General discussion


Top 10 biggest technology mistakes small businesses make!

By BMN ·
I was working on a project the other day on security policies and it occurred to me that many small to medium sized companies all typically make the same technology mistakes (like not having proper policies in place) and I thought why not explore this in a forum maybe others are catching mistakes that I am not.

So like the title says lets all contribute our opinions and experience, there may be things that I we are missing when engaging our clients that others are not, and vise versa.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Security policies and proceedures

by BMN In reply to Top 10 biggest technology ...

I will start off with security policies and proceedures. I would say almost 99% of the smaller business clients I works with (under 100 employees)never seem to have any sort of AUP or security policies and proceedures in place.

this includes things like regular updates to virus software, remote access policies, the afore mentioned acceptable use policies and proceedures for reporting security related issues. Many small businesses could benefit from having even these basic items in place, especially if there is a need to represent your companies interests in a legal dispute.

If your boss came to you today and asked for all the emails sent/received to/by a particular client, partner or employee would you be able to produce them?

this is just an example, and I look forward to hearing everyone elses input.


Collapse -

Security policies and proceedures

by WutDuhHell In reply to Security policies and pro ...

We have a tech with very little experienece that was given system admin rights over the network. This guy is a joke. We had a project to upgrade Win98 PC's to Win2k. This was done so we could have more "control" over users that were installing unauthorized software on the company's PC's. This guy goes around turning on the local admin rights on machines and forgets about what he did. Giving people unauthorized access to the internet is another thing he does. He DOES NOT document his tasks which makes things VERY difficult for the rest of us. This guy wants to be liked, so he sucks up to everyone. He has no clue to what he's doing on clients or servers. NONE!

Our supervisor is afraid of confronting him to avoid an argument since this guy is so short-tempered. So, we gone on with a network that is vulnerable. Our clients are being turned into Win98 machines since their local admin rights are turned on. We also have divisions with admin rights since our supervisors has a fear of saying NO!

What does one do?

Collapse -

fire him or

by dvil7 In reply to Security policies and pro ...

Who ever gave him that job needs to be fired too. Who reviewed his expertise, especially when he was given such a high access level. It sounds like references are ignored

Collapse -

Here we go again....

by yanipen In reply to Security policies and pro ...

Maybe, company politics has a play in this. Maybe it is not the case of whom he knows, but, who knows him.

Be careful if it involves company politics.

Instead, why not train him. Let him attend some trainings or seminars. That, if my suspisions are correct. it will be coming bonus points to you if you can become his mentor. Even for the sake of politics, then nobody will be blaming you for that. Boy, I guess, we are a little off topic.

Bret (BMN).
You did not mentioned if you are alone, or with a team. Why? When it comes to this, two is better, and defintely, far more better if there is a lot more people doing this sort of thing. Let me explain. Even though you have thinked it over a lot, these policies, procedures and the like, there will be always be a "thing" that you did not thinked of.

My suggestion? Sit down with a group of people related to IT, or perhaps, your job, say, in you IT dept, if it has one, and also include the management in some point. Or, your friends might help. Then you guys think it over. General Idea? Of course it is. There a lot of technological and social issues to be addressed. One single person might think it all over, but it will definitely take time.

Some pointers about:
1. Technical side. discover more about what is new and max. the use of what you already have.
2. Social issue. The management. Definitely, they will be asking for more access rights. And beyond.
3. Security. It covers both 1 and 2.
4. Psycological and mental issue. This will be related to stress in the working environment thus affecting productivity.

I did not elaborate on much of the details. But that suggestions I gave is the ones WE did in where I am.

I hope this helps.

Collapse -

Fire his supervisor!

by bcgreaves In reply to Security policies and pro ...

C'mon now, whoever hired him should in fact be fired. The company simply should have implemented and agreed upon, documented procedure as to steps of upgrading desktop machines. Everyone on the committee who is in charge of the directions will then also know who knows what and the lack thereof. In his case, IF in fact he sucks as you say he does, then his input would have been very little, and would not have been permitted to make those types of stupid changes....Of course I could go on and on about this topic but don't have the time. Good Luck

Collapse -

Needs re-evaluation

by Wanthelp In reply to Security policies and pro ...

That sounds like management not taking control. The supervisor should know if this guys knows what he is doing. If not you need to get someone in there that does. There are a lot of IT people out there looking for jobs that are know what thay are doing. But if that company is cheep and doesnt want to pay decently for the better service. Then I guess you get what you pay for.

Collapse -

Use a third party, don't make it personal

by cheufte In reply to Security policies and pro ...

Everybody knows what should be done, get rid of him.
Though easy to say but not to do, maybe first because you don't have much legitimate say about this.
Well gain that legitimacy.
Manage to convince whoever has the power to do so to hire a security consultant. Someone totally outside of the company politics and that is not scared to call a cat a cat. As a consultant we do know that part of our role is take the blame in order to preserve a social peace whilste solving delicate and potentially emotional issues.

You may want to trigger the need; you know that a machine is vulnerable, well expose it to the open.
Target someone important enough, but make sure you don't kill you company's business and endanger your position. Don't make it personal.

I hope this will help.



Collapse -

face the fact

by kenitto In reply to Security policies and pro ...

its obvious the fellow dont know the implication of his actions on the network, his expertise is in real doubt so as consultants, there is a need to let the fellow know his shortcomings and the long term effect that it would have on company's resources and the image of the consulting firm. so lets face the fact, he has to understand the responsibilities of a network admin thats if he is qualified enough if not let him be fired. that it.

Collapse -

Don't forget DR

Small Business, especially the one-person office types, seem to always forget about disaster recovery. Oh, they MEAN to back up the computer someday, but it always takes too long and they can never find the disk or don't know how to restore anyway. . .

And it's not just backups, it's also an alternate internet &/or phone access, etc. In my world, anything that could take you out of business for even a day should be at least looked at. (JMO)

Collapse -

Who Cares

by abcamega In reply to Security policies and pro ...

Who cares if your end-users have local admin rights.You're going to find that MANY programs and/or services are going to require admin rights locally. Scripting, mandatory profiles, Active Directory and good network security is all you need. Oh, and did I mention a copy of Norton Ghost. Who cares if they **** up their local machine. You can ghost another machine up in under 5 minutes and give to them. Why spend countless hours troubleshooting permissions or registry based problems?

Related Discussions

Related Forums