Category: Uncategorized

Understanding the threat landscape is a crucial part of a CEOs job as you attempt to protect your organization now and in the future. The cybersecurity and compliance landscape is changing rapidly, and it can be difficult to keep up with the various challenges your business is facing — from ransomware to phishing schemes, not to mention global and domestic privacy act compliance. While compliance and cybersecurity may not feel like exactly the same topic, understanding how all the moving pieces work together can help you synthesize strategies that will protect your business. See how these fast-moving fields continue to morph and how you can manage the risk inherent in today’s digital businesses.

The Digital Landscape is Rapidly Changing

Just a few years ago, CEOs were vision-casting how all these great new technologies would work together: customer data driving targeted marketing, operations becoming more efficient due to the use of connected devices and augmented reality forming the basis for your selling strategies for physical goods. As these advanced technologies become more mature, CEOs are finding that each interconnected system provides yet another point for failure. Each mobile phone that is tied into your network infrastructure could be the cause of a data breach. Cybercriminals are becoming more crafty with their messaging to your teams by mimicking vendor email addresses in requests for funds. Augmented reality and next-level marketing techniques are causing consumers to become more concerned than ever before with how much data is being tracked by companies — and how that information is being used.

Intense Focus on Privacy Requires Unified Compliance Strategy

CEOs are no longer able to assume that individual business units understand the full implications of privacy policies and are acting upon them. Instead, a unified compliance strategy is a crucial step that businesses must take in order to stay within the aggressive privacy policies that are being put into place in Europe and now in the US. California is the first state to create consumer data privacy laws that are very similar to those already enacted in May 2018 by the European Union’s GDPR (General Data Protection Regulation). The California Consumer Privacy Act (CCPA) takes compliance a step further and mandates strict consequences for organizations that refuse to comply or cannot show that they are moving towards compliance. The complexity of these laws is such that attempting to manage data at a business unit level is no longer feasible, requiring what may be expensive consolidation of disparate databases, IT infrastructure and reporting.

Determining Acceptable Risk

When it comes to cybersecurity and compliance, it’s important to determine the acceptable risk for your organization. There are no guarantees that your systems cannot be infiltrated even if you invest in the most sophisticated system in the world. The unfortunate fact is that a significant percentage of data breaches are caused by users by poor password habits, inadvertent interactions with malware or even improper access levels to sensitive data. Mitigating each of these risks is not a reasonable ask to your IT department, making it vital that you work with your executive team to identify the most likely risks and how they can be discovered so remediation can begin quickly. Cybersecurity is a key consideration simply because it’s rarely a matter of “if” your organization will be affected — but “when” and to what extent the incident will occur. If you are able to achieve true resiliency for your organization, the combination of disaster recovery and business continuity plans that combine monitoring, detection and response services may help you reduce the overall costs of an attack or breach.

Elevating the Conversation

When CEOs step into the battlefield of cybersecurity, it raises the importance of the conversation and helps ensure that there is a continued focus on protecting the organization from these digital perils. Everything from convincing business units to work together to gather and store data to approving additional spending on security and monitoring software becomes easier, as the CEO is able to lend their global view to the conversation. Cyberattacks can cause losses in unexpected places, such as the loss of consumer confidence or vendor relationships. Quantifying these risks can be a challenge, but organizations are now estimating that a single attack may cost their business as much as $1.67 million. Cybersecurity aside, non-compliance with state and federal data privacy regulations can also be a pricey proposition, with new legislation in place in California that has severe civil penalties and even includes the potential for statutory damages.

Cybersecurity Isn’t a One-Time Resolution to a Problem

As technical and troubling a problem such as cybersecurity is, there is no one-time resolution to this thorny problem. While hackers are the cause of a significant portion of the cyberattacks, it’s every bit as likely — if not a bit more so — that your cyber risk is accidentally caused by employees or contractors who simply made a bad decision. That means ongoing education and continual system monitoring will need to become part of the landscape of your organization if you hope to reduce your overall cybersecurity risk. Active monitoring solutions can help identify any immediate threats, but continued diligence on the part of the executive team will help ensure that cybersecurity and compliance remain top-of-mind for the organization.

All organizations are vulnerable to risk in different ways, but it’s crucial that the organization’s top executive is part of the conversation and solution to the problem. Without this top-down focus on digital risk, businesses are much less likely to put the infrastructure, processes and procedures in place that will protect their data and business operations.

Having the right cybersecurity technology is just a part of doing business in today’s world.

In fact, security solutions like firewalls and antivirus software accounted for $23 billion in annual revenue – it’s likely that you contributed to that in some small way.

But are they really worth your money?

There’s no disputing the need for an effective firewall or antivirus solution, regardless of the size or specialty of the business in question.

But, given that they are such a standard in the business setting today, have you ever stopped to figure out what you’re paying for?

What is a Firewall?

Your firewall is your first line of defense for keeping your information safe. A firewall is a particular type of solution that maintains the security of your network. It blocks unauthorized users from gaining access to your data. Firewalls are deployed via hardware, software, or a combination of the two.

A firewall inspects and filters incoming and outgoing data in the following ways:

• • With Packet Filtering that filters incoming and outgoing data and accepts or rejects it depending on your predefined rules.
  • Via an Application Gateway that applies security to applications like Telnet (a software program that can access remote computers and terminals over the Internet, or a TCP/IP computer network) and File Transfer Protocol Servers.
  • By using a Circuit-Level Gateway when a connection such as a Transmission Control Protocol is made, and small pieces called packets are transported.

• With Proxy Servers: Proxy servers mask your true network address and capture every message that enters or leaves your network.
• Using Stateful Inspection or Dynamic Packet Filtering to compare a packet’s critical data parts. These are compared to a trusted information database to decide if the information is authorized.

What about Antivirus?

Antivirus software is used in conjunction with a firewall to provide defense against malware, adware, and spyware. Each of these cybercriminal tactics has the potential to do immense damage to internal processes and a company’s reputation. The job of antivirus software is to spot, block, and isolate intrusive, malicious applications so they can’t do damage to your data and legitimate software.

Antivirus is installed to protect at the user level, known as endpoint protection, and is designed to detect and block a virus or malware from taking root on a user’s computer, or worse, accessing a network to which the user is connected.

If a user encounters a threat, the antivirus software detects the threat and blocks it using a string of text – an algorithm – that recognizes it as a known virus. The virus file tries to take one action or sequence of actions, known to the antivirus software, and the algorithm recognizes this behavior and prompts the user to take action against suspicious behavior.

Is this type of cybersecurity software effective?

Short answer?

To an extent.

Sorry for the underwhelming answer, but it’s a bit of a difficult question to answer.

A next-generation firewall and up to date antivirus solution are great at doing specifically what they’re designed for.

The problem is that they are not the end-all, be-all of cybersecurity in the modern world.

You could have the best firewall and antivirus software on hand, and still be vulnerable in any number of other ways…

The top 8 ways that cybercriminals get around firewalls and antivirus

Cybercriminals target your employees.

As important as cybersecurity technology is, on its own, it simply isn’t enough. The key to truly comprehensive cybersecurity is simple, yet often overlooked: the user.

Cybersecurity gimmicks — such as “set it and forget it” firewalls and antivirus software — fail to account for how important the user is.

Even the most effective digital security measures can be negated by simple human error, which is why conventional solutions are simply not enough to make sure you’re safe.

Much of cybersecurity is dependent on the user, and as such it’s vital that you properly educate your employees in safe conduct.

The more your workforce knows about the security measures you have in place and how they can contribute to cybersecurity, the more confidently they can use the technology is a secure manner.

Well trained employees become a part of cybersecurity, and are capable of:

• Identifying and addressing suspicious emails, phishing attempts, social engineering tactics, and more.
• Using technology without exposing data and other assets to external threats by accident.
• Responding effectively when you suspect that an attack is occurring or has occurred.

Cybercriminals target your offsite devices, outside of business hours.

This is a critical limitation of your cybersecurity software, and it’s obvious when you think about it – if your firewall is only installed on your work devices, but you let employees use personal devices and home workstations to access business data, then obviously you won’t be totally secure.

In addition to having a detailed Acceptable Use policy in place at the office to stop your staff from using work devices to use unauthorized software and visit dangerous websites, you also need a mobile device policy in place to protect your data that may be on personal devices.

The right monitoring software for mobile devices will protect you from a number of dangerous scenarios, including:

• Jailbreaking and rooting company devices
• Unauthorized access to company data
• Lost or stolen devices that need to be remotely wiped

Cybercriminals figure out your passwords – because your passwords are weak.

Users, both at home and at work, tend to be horrible at selecting and maintaining strong passwords.

Did you know, for instance, that 81% of data breaches in 2017 came down to stolen and/or weak passwords?

Are you confident in your password strength?

Find out for sure by reviewing these common password mistakes:

• Length and Complexity: Keep in mind that the easier it is for you to remember a password, the easier it’ll be for a hacker to figure it out. That’s why short and simple passwords are so common – users worry about forgetting them, so they make them too easy to remember, which presents an easy target for hackers.
• Numbers, Case, and Symbols: Another factor in the password’s complexity is whether or not it incorporates numbers, cases, and symbols. While it may be easier to remember a password that’s all lower-case letters, it’s important to mix in numbers, capitals, and symbols in order to increase the complexity.
• Personal Information: Many users assume that information specific to them will be more secure – the thinking, for example, is that your birthday is one of a 365 possible options in a calendar year, not to mention your birth year itself.The same methodology applies to your pet’s name, your mother’s maiden name, etc. However, given the ubiquity of social media, it’s not difficult for hackers to research a target through Facebook, LinkedIn, and other sites to determine when they were born, information about their family, personal interests, etc.
• Pattern and Sequences: Like the other common mistakes, many people use patterns as passwords in order to better remember them, but again, that makes the password really easy to guess. “abc123”, or the first row of letters on the keyboard, “qwerty”, etc., are extremely easy for hackers to guess. Despite the fact that passwords are the most direct way to access a user’s private information, most passwords in use today are simply not strong or complex enough. Passwords protect email accounts, banking information, private documents, administrator rights and more – and yet, user after user and business after business continues to make critical errors when it comes to choosing and protecting their passwords.

Keep these tips in mind when setting your passwords:

• • Password Strength: It’s common that passwords are required to include uppercase letters, lowercase letters, numbers, and special characters. Consider using a passphrase—which is when you combine multiple words into one long string of characters—instead of a password. The extra length of a passphrase makes it harder to crack. For a more secure passphrase, you’re encouraged to combine multiple unrelated words to create the phrase, for example, “m4ryh4d4l1ttl3l4mb.”
  • Password Managers: These programs store all of your passwords in one place, which is sometimes called a vault. Some programs can even make strong passwords for you and keep track of them all in one location, so then the only password or passphrase you have to remember is the one for your vault.The downside of using a password keeper program is if an attacker cracks your vault password, then he or she knows all of your passwords for all of your accounts.
  • Multi-Factor Authentication: Multi-Factor Authentication is a great way to add an extra layer of protection to the existing system and account logins. 45% of polled businesses began using MFA in 2018, compared to 25% the year prior.By requiring a second piece of information like a randomly-generated numerical code sent by text message, you’re better able to make sure that the person using your employee’s login credentials is actually who they say they are. Biometrics like fingerprints, voice, or even iris scans are also options, as are physical objects like keycards.

Cybercriminals penetrate your unpatched, out of date networks.

Did you know that one of the most common ways that cybercriminals get into a network is through loopholes in popular software, applications, and programs?

Despite how advanced modern software is, it is still designed by humans, and the fact is that humans make mistakes. Due to this, much of the software you rely on to get work done every day could have flaws — or “exploits” — that leave you vulnerable to security breaches.

Many of the most common malware and viruses used by cybercriminals today are based on exploiting those programming flaws; to address this, developers regularly release software patches and updates to fix those flaws and protect the users.

This is why it’s imperative that you keep your applications and systems up to date.

Unfortunately, most users find updates to be tedious and time-consuming and often opt to just click “Remind Me Later” instead of sitting through an often-inconvenient update process.

Comprehensive and regular patch management is a crucial part of proper IT security. Some of the worst data breaches are based on “zero-day exploits”, which are based on exploits found by hackers but not by the developers, leading to severe security risks and an immediate need for patching.

Cybercriminals target data that hasn’t been backed up.

Do you have a data backup policy in place?

If not, then you’re vulnerable, right now, to ransomware.

Ransomware has quickly become one of the biggest cyber threats to businesses today – remember the Wanna Cry epidemic that infected hundreds of thousands of IT systems in more 150 countries?

That was ransomware, and it could happen to you too. Unless that is, you get a data backup solution put in place.

If you have you have a data backup solution, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that.

That’s why you should make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary.

Be sure to:

• Back up data on a regular basis (at least daily).
• Inspect your backups to verify that they maintain their integrity.
• Secure you backups and keep them independent from the networks and computers they are backing up.

Cybercriminals trick your staff into installing dangerous software.

One of the most popular cybercrime tactics is to trick users into downloading malware, under the assumption it’s a type of software they need.

This could be hidden in a large downloaded file that users may think is a work program, a video game, or even a mobile app.

This is further reason why you need an Acceptable Use policy and content filter in place on work devices. These types of measures will protect you against your unsuspecting employees.

Cybercriminals trick your staff with phishing emails.

A popular cybercrime tactic among hackers today is “phishing” – a method in which they send fraudulent emails that appear to be from reputable sources in order to get recipients to reveal sensitive information and execute significant financial transfers.

It’s more effective than you might assume. That’s why the rate of phishing attacks increased by 65% in recent years – businesses keep making it easy for cybercriminals to get away with.

Share these key tips with your employees to make sure they know how to spot a phishing attempt:

• Incorrect Domain: Before even taking a look at the body of the message, check out the domain in the sender’s address. Maybe they claim to be from your bank, or a big name company – but talk is cheap.It’s much more difficult to spoof an actual domain name, and so it’s more common to see domains that are closer, but not 100% correct. If it seems fishy, it probably is.
• Suspicious Links: Always be sure to hover your mouse over a link in an email before clicking it. That allows you to see where it actually leads. While it may look harmless, the actual URL may show otherwise, so always look, and rarely click.
• Spelling and Grammar: Modern cybersecurity awareness comes down to paying attention to the details. When reading a suspicious email, keep an eye out for any typos or glaring errors. Whereas legitimate messages from your bank or vendors would be properly edited, phishing emails are notorious for basic spelling and grammatical mistakes.
• Specificity: Another point to consider is how vague the email is. Whereas legitimate senders will likely have your information already (such as your first name) and will use it in the salutation, scammers will often employ vaguer terminology, such as “Valued Customer” – this allows them to use the same email for multiple targets in a mass attack.
• Urgent and Threatening: If the subject line makes it sound like an emergency — “Your account has been suspended”, or “You’re being hacked” — that’s another red flag. It’s in the scammer’s interest to make you panic and move quickly, which might lead to you overlooking other indicators that it’s a phishing email.
• Attachments: Phishers will often try to get you to open an attachment, so, if you see an attachment in combination with any of the above indicators, it’s only more proof that the email is likely part of a phishing attempt.

Cybercriminals cut out the middle man and pretend to be you.

With the amount of personal data that people put online today, it’s not as difficult for cybercriminals to impersonate you as you might think.

By mining your social media, your LinkedIn and your company website, it can be pretty easy for a hacker to figure out your email address and reset your password.

Or maybe instead they spoof your email address and use it to contact a subordinate or a business contact to gain further information and access to use against you.

Put simply?

You need to protect yourself as a matter of privacy, and with the right processes:

• • Never give out private information: A basic cybersecurity rule is knowing not to share sensitive info online. The trusted institutions with which you do business will not ask you for your private information.They already have your account numbers, social security number, and your passwords. They won’t have any good reason to ask for it again, right? If an email from a superior or external contact asks for that info, it is likely a scam, so be sure to confirm the request by phone or in person.
    
  • Set standard protocols for requests: Have steps put in place for management to follow when asking for information or access from employees. If your employees have a clear idea of how these interactions should look, they’re less likely to be fooled by a hacker posing as their supervisor.

Are your firewall and antivirus worth the money?

Yes.

Security software is a vital part of your cybersecurity – but the key word in that statement is part.

You should definitely invest in the usual cybersecurity solutions, but they are not enough on their own. Cybercriminals have so many tactics and methods for penetrating an organization like yours that you can’t settle for defending yourself on one front alone.

That’s why you need a comprehensive defense, that combines cybersecurity solutions, employee training, best practices, and detailed policies.

Anything less and you will have left a gap in your armor, making only a matter of time before cybercriminals find their way in.

Remember when your parents told you that “an ounce of prevention is worth a pound of cure?” Well… they were right – at least when it comes to IT service. If you ask most IT professionals, they’ll tell you the same. Managed IT Services are more cost-effective than using a time-and-materials approach with Break/Fix IT Services. With Break/Fix you’ll ultimately be paying for a “pound of cure” for the problems that you could have prevented with Managed IT Services. In this respect, Managed Services cost much less.

What Do IT Managed Services Cost?

6 Popular Managed Service Pricing Models

When you call IT service companies trying to find out what they charge for Managed Services, you’ll probably discover that pricing isn’t uniform. The answers you receive may vary and can go from confusing to outright frustrating. Quite honestly, there’s no online catalogue to pick and choose from or one-price-fits-all formula. However, there are six popular IT Managed Service Pricing Models that you can use as a guide.

First, let’s talk about the benefits of Managed Services…

The goal of managed services it to lower your IT costs and keep your technology running at peak performance. Managed Service Providers (MSPs) monitor the health of your IT system proactively. This prevents downtime. Plus, they can fix issues remotely and quickly before you even notice there’s an issue.

• Because your IT system is monitored proactively, your IT professional is familiar with it. If there’s a problem, they can usually get you back up and running quickly.
• You have a Service Level Agreement with your MSP that includes all the services and support needed to keep your technology running reliably and securely.
• You can easily budget for IT services because your costs are predictable.
• With Remote Monitoring & Management, IT interruptions, downtime and breaches are prevented.
• You’ll have 24/7 service and access to a help desk that’s staffed by experienced IT professionals. This means you’ll always have immediate, expert-level support.
• With IT solutions that run as they should, your staff will remain productive. Plus, they won’t have to worry about IT problems and can focus on their work.

What Are The Six IT Managed Service Pricing Models?

1. Monitoring Only
2. Per Device
3. Per User
4. Tiered
5. All You Can Eat
6. A La Carte

What Is The Monitoring-Only Model?

The monitoring-only model provides network monitoring and alerting services. Your Managed Service Provider offers this model to companies of all sizes. Midsized or enterprise companies with in-house IT technicians can also use this service and be alerted when something goes amiss. With this model, there are several service levels offered.

What Is The Per-Device Model?

The per-device model is a flat fee for each device that’s supported in your IT environment. For instance, a basic per-device pricing model might designate a flat price: per desktop/per server/per network printer/per managed network.

The pricing is straightforward to quote, and the monthly service fee gets adjusted when you add or delete devices.

What Is The Per-User Model?

The per-user model closely resembles the per-device model. But instead of being billed per device, you’re invoiced per user, per month, which covers support for the hardware used by each user. The support typically covers commonly used equipment:

• Office Equipment: PC, laptop, tablet, and connectivity
• Home Equipment: home PC, laptop, tablet, and smartphone
• Communication Equipment: hotels and kiosks when travelling

What Is The Tiered Model?

The tiered model is designed to provide bundled packages. With each package, “X” amount of services are included. And as a tiered model, there are three or more bundled package levels, with three or more pricing levels. They usually get labelled as “Gold, Silver, and Bronze” or “Basic, Standard, and Premium.” The premise with this model is simple–when you pay more, additional services are available that aren’t offered with a lower-level bundled package.

What Is The All You Can Eat Model?

The all-you-can-eat model gives you flexibility. Budgeting your IT expenses in this manner enables you to gauge what’s taken place over the past year, and then make calculated IT cost forecasts for the coming year. Typically you’ll have access to:

• Remote support / On-site support
• Lab or Bench time / 24/7 year-round support
• Services during specific hours of the day/particular days of the month

The all-you-can-eat model gives you the ability to genuinely budget your IT support costs over a year’s time with no hidden or surprise fees.

What Is The A La Carte Model?

The a la carte model is unique. With this model where you’re getting individual services. Maybe there’s a specific problem that came up and needs addressing. This is when you pay for the services you need. You can also create a customized IT managed services bundled package that’s tailored to your company’s specific needs or requirements. That’s what makes this model different from an all-inclusive, IT Managed Services model or pre-bundled package.

What About Actual Pricing Ranges?

Actual pricing ranges vary from one jurisdiction to another. But to give you a brief overview of what pricing ranges look like, here’s the breakdown. Just remember that these aren’t actual prices, only pricing ranges.

• Flat-Based Range: Monthly, quarterly, or annual fee depending on needs
• Per-User Range: 166–399 CAD per month
• Per Device Range: 6–133 CAD per month

(approximate costs)

NOTE: An important plus is that with Managed IT Services you can predictably budget for your services because they are fixed per month.

What Do Break/Fix IT Services Cost?

You’ll Find That The True Costs Are Very High

Break/Fix services are reactive. Techs only show up when something goes wrong. This means that your technology isn’t monitored for reliability and security. This sets you up for downtime, and just a few days of downtime can cost you in productivity and revenue.

Not only are you paying for hourly service that you can’t control, but you’re also losing money from IT interruptions and downtime. As a result, many companies end up spending the same amount in a few months for break/fix services than they would for an entire year of Managed IT Services.

Break-fix companies make more money when your technology continues to break. And because they charge by the hour, they have no incentive to fix things quickly. A technician comes and charges you by the hour to make repairs. You might think that this is the most affordable way to go, but it’s not.

It can be like putting on a Band-Aid on problems rather than dealing with the cures. We’ve seen Technology Band-Aids when companies use Break/Fix IT Service, and when we do, the typical result is always the same… wasted time and money.

Break Fix IT is when you use an hourly support service without Service Level Agreements that provide guarantees for problem resolution and uptime — And you can end up with Technology Band-Aids that cost you more in the end.

Issues reoccur when they aren’t monitored and prevented. The problem with this type of service is that you can experience the same issue again. And when you do, your Break/Fix company will come back and charge you again. It’s actually in the Break/Fix company’s best interest not to get to the root of the problem and fix it completely because the more often they return, the more money they’ll make.

When IT isn’t monitored, you’re more likely to end up with security issues. While Break/Fix service might solve the immediate issue, they’re bad for your overall security because your system isn’t monitored 24/7 for threats. If you experience a serious data breach, you could end up out of business due to penalties, litigation and lost customers.

What About Pricing For Break/Fix IT Service?

Here in Canada, a Break/Fix Service will charge anywhere from $75 to $100 an hour, plus travel time from their facility to your office. Plus, keep in mind that not all repairs and service can be handled by just one technician.

Depending on what you require, you may need another tech to help or one who is more experienced and specialized in the IT solutions you use. Now you’re looking at closer to $266 an hour for a team and up to $200 an hour for a specialist.

Remember again, these aren’t actual prices, only pricing ranges.

• One tech: 75-100 CAD an hour plus travel time
• Two techs: 199-266 CAD an hour plus travel time
• IT Specialist: 200 CAD an hour plus travel time

(approximate costs)

NOTE: With Break/Fix Service you can’t predict what you’ll have to pay for. Your costs could constantly change according to what needs to be done.

We hope this helps you make your decision about whether Managed or Break/Fix IT Service is best for your business. Remember, “an ounce of prevention is worth a pound of cure.”

CFOs & Technology

The CFO role continues to evolve. CFOs used to be considered fairly powerless scorekeepers or merely chief bean counters, but today the role has taken on more responsibility as well as prominence.

Of course, any CFO will tell you that the old role is not unimportant, and it has not gone away. The expansion of the CFO into strategy, decision-making, and even IT oversight creates a capacity problem. How can the CFO meet all the new responsibilities without neglecting the old? Technology can assist in a number of ways.

Before we dive into how technology can assist CFOs in their expanding job functions, let’s look at what some of those expanding job functions are. Depending on where your organization is in its digital transformation, you may have already taken on some of these. If not, this overview will give you insight into what may be added to your plate in the coming months and years.

New CFO and Finance Responsibilities

The CFO has traditionally focused on finance and accounting, and these responsibilities remain both significant and important. New areas of responsibility are developing, though, including these.

Technology

The CFO role has an increasing responsibility for overseeing technology decisions and spending, along with the CIO. The entirety of the business is dependent on technology, and good choices in this area lead to dynamic transformation. Bad choices can have catastrophic results.

Future Focus

CFO and finance responsibilities are evolving from sole focus on the past (compliance and reporting) to include a future focus. CFOs are partnering with managers around the company to improve operations, and they often work with the CEO and the board to help plan company strategy.

Financial data and analytics have helped in this aspect of transformation. Another team may be responsible for analytics, but when it comes to the financial aspect of analysis, the CFO and finance team are an essential part.

Partnering with CEO

Today, CFOs partner with CEOs to develop strategy more frequently than they did in years past. While the roles remain distinct, the line is more blurry than it used to be, and the level of partnership and collaboration is much greater.

Partnering with Division Leaders

It’s more frequent than it’s ever been for the CFO to partner with division leaders or line-of-business leaders. These leaders necessarily have other focuses than finance, and they may need or seek guidance from the CFO. This guidance is sometimes finance-related and other times more generally related to business vision. The CFO also plays a role in teaching division leaders to accept financial guidance from the finance group.

How Technology Can Assist Today’s CFOs

Savvy CFOs will leverage technology to assist them in their expanding capacities. Here are a few technologies empowering CFOs and finance teams.

Big Data and Analytics

Data is more powerful than it’s ever been, and CFOs will benefit from technology solutions in this area. Powerful customer data can drive major insights into financial trends as well as business trends. Use analytics to make better-informed predictions on the future of sales. You can often get a better picture of what the customer wants by analytics than you can by traditional means like focus groups or customer surveys. These are powerful tools that can solve many problems and speed up many tasks for the CFO and the finance team.

Embrace the Cloud

Cloud-based apps can lower IT infrastructure spending as well as the need for maintenance. Many if not all the major IT applications needed by the finance team are available in cloud format, including ERP and CRM systems as well as planning and reporting systems.

Using cloud-based applications and systems allows your company to expand without having to consider infrastructure improvement. With the cloud, you’ve outsourced the infrastructure completely.

Finance leaders and CFOs are sometimes wary of the cloud, and this is understandable. Cloud-based services have had their fair share of highly publicized leaks and breaches. These have led some to question whether the cloud is really the right solution for sensitive data, whether financial or privacy-related.

The answer to this concern is twofold. First, the track record of these cloud apps is astoundingly good. Second, take a step back and review the landscape. Do you really trust that your in-house IT or infosec team is as skilled in protecting you from an internal breach as the team at a cloud service is? Your business is broad, and IT infosec is only one small component. For the cloud service, it’s nearly everything. One breach and they’d be out of business.

Mobile Technologies

While mobile technologies are most visible on the sales force and other customer-facing services (like your website), mobile can improve the quality of life for the CFO and finance teams, too. Selecting cloud apps that allow for mobile access gives additional flexibility to where and how work is done and data is displayed.

Need A Great IT Company Who Works With Top CFOs

This is just the surface of what technology can do to empower CFOs in their expanding roles. For more, or for help implementing solutions, contact us today.

According to the American Bar Association, it is crucial for attorneys and e-discovery professionals to define the rules of engagement instead of leaving those details to the IT department. Attorneys are being held to much higher standards of knowledge when it comes to technology, especially in terms of electronic discovery. ABA Model Rule 11 states that attorneys bear a duty to provide competent representation for their clients, and translated into today’s language — that means a firm understanding of technology and all of the various implications. Fortunately, there are advanced tools already built into Microsoft Office 365 that can help support the needs of law offices as they create a proactive e-discovery strategy for their offices and for their clients.

E-Discovery in a Digital World

E-discovery is increasingly complex as you bring globalization and mobile platforms into the conversation. The ability for mobile phones and tablets to access even the most sensitive personal and legal data is an ongoing challenge, not to mention the ability of clients to easily share information that should have remained confidential. SMS text messages, social media chats, in-app notes — these types of interactions must all be appraised for potential inclusion in legal matters in the future. However, the information that is shared between attorneys, clients and other external parties can be more easily managed with tools from Microsoft Office that are already available to your e-discovery team.

Advanced Document Analysis in Microsoft Office 365

The electronic discovery tools available in Microsoft Office 365 are increasingly detailed and include the ability to identify content that is a near duplicate, perform predictive coding and consolidate information across email threads. While you may still need a dedicated e-discovery platform for more detailed analysis, Microsoft’s cloud-based productivity platform has many advanced features baked into the base functionality. Microsoft has been boosting their e-discovery chops with additions to the platform that will provide professionals with more of the tools that they need to wrangle and report on data and communications that will impact their various cases. Massive regulatory cases are not the only ones whose outcome may depend on a single email — there are also thousands of smaller cases that can be solved more quickly and accurately with access to the correct information gained through intensive e-discovery.

Collecting and Preserving Crucial Electronic Data

The ability to easily share information is a boon for attorneys and clients alike, as people are increasingly ready to work from remote locations and while on-the-go. Law offices must take additional measures to ensure the security and consistency of data due to these additional pressures, and Office 365 can create clean transfer records across various mobile platforms, desktops and email. Attorneys and their staff must have a firm understanding of the flow of information throughout their various systems to take full advantage of the ways they can collect and preserve this crucial electronic data.

Investing in advanced e-discovery software may be necessary, but there are many ways that law offices are able to streamline their data structures and workflow by leveraging the advanced functionality that is already available within Microsoft Office 365. Speak with your local technology professionals to better understand Microsoft’s options for improved security and deeper data insights.

Whether you are starting out or ready to upgrade, there is a lot to consider when you’re shopping for a retail POS. These topics will help accelerate your research.

In a retail business, the selection of your point of sale software and hardware is a crucial one. You need to know that your selected vendor is trusted, reliable and will be there for you — and that the POS solution will be easy to use and fully compliant with all applicable laws. With so many different point of sale systems on the market, how can you be sure you’re making the right choice for your business? There are some key considerations that you will want to keep in mind as you’re researching the various solutions such as your projected growth rate, the level of support that you can expect to receive and how the system will integrate with your current marketing or customer relationship management solutions. It’s crucial that you take the time to fully understand your options before signing a contract because a poor selection could have a ripple effect on your organization. Here’s what you need to know when you’re shopping for a retail POS system.

Review Your Budget and System Needs

There are some systems with some pretty hefty bells and whistles, but is that what you really need for your business? Just as with any technology solution, you want to “right-size” your requirements to be sure you’re considering systems that will meet your needs both now and in the future without a lot of pricey functionality that will not be used in your stores. Even if you’re just starting out in a rented space, what are your plans for expansion in the future? While that extra-fancy reporting software may be great for larger businesses, is it truly providing you with the value for the additional cost? Force yourself to justify each addition to the scope — but don’t scale back on basic requirements for your business.

Proactive Support During Onboarding is Imperative

It is all too easy to make an uninformed decision during the initial configuration of your POS system that could severely limit the way you are able to leverage the platform for your business in the future. When you’re considering a new POS system, be sure you are meeting the team that will physically do the onboarding, initial setup and training — and you need to be fully comfortable that they understand your current (and future!) business model and needs. Once your system is fully configured and operational, it can be much more difficult to change settings that are core to the utilization of the platform. While some changes are relatively straightforward (adding a new product or updating a price) others could require a significant investment in consultant time, testing and training before you can trust that the changes have been made correctly.

Aggressively Limit System Complexity

The word “aggressive” can have some pretty negative connotations in business, but it’s truly needed in this instance. Everyone from your staff to vendor sales teams will be pitching you on the relative value of additional functionality. Unless you are able to tie this directly back to a quantifiable business gain, resist the temptation to add complexity to your system. When you start with a system that is simple yet scalable, your ROI will be recognized sooner and you may even reduce employee frustration with the new system. Change is difficult for people, so anything that you can do to ease the transition will help soothe the nerves of unsettled staff members. When possible, consider a longer-term roadmap of development and ensure that your selected system will fulfill the future needs of your business as it grows.

Consider Integrations Possibilities

While it’s impossible to know what types of integrations you may want in the future, there are a few basics that you’ll want to consider such as how well your new POS system will work with your customer relationship management (CRM) software. Your customers are an integral part of your business, and capturing their purchases and needs allows you to serve them more effectively in the future. Other potential integrations include with your cloud storage solution, shipping management systems, inventory, communications and more. As you’re building the infrastructure to support your POS system, it’s important to review whether your telecommunications platforms and internet bandwidth are up for the challenge.

Robust Batched or Real-Time Reporting

Do you want to receive automatic reports about your business on a regular basis? Are you interested in configuring the reports that you receive, or are you happy with what comes out of the box? When you need new reports, will you have to engage consultants, or will you be able to do some simple report changes internally? Consider gathering copies of any current reports that you’re using or taking the time to detail the types of reporting you’ll need in the future before you begin your search. That way, you can share these details with the sales teams for your potential POS systems to determine the level of reporting that will be possible in the various systems.

Flexible Payment Processing

Have you considered all the ways that your team can accept payments, and does your POS system need to allow for tipping, printing or emailing receipts? An emailed receipt is a great way to continue a conversation with customers that started in your store. Customers want their receipt, so they are likely to give you an active email address for that reason. With proper opt-out procedures and messaging, you’ll then be able to communicate with these individuals in the future.

Finding the ideal POS system for your business may take some time, but doing the upfront work of research and to define your requirements will allow you to make a solid decision for a system that will serve you well in the future. Your POS system is a key element of your business operations, and finding a solution that is flexible, includes adequate reporting capabilities and can integrate well with other business systems will have your revenue humming!

Learn about the importance of CTOs and CMOs uniting their efforts to create optimal outcomes for their companies. You can make business better by uniting.  

Considering the vital importance of digital touch points—including mobile and Web interactions—for the success of most businesses, there has never been a time where it was more necessary for CMOs and CTOs to unite. But what about the way things have been done for so many decades, with CMOs and CTOs occupying very different areas of the organization? Well, the times are changing, and it is up to business leaders to change along with them. It’s that or risk being left behind by the competition.

CMOs and CTOs Must Unite

Technology is the through-line that connects every aspect of today’s businesses, especially when it comes to management and the creation of content. Data is the foundation for all decisions in the modern business environment, which comes from the core technologies utilized by every organization. Leveraging technologies allow businesses to create content that is extremely personalized and therefore fulfills the needs of the target audience in ways that were not previously possible. According to Adobe, it is this highly personalized content, along with tech like AI, machine learning and more, that have become required in the modern world of business.

Powerful tools like the ones mentioned here are only fully utilized by combining the skills and knowledge of the CTO and CMO. The need for tech expertise is obvious since all of the most potent tools in marketing today are enriched or enabled by the latest technology innovations. But the need for marketing expertise is just as important to connect with the customer. Without a human touch and an understanding of what makes people trust a business, technology can only accomplish so much.

How Can CMOs and CTOs Combine Their Efforts?

Let’s explore some of the ways that CMOs and CTOs can work towards a united front when approaching company objectives:

Be equally accountable for the outcomes you are seeking for the company.

The CTO and CMO used to operate in individual silos that rarely overlapped. In those days it was understandable to treat the outcomes you were seeking as your own and to avoid taking on responsibility for the outcomes of other departments—especially departments that seemed to have so little to do with your own. But today it is more important than ever to share the responsibility for achieving company objectives. After all, you are in the same boat overall, and you want to make sure that boat experiences smooth sailing for the benefit of all parties.

Instead of saying, “That’s not my responsibility,” try discussing with your other stakeholders how you can contribute towards success. You may be surprised at the answers you get, and at how easily you can provide support.

Recognize the areas that you can help when developing the content management strategy for your business.

While you both need to be responsible for the outcomes sought by your company, you are only going to be most effective if you are certain where your strengths lie. For CMOs, you should be focused on utilizing your resources and expertise to manage communications, brand messaging and overall content strategies. The CMO understands the consumer better than the CTO and understands the way the consumer behaves. It only makes sense for the CMO to look to things like brand messaging and content strategy because of this knowledge.

In contrast, the CTO is best equipped to take control of analytics, delivery, and insights for the consumer. The CTO and the team underneath the CTO have the skills and reach necessary to yield the most effective results in these data-driven areas.

Learn to think like the other team from time to time.

While you definitely want to lean into your strengths, you still need to have a knack for clear communication and predicting what your peers will need in the business. In other words, you need to learn to think like a CMO or CTO, even if you are not one. No one will expect you to take over the other person’s position, of course. But the better you can get into the headspace of the other manager the better equipped you will be to cross-pollinate and predict the needs of others.

Not only does thinking like the other allow you to communicate and help each other better, but it also tends to lead to the kind of game-changing ideas that revolutionize the way your organization functions. The CMO can better understand and utilize the power of the tech available, while the CTO can become more aware of how marketing outcomes are achieved and the kind of information that could be most beneficial for marketing efforts can be better understood.

Open up lines of communication and foster their growth.

As with any new relationship, the first few conversations are often the hardest to get through. Typically, opening up the line of communication is a big effort, and keeping it open is not the easiest thing to do. But it is worth the effort. Realize that you both can greatly benefit from each other’s knowledge and that working together is the key to realizing the full potential of your business.

What’s your favorite: red or blue? Sometimes there are no wrong answers to a question, and that may be the case when you consider the various infrastructure options of SD-WAN vs. MPLS. Can one be truly considered “better” than the other? It depends on the goals and requirements of your organization as well as the existing infrastructure that you are working with. Let’s unpack whether SD-WAN or MPLS is the winner when it comes to selecting a protocol for your network traffic. With the growth of SaaS platforms and cloud-based storage and computing, this question is looming large in the mind of IT leaders throughout the world.

Understanding SD-WAN: The Frisky Upstart

Wide Area Networking (WAN) has been around for decades, with a centralized bandwidth controller that is used to direct traffic within your organization. Policies and procedures are fed into traditional branch routers that then find the most efficient method for providing your application with the connectivity that you need. Expanding WAN can be expensive and configuration can be fiddly, which makes SD-WAN all the more attractive due to its flexibility for deployment. With SD-WAN (Software-Defined networking in a WAN), virtualization is leveraged to reduce the physical footprint and reduce the overall complexity of your networking practices. To keep it simple, you are much more likely to meet the expectations of your employees and customers with SD-WAN because you’re relying on a more flexible method of delivery for your business networking rules.

Understanding MPLS: The Hardened Contender

Multiprotocol Label Switching (MPLS) has been driving the business of doing business for many years and is a stable system for carrying data in high-performing networks. While it’s traditionally been used in telecommunications, there are plenty of organizations using MPLS to direct internet traffic, too. Where MPLS really shines is in applications such as VoIP, video conferencing or virtual desktops due to the high packet availability and low loss of quality. Sound and video quality are exceptional, and the protocol is highly predictable in nature. There are some key disadvantages such as bandwidth cost and the potential that lower-rated applications or services could be slower or have slightly degraded quality due to de-prioritization by the “traffic cop”. This protocol was great in a time when there were fewer demands on overall bandwidth, but today’s hungry cloud-based applications can quickly eat through your monthly allotments.

Advantages and Disadvantages of MPLS and SD-WAN

Without a full understanding of the particular needs of your business, it would be difficult to pick a winner between these two contenders for Top Protocol. SD-WAN offers the global availability, scalability and control that you need at a more reasonable price point, while MPLS allows you to boost the priority for crucial traffic moving through your network. MPLS practically guarantees a higher level of quality for the most important traffic within your business, while SD-WAN offers an added layer of security that might be a big selling point for organizations in today’s climate of rampant cybercrime. SD-WAN is generally considered to be more cost-effective and scalable — even though it is slightly less reliable than MPLS implementations.

Which Is Better for Your Business?

There is no clear and true winner in this battle, but you might be interested to know that Gartner released a recent whitepaper entitled: SD-WAN is Killing MPLS, So Prepare to Replace It Now. That seems like a pretty strong statement, especially considering that the research firm also notes that MPLS still far outstrips SD-WAN in terms of usage. Hybrid and internet-only WANs are on the rise as infrastructure leaders continue to look for ways to boost network efficiency and speed while reducing the possibility of a devastating security event. SD-WAN allows for an additional measure of control when it comes to security, which may be one of the reasons that IT leaders are moving in this direction.

There are no perfect answers that will fit the needs of every organization, but SD-WAN comes out on top in terms of price and scalability, while MPLS edges out the competition when it comes to overall reliability and reduced packet loss. One thing is for sure: this conversation will continue!