the money

Think this is a big problem today.

To many businesses think that IT is cheap. They can go down to the local shop and buy a ‘good’ PC for home at a very good price, so surley the office network cant be THAT expensive can it?

What they forget is that the IT now runs the business, with out it they wouldn’t be in business. Even the corner shop has a PC.

They must realise that IT is actually a profit generator not a straight cost centre.

Mistakes made Regardless of Size

In reply to Top 10 biggest technology mistakes small businesses make!

The biggest mistakes that I see made happens
regardless of the size of a business. I have seen the
same mistakes made whether at peoples homes, small
business, or large businesses.

The first and largest mistake that I’ve seen made is that
management and staff often sees network security and
management something other than top priority
comparing to production. This attitude needs to change
radically. Especially when it comes to security.

Reliance on one layer of security as a catch all is the
second biggest mistake. How often have I heard, “I have
antivirus software on my computer so I’m safe. Besides,
why would anybody want to attack my network. I have
nothing any hacker would want.”

Network security and management is a multilayered
process. The first level is coorporate management. That
stable IT is dependant on several proactive and
retroactive procedures.

1) Strong passwords – Absolutely necessary
2) Reliable Backup – Absolutely Necessary
3) Up-to-date Antivirus configured to paranoid settings –
Absolutely Necessary.
4) Firewall – Absolutely Necessary.
5) Antispyware Software – Absolutely Necessary
6) Immediate Testing and Application of Security
Patches – Absolutely Necessary.
7) Switch off WEB and Mail services not being used on
servers and workstations.

Of course, costs need to be considered for small
businesses, this is critical. So the exploration of lower
cost solutions is required. There are several excellent
open source and free solutions available. Cost has to be
factored into this equation. Upgrade costs, license costs
etc. I still see small and large business running Windows
9x.

With many major players manufacturing and distributing
several OSs declaring end of life cycles; upgrades have
become essential if a company wants security patches
and support, or risk the consquences. MS lockdown in
today’s business environment is another mistake. If a
“house” insists on using MS OSs don’t stick to MS
products, as another commenter suggested. There are
good alternatives; Mozilla or Firefox for WEB Browsing,
Openoffice for a production suite, etc.

And as a side note, Linux is become a lot easier than
most people think. It is a good alternative to MS OSs.
And without selling anything, it is genuinely worth
considering.

The hardest part of all of this is convincing management
and staff that IT security and management takes
precedence over everything – even production deadlines
and production environments. Production means squat if
your infrastructure gets wiped out due to virus or
malicious hack. A business and its customers certainly
won’t be happy if data gets stolen or destoyed. Better
the inconveiniance of security patches then wiped out
infrastructure. And this is the number one mistake that
shops of all sizes make.

Planning From The Beginning

In reply to Top 10 biggest technology mistakes small businesses make!

I Think it is a business problem from the beginning not to count small problems from business inception,but those small problem with big future impact,and may you can spend 1% dollar on such issues from the beginning,but you almost need 5% dollar after you find the problem.
so from a quality point of view,we should think in a prevention way,not a detection.And there is always time to start.

Reply To: Top 10 biggest technology mistakes small businesses make!

In reply to Top 10 biggest technology mistakes small businesses make!

Things I have seen:

1) no plan for critical updates, like OS patching and antivirus software.
2) no backup plan (especially no off-site backup)
3) penny wise, pound foolish thinking. Usually, things like skimping on hardware, then having to bring in technicians to repair things, or using old equiptment not up to modern expectations. For instance, I re-installed a Win98 system with 64 BM of RAM last Friday – silly thing thrashes just starting up.
4) “Do it this way” – making decisions to go with one product of a company because another product does the job nicely, or they heard the name somewhere.
5) bringing in help too late.

Improper login – delegation of rights

In reply to Top 10 biggest technology mistakes small businesses make!

#1 error – too many admin accounts. Working on things other than system maintenance, while logged in as network admin. ‘Spaghetti’ permissions on files or folders – not having groups or assigning ‘everyone’ to every folder or group. It is a real pain to login and out when you change hats – and a disaster waiting to happen when you don’t!

Planning & Execution

In reply to Top 10 biggest technology mistakes small businesses make!

Neither costly consultant nor anti-MS. Most consultants are armed with more ego than skill. As technologists we are losing ground to professional managers. Far greater than ROI, we must understand business process engineering and gain a strategic role in the business rather than scream like holy men in the wilderness about MS woes, proper re-investment in technology and how Tech Salaries are eroding. We are our own worst enemy, sheath the technical sword and learn the business.

The Bottom Line Won’t Prevent the Ceiling from Crashing Down

In reply to Planning & Execution

Think about this way. There is a leak in the plumbing
above your server. Your server contains the data
involving megabucks belonging to clients. Suddenly there
is bulge in the ceiling, but never mind, it costs too much to
look into it and fix it. Besides, the server is working. Then
the ceiling comes crashing down. Whadya do?

Funny you should mention this….

In reply to The Bottom Line Won’t Prevent the Ceiling from Crashing Down

I nearly fell out of my chair when I read your post…Many years ago, while working as an IT Manager of a very big NYC hotel, we had a waste pipe burst above my server room.

The servers were spared, but not because of forward thinking….

The pipe was NOT directly above the servers, so the water (if you could call it that) took a few moments to reach my room.

A quick-thinking front desk manager covered the servers in plastic tarp (where he found it, I’ll never know) before the water got to servers.

When it was all said and done, the hotel still would NOT invest the money to prevent another flood. As you said in your post the servers are still working and IT COST TOO MUCH MONEY!!!

My reply: Fine. But just make sure you pay me at the end of the day.

Could You Imagine

In reply to Funny you should mention this….

Now could you imagine if there was a fan on the ceiling?

Reply To: Top 10 biggest technology mistakes small businesses make!

In reply to Planning & Execution

I have read down to this point and “Toucan’s” is the first post I think really hits the nail on the head.

Take my word for it. Business people don’t give a s… about technology per se. They don’t care about the beauty or the logic of technology or how it should be carefully planned. All they care about is their business. Buying low and selling high is all they focus on. Since they’re making money (sometimes lots) they can’t accept that their computers need to be changed or improved.

Until Such Time

In reply to Reply To: Top 10 biggest technology mistakes small businesses make!

Until such time as their emails get bounced back
because of virus infections, or they can’t receive emails
because they can’t dial out because a virus infection has
damaged their file structure, or a denial of service attack
because they have no firewall, or their business’s credit
card number gets stolen because a trojan installs a key
logger on their system.

Business people also read CNN. And the technology
page always lists the latest news about the latest virus
threats or security patches from MS. The little Microsoft
World on the system tray with the great big pop saying
that there are security updates ready to be installed, just
give me the word and I’ll install them for you icon is a
dead give away that there is a potential problem that will
only take few minutes and a reboot to correct. It
practically costs nothing in regards to time and is only a
minor inconveiniance. So why not get the security
patches installed before a security problem bites you
where the sun doesn’t shine. Because that’s the real bite
out of the bottom line.

Learn To Speak Their Language

In reply to Reply To: Top 10 biggest technology mistakes small businesses make!

<>

The real problem is that techie folk don’t know how, and don’t WANT to know how, to speak in the language of business folk. You talk firewalls and security patches, they speak in ROI, turns, opportunity costs, SWOP, GP, NP, margin, etc.

As I learned in my first sales course back in 1979 at HP, the art of Persuasive Communications is saying things in the way that your customer wants to hear things, NOT in the way that I want to say them.

You have a businessman client? Explain the tech in business terms. Learn to write a business plan, there are great sources on the internet teaching how and why to do so.

If you were going to move to Greece for the rest of your working life, to sell computers there, wouldn’t you learn to read, write and speak Greek? Same here. Learn to read, write and speak Business.

The Truth is often Unpleasant

In reply to Learn To Speak Their Language

Its a problem of disbelief. You approach a business
manager and tell them, “Using Internet Explorer can
potentially have serious negative reprecussions for your
business,” makes you sound paranoid. And the
reasonable question is what is the likelyhood that this
could happen? And you respond well, if you have
uptodate antivirus the likelyhood is about 5%. Ahh, so the
problem isn’t as big as you are stating. We’ll take our
chances, because statistically the likelyhood is very
small.

This fails to take into account that when you look at the
number of business on the internet 5% is a whole heck of
a lot of them. And… one of them could be yours. In the
modern world, IT and the ROI investment only function as
an equation when IT is actually functioning. When it is not,
then the bottom line is severly impacted.

Language has to function both ways. When you talk
about IT as a business proposition, you are still talking
about IT. Some degree of knowledge must be present in
the convesation. One or both parties have to be willing to
educate and to be educated. A business person without
that knowledge is at the mercy of the expert or the victim
of his own ignorance.

So you tell the manager. “Look it only takes maximum, 5
minutes per machine to install Mozilla and reboot the
system.” It will save you a whole lot of headaches in the
future and money.” The reasonable question, is will the
work flow of the people on the computer be impacted?
“Well yes, they will have to let me install and reboot the
computer. During that brief period they won’t be on the
computer.” “Oh comes the reply — nevermind there really
isn’t that big a chance that something bad will happen.
We’ll take our chances.” And then of course, something
bad always does.

This attitude just doesn’t work.

The bathroom gets more attention

In reply to Top 10 biggest technology mistakes small businesses make!

The biggest mistake made is taking IT for granted and
ignoring simple maintenance and documentation.

After recently completing an assignment for a small
company moving into my area, I realized that the decor and
cleaning of their bathroom was getting more attention than
IT.

SInce most of the servers and related network equipment
are out of sight, they are out of mind. The only time they
thought about spending additional money on IT issues was
when a problem came up. And most of their costs were
due to my having to look at their servers and dedeuce the
set up of various functions and how they were supposed to
work. Even minimal documentation would have saved time
(and their money).

When I gave them a proposal for documenting their system
and setting up maintenance schedules they scoffed and
kidded me about “milking” the project. Okay. I get paid by
the hour. Call me when, not if, a problem pops up.

My #1

In reply to Top 10 biggest technology mistakes small businesses make!

OK, here is the number one fault that I have experienced in consulting SHOH owners:

1. Unwillingness to increase their bandwidth to accomodate automatic updates of software and anti-virus signatures. I have had the hardest time convincing customers the importance of protecting their IT investments by assuring that the all of the updates are applied on a timely basis. This can be accomplished by increasing their bandwidth, thus making these updates occur much quicker.

I agree with the bandwidth but…….

In reply to My #1

You can get around the bandwidth issue, depending on your server enviroment, by setting your (they’re) server to grab the updates but not instrall the updates untill down hours. This also help if you are using MS which has been insisting on a reboot of the systems after an update, usually Wednesdays. Then it’s just a matter of the network getting it out to the rest of the work stations.

Sad problem of that increased bandwidth

In reply to My #1

Increasing that bandwidth can be a sad or funny thing depending on how you look at it.

My dad is mostly retired now but uses his computer to manage his investments and get email.
He always had 33.6 kbs dial-up before, which I hated because when I went to his house and wanted to check the internet it was painfully slow.
He didn’t have any virus checker or firewall, but his total time online was short and his exposure small. He didn’t have any noticed security problems.

I told him he should get ADSL one day, but he said there was no need for it… Nine months later though, he told me he had upgraded to ADSL.
I went to check his computer and he was inundated with viruses and backdoor trojans according to the free Symantec online checker.
The problem was that he left his computer on all the time. He also downloaded LimeWire file sharing program without thinking because he wanted to view a streaming video dvd. (There were 6 instances of LimeWire processes running on his computer along with assorted virus processes and over 230 GB of files were sent from his computer according to the Network Status Activity box.)

He’s all set up now with a hardware firewall and Norton Internet Security, and he manually removed a stubborn Backdoor.Harcamy trojan, so he’s safe and clean.

But man, that high-speed, on-line, all-the-time bandwidth is like a loaded gun; that if no training is provided and no caution taken is a very dangerous thing!

Small Business Mistakes on Computer Systems

In reply to Top 10 biggest technology mistakes small businesses make!

After working 15 years in IT, here are some of my observations on why disaster recovery procedures have problems at small companies.

Enclosed are 10 facts that often cause computer and systems disaster recovery for small businesses to slow down or fail.

Please feel free to add to expand to this list because it is open to additions or changes.

1.) Original install software media with licenses for all approved software not stored in one place and immediately available for disaster recovery

2.) Backup of server volumes with rights with passwords, shares, and rights not backed up ppoperly.

3.) Previous server backups not tested regularly with a test restore on a duplicate system to verify that backup hardware/software working properly.

4.) IT support does not have immediate access to “emergency fund” for company payment of last minute required disaster recover hardware/software needs

5.) No established procedures or scripts what to do and who to call if a computer disaster occurs because these procedures were not circulated to employees in the disaster recovery plan.

6.) Backup paper trail and alternative procedures not present if computer systems go offline during disaster. No detailed inventory of vital records and information needed to run the business. This causes worker productivity to go way down as everyone waits for the “system” to come back up.

7.) No fault-redundant backup in case of a hardware failure. No hardware spares or duplicate hardware available to encourage speedy replacement/recovery.

8.) Service Level Agreements not in place to strongly encourage vendor contract compliance when diaster recovery is needed.

9.) No offsite alternate processing procedures in place if disaster recovery is needed.

10.) Disaster recovery procedures were created after a new workplace system is fully implemented. These procedures should be fully integrated while the system was first proposed and designed.

These are just some of the 10 problems that immediately come to mind on small companies that do not adequately prepare for disaster recovery.

Regards, Questor

My 2 Cents

In reply to Top 10 biggest technology mistakes small businesses make!

1. Have a written policy for EVERYTHING, not just security. Tech Republic has some great templates; browse them and make sure you have policies and checkout forms for notebooks, projectors, etc. Have specific allowable software policies and those dealing with peer-to-peer sharing, instant messaging, etc. Remove the “we’ve always done it that way” from your IT environment. If you are going to grant certain people exclusive rights over others, state it in a policy that senior management will have “x” level of access. All situations and personnel change; protect the system and use this to your advantage by dictating the rules.

2. While you’re sorting through written policies, focus your technical energy on a single area for a bit: backup. If you think you have enough capacity, and you think that the regimen is appropriate, then prove it – do a data recovery, timing your staff and verifying all restored data. The single biggest technical mistake I ever see in any size organization is data recovery. It does not EVER work as advertised, and there are ALWAYS problems. The majority of businesses that went under from the 9/11 attack were sunk because they couldn’t recreate their data, and the supposedly good data recovery plans were inadequate. According to Forrester, the average company (small ones included) lose $1,250 PER MINUTE of downtime. Have written acountability policies and data recovery procedures. Remove this Achille’s heel no matter what, and no matter what the cost.

3. As stated so well by an earlier thread, it all comes down to the hiring. Decent, experienced people can help you set up a professional, efficient IT department. Hire for skill sets, not certifications. An applicant with no certifications but who worked a Tier 1 help desk for a year will be more useful day-to-day than the inexperienced MCSE. And always consider that your staff will be YOUR face to the clientele, so search for that most elusive of talents in your techies: decent customer service skills. Rude, arrogant or aloof IT staffers will convey to your user community a tacit acceptance or endorsement of this team-wrecking attitude by the IT management (you).

4. Sit down with the powers that be, and see where your company is expected to be in 5 years. Don’t play technology catch-up whenever you can avoid it. If you can help identify and procure the technology needed to support the business goals of your company, you can avoid a lot of heartache. And technology adopted earlier than the competition can become a competitive advantage. But most of all, don’t get blind-sided when senior users are suddenly demanding Webmail or remote access or whatever new thing – anticipate it and be prepared for it.

5. Show accountability to your users – get a troubled ticketing system ASAP. There are few departments in most comapanies where ideas and projects go to die like they do in the IT department. Most techs are overworked, and things fall through the cracks. You can absolutely minimize or even eliminate this by simply using a user-accessible trouble-ticketing system. Users should be able to create a trouble ticket, and track where it is in the process. YOU will avoid a bazillion phone calls asking when you are coming, and you’ll actually be organized as to what must be done. A ticketing system will also allow you to inventory systems and notice problem trends on certain boxes or with certain users. But again, the biggest thing that a ticketing system gives you is credibility with the users and management.

6. GOOD ANTIVIRUS. Just as backup should never have corners cut, neither should your antivirus solution. A CORPORATE grade solutions should be in place, and you should be providing redundancy on the AV servers. A rogue virus can down a network far faster than you can imagine, and the same fiscal loss numbers as above still apply. You can set it up such that any box that connects to the network gets AV automatically. I learned the perils of rogue boxes on a large network when Nimda tore through – it was an absolute nightmare, and a very expensive one. If management balks at the cost of a corporate AV solution,one hour downtime=$85,000.

7. Put in education benefits for your techies. Nothing is tougher to deal with than a beloved staff member whose skill set just isn’t current any more. Techies tend to be naturally curious people, and if given access to continuing eudcation, they will use it. And in the end, it will benefit the company as well.

8. Do what you can to reduce staff turnover. Look at other companies in your area are doing to retain staff, and emulate or improve. Most people want to work for a company that values them and respects them (look at Starbucks – the success of that company is almost entirely due to how they treat the employees). Develop a benefits package that fosters long-term employment. Turnover is hectic and costs a bunch, so minimizing it is a good thing.

9. Standardize your equipment. As boxes turn old, replace them with a standardized model. All the major OEMs have consumer lines, and they have corporate lines. Many small companies make the mistake of buying the consumer models because they are a bit cheaper – up front. The consumer models change with the wind, and this makes it nearly impossible to standardize. The corporate models, on the other hand, will have a 2-to-3 year roadmap. You can buy backup hard drives, etc. and they will work with the whole line. This will save an immense amount of money and time in the long run, and you can even keep pre-imaged hard drives on the shelf for fast system fixes. Standardizing your equipment also lessens training needs and speeds repair time.

10. Along with the above, lease your equipment. It is cheaper in the short run, and ensures a technology refresh every 2 years. Companies still amortize computer equipment over 5 years – so the bookcookers want you to use those machines for 5 years. This is idiotic, as it hampers the business goals of the company. And the other reason this is stupid: why do you want to own a bunch of old computer equipment? It will cost you money to have it hauled off, not to mention all that lost productivity. LEASE, LEASE, LEASE!

I hope this helps, even a bit 🙂

The main problem that I’ve run across

In reply to Top 10 biggest technology mistakes small businesses make!

Is when starting a business the people involved just do not know what they want or need.

Recently I was asked to attend a place that was just starting up and give a quote normal sought of thing then I heard the words that struck fear into my heart “I know what I need and where to get it!”

Well of course they didn’t know what was required or how to go about obtaining thew solution that they required but in the very beginning I was given thew following outline.

3 Workstations all with their own ADSL connection as Cable is not available in the area they where not concerned about the specs of the workstations and knew nothing about networking. Well I suggested running a simple peer to peer network and 1 ADSL line as it would save them heaps of money and only require the main security on the gateway with lower levels on the individual workstations. That was accepted happily and then a few days latter I was told of a trip to Japan and I asked did they want Lap Tops to go? Well the answer was YES!!! so 2 more LT where added to the quote and a special Laser printer was requested after spending a day phoning around to find a printer to meet their needs I finally found one and then about a week latter was asked to go down and explain the quote to the principal of the business. Again no problem but this time I was allowed into their office and saw a photocopier that did everything they required and it had both serial and USB ports on it so that was a day wasted phoning round and of course they where unaware of the fact that the photocopier could be plugged into a computer and used as a printer of course it’s a color one with a duplexer so it has everything that they required along with a 6000 sheet bin.

Well the quote was accepted and I started building the units all the while still not seeing the place where they where going into partly because it wasn’t as yet there and I had time constraints as well but I did ask to be informed when the building was installed so I could go down and recommend where to place some of the items so they would be available to all requiring them and not intruding into the work area {Of course this never happened} and what was worse was the fact that after I had built the main workstations and gone down to install them I was informed that several more computers where required so what started out as a 3 workstation installation ended up being 15 workstations 10 LT’s & 1 Server. Needless to say the final invoice looked nothing like the original quote and they are still changing things so at least I have a guaranteed lot of work for the time being.

Col

Welcome to………..

In reply to The main problem that I’ve run across

SCOPE CREEP !!!!! It’s always present, never takes a day off. The scope of the job is kinda a constantly evolving gelatinous heap of wants, needs, practicalities, trimmed and beat down by money and budgets.

When I write/build/design software for small business (all their forms), program their databases, build them technology solutions, I always bring one of those TINY digital voice recorders with me. Set it on the table as we begin. If they ask, “What is that for?”, I reply that “I want to be sure of everything you need, so that I don’t make any mistakes for you”…… works everytime.

A month down the road, when you present, the customer knows he cannot say “Oh this is not what I wanted at all”….. cause you have it recorded.

Of course sometimes if I can sense a hostile one, I leave it in my pocket, and still hit the record button….

At the end of the day, THEY don’t know WHAT they need or want. That’s why we are there. Listen, listen, listen to the “flow” of their business, and think how you’d do it for yourself, if it was your problem…. that’s what I do.

Just my 2 cents

The final cost wasn’t so much a problem

In reply to Welcome to………..

As the fact that the “Goal Posts” kept getting moved on an almost daily basis I was beginning to think I had invented my own “Hell” as things that I had specifically got answers upon where no longer what was required.

They however are extremely happy with the more or less FINISHED result {so far as they are still in a temp building and things will start off again when the new building gets started in a couple of months time} but it sure as hell looks nothing like the original job.

But the Tape is a very good idea and is one that I’ll willingly beg/steal/borrow as it is just too good an idea to pass up

Thanks Col

Biggest Mistake Possible

In reply to Top 10 biggest technology mistakes small businesses make!

The single biggest mistake most small businesses make IT-wise is not defining what they want the technology to do for them and then creating a plan based on those needs/wants.

Many business operate purely on “we need e-mail and a word processor and maybe the finance guy needs a spreadsheet” and go out and get a couple dozen $600 machines with $150 monitors and then use them like expensive typewriters.

Working out what the workflow for a business is, working out a simple CRM tool using an easy database, these things often simply don’t get done.

For a really small office, keeping track of customers and orders in an Access database or some comparable tool is amazingly easy. A couple of tables like “Customers”, “Notes”, “Products” and “Orders”, maybe add in an “OrderStatusLog” table, a simple front end mostly driven by drop-down lists, and you have a very simple CRM tool for very little expense.

Get a little larger, move it to a hosted SQL database.

But CRM and workflow tracking like that is often seen as something you either have to pay hundreds of thousands of dollars for (NetSuite, Great Plains) or worse, or people buy licenses for ACT! or GoldMine and don’t get any customization at all.

Even if you have simple basics like that worked out and already in place, the biggest mistake is still lack of a coherent strategy and a realistic estimation of effort and expense for implementation and maintenance, along with a good understanding of where you are now.

If you have that, everything else comes out of the strategy. But first you have to know where you are and where you want to be.

Document, Document, Document!

In reply to Top 10 biggest technology mistakes small businesses make!

Whatever your policies are, write them down. One of the most devastating things that can happen to a small business is having their IT staff member or consultant disappear. Insist on this person documenting their efforts, even if it is a consultant who will charge you extra for the time involved. If your tech falls off the face of the planet, for whatever reason, and you don’t have adequate documentation of what is in place now, then you will just get to repeat the whole exercise later.

And don’t keep the documentation on your one and only server. It won’t do you much good there in the event you have to rebuild the server. Unfailingly, when a small business has a tech that they cannot call any longer, for whatever reason, they seem to wait until the server crashes to call in someone else. At that point, you have a new tech with zero knowledge of your setup trying to get things up and running again. Without proper documentation of simple things (like server name!) you’re in for a long dark road.

OOOh yes….

In reply to Document, Document, Document!

That is a good one. So many of us have made our money recresating someone else’s wheel! Document policy, network diagrams, and for heavens sake have someone label your punchdowns and crossconnect blocks!

Amen, Brother

In reply to Document, Document, Document!

Documentation can be a small businesses friend or worst enemy. In my consulting business, I have seen many small business networks, that were put togther with no documentation. The companies that orginally installed them are gone and no one at the company has a clue. I have made it my mission to preach network documentation to all my clients and stress that good documentation can save them money. Procedural documentation can be just as effective as well.

When I fell like documenting….

In reply to Document, Document, Document!

I had a boss that hat a poster in his office that I liked, because it was reality. It was a polar bear lying on his back in a snow banc rubing his belly and saying “When I feel like documenting, I rub my belly for a while, and the urge pass”

Three Words

In reply to Top 10 biggest technology mistakes small businesses make!

Project Management Institute

Small Business mistakes? or our mistakes?

In reply to Top 10 biggest technology mistakes small businesses make!

If you look at small [and to some extent medium] business and who they are, [in terms of revenue and # of employees]you’ll find that IT isn’t that important to them [with the exception of medium business size]. I believe that the employment statisitcs are that small businesses employ more people than medium and large business [here in the US]. The mom & pop hardware store, the restaurant in town, the coffee shop, the liquior store, the dentists office or the antique store, all don’t need IT in the way that IT is perceived by the majority of people. They need a few computers to do bookkeeping, billing, appointment scheduling, and maybe cash register downloads into their bookkeeping software. They tpically find someone in town who is computer savy to fix their problems and maybe that guy on the chamber of commerce who hosts web sites.

Small Business’s biggest mistake regarding IT? Believing all the marketing spin and hype about increased profits, more business exposure via the web, better productivity using some software program. IT isn’t business. Its a tool for business. I liken the marketing spin and hype about IT and what it can do, to the definition of a fanatic. One who has lost all sight of the original goal. We in IT tend to lose all sight of the original goal when the latest and greatest comes out, just like we do with computer gaming hardware. We have to have the latest and greatest graphics card, processor, memory, HDDs or whatever. We really don’t but we convince ourselves that we really do because my god, someone else will have a better rig. How could that be???

A passage in the book The Art of War pretty much sums it up. To quote “I have met the enemy and he is us”.

Get the Quote Right

In reply to Small Business mistakes? or our mistakes?

That’s not the Art of War, that’s Pogo!

Reply To: Top 10 biggest technology mistakes small businesses make!

In reply to Get the Quote Right

circa 1971 Pogo comic strip

think I errored deliberatly?

Sun Tzu, Pogo

In reply to Reply To: Top 10 biggest technology mistakes small businesses make!

Whatever, they were both geniuses in their own ways. Sun Tzu was a military genius, Pogo was a very smart Possum. As a UF grad, though, I always liked Albert the Alligator in the strip.

Actually as a consultant

In reply to Small Business mistakes? or our mistakes?

I don’t work that way at all. Sure when I put in new workstations or servers they are the latest hardware but not necessarily the most expensive available. I tend to make my units as future proof as possible and at the same time keep them to a reasonable price. The main reason that I replace hardware is not because it is no longer capable of doing the job required but that no longer has the Tax Benefit that it should and has been depreciated down to nothing so it begins costing the company money to keep in place.

Software on the other hand is a totally different story as it is appalling what some packages can do when the owners install the software and then I’m called in to fix the mess but only after they have been on the phone to the software makers and told the wrong thing to do. I have a very vivid memory of a recent accounting package upgrade that had to be installed on every workstation that had access to the database of the package. Naturally no one bothered to tell the people concerned that they had to link the software to the one data source so it ended up having 20 different data storage areas around the business all of which had no impact on each other.

I of course was only called in 3 weeks latter when it was vital to bring all the data together for a Tax statement and they just couldn’t understand why things where not working. Of course all the data had to be reentered after the proper links where setup but just finding out what had gone on was a time consuming job as I was only told that the new package had arrived and been installed.

While to me it was an unnecessary upgrade the software makers have a brilliant idea that you pay a yearly subscription for software help and they very kindly give you the latest updates as they become available. Needless to say the original package did far more than was ever required but try telling someone who thinks they are getting something for free and it is better than what they had not to install it!

Otherwise I’m in complete agreement with your sediments as you are quite correct and I still maintain that most business software could run quite happily on a 486 but it is the gaming side of the industry that is driving hardware development. My son who’s a mad gamer recently bought so idiot game that required a 3 GIG CPU 1.5 GIG of RAM and a 256 Meg 8 X AGP video card along with 80 Gig of hard drive space and while the graphics look great {and so they bloody well should} the game isn’t all that much better than something older.

Col

New Solutions too Risky

In reply to Small Business mistakes? or our mistakes?

While waiting for a real IT job, I signed on with a small firm to do some accounting work. They were using 25 year old technology with many cluges and bandaids (Excel, Access, Magellan, Monarch) as interim steps. This is a $20 million dollar company with 6 retail stores. They have virtually no automated transactions from the stores (which are probably 95% of their transactions).

I have done many software implementations in my career and offered to get some evaluation software and setup a demo of a could be for them. I was getting paid $14 per hour (vs. the $100-150 consultants would charge), and they still didn’t want to try.

They know they need it, they actually trusted that I could do it, and they still didn’t want to.
Why?? Here are their reasons:
1. The current manual system (though manually intensive) allows us to do exactly what we want. If new changes are required, we can add another cluge, not be told it will cost $5000 to $10000 by a consultant.
2. By being manually intensive, it forces our people to look closely at transactions, thus making sure things are correct.

While I didn’t and still don’t agree with their logic, that’s their story and they’re sticking to it. I finally had to leave and go back to searching for a real job.

Chisel and Stone

In reply to New Solutions too Risky

Hey buddy, you can lead a horse to water, but these folks sound like they would drown. Isn’t it great when people insist on doing manually what computers do best, rather than what people do best (i.e. thinking, or lack thereof in your company’s case).

Testing & Staging

In reply to Top 10 biggest technology mistakes small businesses make!

The biggest problem I’ve seen in small to medium organizations is the haphazard application of changes, updates, and new software/hardware. There is little to no testing or staging of the changes and, in many instances, there is no test environment established in which to stage the changes. The day after the change, the problem reporting process is overwhelmed with little problems (if you’re lucky and there are no big problems) which could have been avoided with a little deliberation and planning.

IT stands for “I Testeverythingbeforeirollitout”

In reply to Testing & Staging

I hear ya on the testing … need to do it, especially with new apps. Often the higher ups think we can just slap this stuff on a server and roll … yeah, right. Also, some of our net people have thought that they were sharp enough to push things without testing … I told them that IT stands for “I Testeverythingbeforeirollitout”

Somebody found my biggest misunderstanding

In reply to IT stands for “I Testeverythingbeforeirollitout”

My higher ups and clients cannot understand why it takes a week to install a piece of software that they picked up at Office Depot over the weekend. After explaining the situation, some have finally understood that software companies and Microsoft do not test software for interoperability.

Start Here… USE THIS!

In reply to Top 10 biggest technology mistakes small businesses make!

I’ve been reading the posts, and most are saying that “yes, we have similar issues.” I won’t lie, I too have the same issues, but as long as something, some policies or procedures are “in place” than you have your butt covered. I found that using Common Criteria from the Computer Security Resource Center is a great place to start… and its free. Clients love free stuff, especially when its relating to policies and procedures. Oh, and I should mention that this is from our own Government… your dollars in action, take advantage of it.

So, check out http://csrc.nist.gov/cc/index.html, and then check out Common Criteria v2.1 ( http://csrc.nist.gov/cc/CC-v2.1.html )

Good luck to all!

A lot of sidetracking here

In reply to Top 10 biggest technology mistakes small businesses make!

I am in a small company that has, after 5 years, been able to afford a real network server.

I was interested in what information may be available in this discussion. But, I see about 90% of the comments are slams or personal complaints about specific people/users which I have already read in other discussion threads.

The biggest technological mistakes I kept running into were:

1. Vendors lied through their teeth to sell us their product and then would not provide support for the product they sold us.

2. Vendor sales reps did not know their product lines and capabilities.

3. Consultants wanted more for their quotes than we could afford to spend on the equipment.

4. Some of the services and products were sold without the required peripherals and options to make them functional.

5. Equipment documentation for a users guide only consisted of a sales brochure.

6. Some users had a real high RTC factor when something new was added.

7. Instituting and enforcing policies is almost impossible when everyone in the company knows everyone else. There is a “Good Ol’ Boy” mentality that the computers are there for their convenience.

8. Firewalls are impossible to maintain when users are allowed to install programs like KaZAa Lite.

9. Computer system upgrades have to be accomplished piece-meal. Which means you will always have multiple OS’s on different size machines.

I hope this helps you with the article you are putting together.

Ande

Let Business Be The Driver-Not Technology

In reply to Top 10 biggest technology mistakes small businesses make!

I’ve been a IT consultant for over 15 years and owned my own business for most of that. What I see with some companies is putting technology in place just for technology OR not assessing the business processes/needs properly to find a business driven solution. As a result many companies are spending big dollars on support, training or they let training slide along with their systems. Year 2000, virus problems, etc often times are the drivers instead of starting from a proactive state. Likely this all is not news for those who’ve been around for a while. Budget dollars often aren’t put in the right places atthe right time.

Small/medium to big

In reply to Top 10 biggest technology mistakes small businesses make!

Small/medium to big
I think that one of the biggest technology mistakes is just forget to balance techniques which bring the horizons of a large business; because I think that the technology is always for developing from a small piece of work to a big great chance.

Who Cares

In reply to Top 10 biggest technology mistakes small businesses make!

Who cares if your end-users have local admin rights.You’re going to find that MANY programs and/or services are going to require admin rights locally. Scripting, mandatory profiles, Active Directory and good network security is all you need. Oh, and did I mention a copy of Norton Ghost. Who cares if they blow up their local machine. You can ghost another machine up in under 5 minutes and give to them. Why spend countless hours troubleshooting permissions or registry based problems?

Strategic planning

In reply to Top 10 biggest technology mistakes small businesses make!

My candidate for the prime SMB deficiency is strategic planning . Owners or operators typically have an operations paradigm and have never acquired macro level formal planning skills . This applies to all aspects of the business: marketing, administration, production [all aspects of technology], and finance . This is not to say that they are blind to all strategic issues; merely that strategic planning is non-existent or nominally treated . This means blindsiding and crisis managment are the de facto norms .

I couldn’t agree more

In reply to Strategic planning

That is a perfect description of most business that I deal with. They seen to think all they need is the hardware {Generally any hardware} and they will be able to perform every function they need.

It could be the Hardware advertising or Hollywood I’m not sure which but it is a unrealistic idea which always needs explaining and attempting to understand exactly what they need & want to be able to do rather than what they think they need to do.

Col

Error 1: Trust the IT Profession

In reply to Top 10 biggest technology mistakes small businesses make!

The first, the biggest, and the most common IT error small (or any) business made is trust the IT professionals to know what their problem is, has th
e solution for the problem, the solution will work in their situation, the solution can be implemented easily and quickly, and they don’t have to understand the problem nor the solution.

IT problems, no matter how simple they seem at first glance, are, almost always, very complicated, and affects the core operation of a business. The solutions are even worst. At best they waste money and not do a thing. At worst, it cost you the business. IT professionals, on the other hand, think that technologies can solve most problems. If the problem don’t fit the solution, they will create a problem that fits the solution. (They can’t make money by telling you that IT don’t have a solution for your problem, can they ?)

Therefore, you, the business man, must understand the problem and the solution, no matter how complicated and how much time it take. Ask questions, especially: “Why ?”, “So what ?”, “How much (money, time, staff time, space) ?”, “Does it has to be a technology solution ?”. And finally, say “Show me.”.

The number two mistake is to believe that IT solutions can do magic by themselves, even if it is a HR, financial, organization, training, management, marketing, work process design problem.

The number three mistake is keeping up with the Joneses. “If my competitor has it, it must be good, and I have to have the same.” syndrom, not reallizing that whatever the competitor has is costing him the firm.

The number four mistake is “I don’t have time to buy that machine gun from you because I am too busy fighting my enemies with bows and arrows.” Don’t need to say no more…

IT solutions are like a tractor to farmers using animal power. It can be great, but it’s a pain. It takes a whole new way to do business. It displaces majorities of the workers. It makes certain size of business goes out of business. If you know what you problem is, and how the solutions will affect you, both good and bad, they may help, if you are really careful.

Wow! the perfect user.

In reply to Error 1: Trust the IT Profession

How many times have I asked a company to explain their problems?

I have struggled with many a user to convince them that maybe we don’t need another SQL server, just so they can balance their cheque book.

I am a great believer the every problem can be solved, just not always with an “IT” solution.

If the company/users could be more detailed in the discription of their problem, and not necessarily in IT speak English is fine, I/we would be in a better position to provide the appropriate solution, computer or paper based.

I think the bulk of my problems have come when I have been told the solution to a companyies problem, by the company and told to implement it!

I don’t know why I bother to sell myself as a solution provider?

So True

In reply to Top 10 biggest technology mistakes small businesses make!

I’ve lost count of how many times that’s happened to me, usually done by someone who knows enough to be dangerous. However the reverse is indeed true, as IT people we proceed on the basis that we have understood the problem, even though our understanding may be riddled with ridiculous assumptions based on the meaning of business jargon. We translate this back into IT jargon and our customer says ‘Er Yeah’ on the basis that what they know is obvious, but we must be damn clever. A last point, probably the last person to talk to get an idea of a system is the manager, go talk to the people who do the work first, they generally know more about it. Not knocking managers here, it’s just you can’t manage something without stepping back and looking at the big picture.

lack of vision

In reply to Top 10 biggest technology mistakes small businesses make!

I am the primary IT person for a small 30 person
company. The infrastructure is that of a medium
size company and was well maintained until a
change in management. Following the change, the
second IT person was diverted to other tasks and
subsequently layed off. It was a shock to realize
that the reasoning for this was that “nothing was
broke”. Now many items such as bind, NTP and SMTP
are drastically out of date and at risk of attack.
Other systems such as spam filters can not be
implemented because (in this case) Solaris OpSys
is too old to support. I think that one of the
top issues with small companies is the lack of
vision.

Sloppy Software Licensing

In reply to Top 10 biggest technology mistakes small businesses make!

Small Businesses often take huge risks in failing to properly license software.

For small companies, a single run-in with the BSA will put them out of business.

And, when a portion of the computers have unlicenses software, records of legitimate licenses are often poorly documented which will only compound the problem in the event of an audit.

Mistake #1: Keep Hiring Multi-taskers

In reply to Top 10 biggest technology mistakes small businesses make!

A local health care company has a 75+ person workgroup, spread out over 4 locations in the region.

Our company has proposed to bring him into the 20th century with a domain, security and fix various “wrong server-wrong job” situations.

Instead, the owner keeps hiring people to multitask. First it was a bookkeeper he hired to be company controller and net admin. The guy was a nice enough fellow, but had some 6 year unused Novell experience that had no bearing in a 100% Windows 2000 shop.

Next was the dialysis lab manager who had some VAX experience from college.

Each of these guys was told to call us fro backup, and each called us first, but only to put out the “fire of the day”.

When they went into “credit hold” a couple months ago, they still were a workgroup, still had no HIPAA compliance (compliance officer is also shipping-receiving clerk), and still had their most precious resources running on a server with a single IDE drive and a single power supply.

Backing Up Critical Systems

In reply to Top 10 biggest technology mistakes small businesses make!

The biggest mistake Small Businesses make on their computer systems is not to have a readily restorable back up. Even those that back up their systems haven’t tested their back up media to see if they can really restore the system. It is most heart rending to see them at the post mortem.

Uncommon sense

In reply to Top 10 biggest technology mistakes small businesses make!

The most common mistake I find when called in to help a medium size business LAN is that the computers on that LAN only have an antivirus program installed and running. Those I have been called to are taken down by a worm that passes through email. If they employed a firewall on each networked computer, most of that risk would be gone. Then add a spychecker to clean up the tail.

[Author]

Replies