I’m sitting on a plane heading to one of the IT Mecca’s, Redmond, Washington. I’m attending the Microsoft MVP Summit, and it’s a six-hour flight from Newark to Seattle. Flights of significant distance like this one require a combination of survival tactics. First, a fully charged laptop to do some writing and email. Second, a fully loaded iPhone with several entertainment options to take a break with. And finally, a good book.

For this trip, I took Mastering the Rockefeller Habits, by Verne Harnish. I had the pleasure of seeing Verne speak at the ConnectWise Partner Summit back in November and brought his book home, earmarked to read. This trip, I read it.

Business books are key to being an effective leader in your organization. As a leader, your role is to bring new ideas and help your customers, your team, and your organization move into the future. Harnish takes a very practical approach to growth, and outlines his thoughts on planning.

Harnish focuses on the rhythm of business, and it led me to think about the heartbeat of our own business. As service providers, we often focus on the flow of service tickets, Service Level Agreements and our delivery of them, our utilization numbers, and any myriad of statistics that ensure good service delivery.

But are we helping our teams establish a rhythm? Harnish talks about the benefits of the patterns of daily, weekly, monthly, quarterly, and annual meetings to help teams come together and know where they are toward reaching their goals.

Goals are vital to our success, particularly as a Managed Services Provider, and in order to be successful with a goal setting strategy, we need to take the time to set goals, understand how to measure success, and how to drive those successes.

As business owners, we often get lost in the mechanics of operations. We spend too much time working “in” the business, rather than work “on” the business. (Hectic days will do that!) It’s a challenge to strike the right balance between the two, but it’s vital to master. Our teams depend on us setting the right goals and establishing the rhythm of the organization, but we often focus too much on the metrics of the business and not enough on helping our teams become effective in achieving them.

To execute those goals we need to march step by step, in unison, in the same direction. A rhythm of meetings and checkpoints are incredibly important in making this happen.

Now this is all great in theory, but what are some practical things that you can do to establish this? Here are some ideas.

Goal setting. Set yourself a schedule, and take the time to review your goals. Do you set goals on an annual basis, and define steps on a quarterly basis to achieve it? You need to. Take the time.

Thinking time. To establish those goals, you need time. Set aside some time to dream. If you don’t have the time to think about the future, how can you head toward it?

Set the rhythm. Set an established pattern for your business. Daily, weekly, monthly, quarterly, and annual patterns are important. Keep to a schedule, and make it a priority for your business.

These steps sound simple, but they’re vital to making your business a success.

As I deplane, I highly recommend Verne Harnish’s book. It’s a great place to start on your planning of each of the steps you need to take to be successful.

SaaS has several characteristics that set it apart from other services:

1. SaaS allows the access and use of commercially available software through a remote, network, or internet connection. This means that the software is not installed in the subscriber’s computer, but rather on the SaaS provider’s server. This also makes the software accessible to the subscriber regardless of his or her location.
2. SaaS provides commercially available software, not custom made software, meaning that a particular software service is made available to multiple clients, so customization is limited to only what the software or SaaS provider allows.
3. The SaaS provider shoulders the responsibility of updating the software, and subscribers can request updates, upgrades, and additional features.

Regarding implementation, SaaS architecture is classified into four “maturity” levels based on factors such as configurability, multi-tenant efficiency, and scalability.

1. Level 1 is the “ad-hoc/custom” level, in which a modified version of a particular piece of software is offered to subscribers, which is then run on the provider’s host server. This level is requires the lowest maintenance.

1. The second level offers more customization and allows subscribers to configure the metadata of a program. This then allows a customized version of the same software, based on the needs of the subscriber.

1. Multi-tenant efficiency is added to the third maturity level, which means that the SaaS servers are made more conducive for subscribers to use separate instances of a single application.

1. The fourth and most “mature” SaaS architecture offers all four factors, with the service reaching optimum efficiency.

Considering SaaS for your business? Let us help you sort through the details.

I get often asked about my opinions on certifications. In the IT world in particular, vendors encourage solution providers to get their teams certified on their products and technologies. A number of technicians focus on collecting as many certifications as they can to show their technical knowledge.

I’ll start my assessment by saying that I have long believed that alone, certifications do not necessarily indicate the technical skill of an engineer. I know a number of engineers who don’t hold any certifications who I consider incredibly knowledgeable and incredibly capable, and I’ve known engineers who hold a number of certifications who I wouldn’t let touch a single one of my customer’s systems. A certification alone does not make for a measurement of an engineer.

IT, unlike medical and law practices, does not have a regulated system of ensuring that an IT firm is capable. Thus, we need to use a different set of criteria to judge technical skills.

From an engineer’s perspective, getting a certification shows an investment in their own education and becoming a better technician. It can show their interest in technology, their investment in themselves and their dedication to the field. I tend to look at the power of trends here. When an engineer keeps acquiring certifications, I know that they are interested in what they do, looking to continue to advance themselves, and looking to take on new challenges. An engineer who achieves a certification and never moves further, however, leaves an indication that they are not as dedicated.

From a business owner’s perspective, certifications give me a sense of what is important to my vendor partners and what areas I should continue to focus on. A series of exams tell me which products are of interest, and do give me a perspective on what my engineers should know.

From our vendor partner’s perspective, certifications let them know our commitment to their programs, and our level of engagement. If we take the time to invest in their training programs, they know we have a level of commitment to working with their technologies well. This ensures we can be capable of delivering solutions to a standard.

With customers, certifications show the level of commitment that an organization has to their partners and to their field. Again, alone they aren’t an indication of capabilities, but in conjunction with an organization’s references and capabilities, they give indications on how well an organization can serve them.

In short, certifications show investment, trending, and commitment, but alone aren’t an indicator of capabilities. Building your certifications up in your organization should be a part of your investment in training, but not the only effort made.

I do think it’s important to single out two organizations that take their certifications very seriously in the small business IT consulting realm. Both Microsoft and CompTIA have invested considerably in ensuring that their certifications have measurable value, and as part of a comprehensive training plan are keystones. In fact, for organizations that are looking for their first certifications, this is always where I steer them.

At my firm, our 2010 training plans include a combination of certifications and technical activities that engineers must accomplish to ensure they keep their skills moving forward. This allows us to give them targets of what they should invest in. We don’t use them as the sole indication of their ability, but for the reasons above, it gives us a sense of their capabilities, and a way to further their own careers. Certifications are one piece of ongoing training and education, but certainly not the only one!

Microsoft recently released a number of security bulletins and patches addressing vulnerabilities in Windows and Office that are of high risk to users. It’s widely believed that many will be exploited by hackers within the next 30 days. One of them could potentially allow hackers or malware authors to easily compromise systems by tricking users to download malicious AVI-formatted files. Others require nothing more than just visiting a website. Another specifically targets Powerpoint Viewer 2003, and opening a malicious .ppt file could affect your system.

This latest round of patches and vulnerability updates is really nothing new – although the sheer number made public in one day is notable. This highlights the need for a comprehensive security policy, because vulnerabilities do exist in even the most mundane or old versions of software. Customers under our Managed Services plan can rest easy since we monitor and update their computers as soon as these patches and advisories are released. Find out more about what we do to make your systems safe and secure. Contact us today.

Related links:

• Patch Tuesday: Microsoft plugs critical Windows worm holes (zdnet)
• Researchers warn of likely attacks against Windows, PowerPoint (computerworld)
• Microsoft delivers huge Windows security update (computerworld)

A malicious piece of software making the rounds of news websites this week is believed to be behind the compromise of over 75,000 systems in over 2,500 international organizations – many of which are government agencies and large Fortune 500 companies.

Called the Knebner botnet after the name in the email used to register the initial domain used in the campaign to propagate the malware, the software infects computers and captures user login access to online financial services such as Paypal and online banks, social networking websites such as Facebook, and email. Infected computers can be centrally controlled from a master computer, which presumably harvests the data captured for nefarious means.

The Knebner botnet itself is not new. It’s based on the ZeuS botnet, and has gained prominence lately because it’s slipped under the radar of so many organizations. However, there are ways to prevent compromises from botnets – one of which is to have a proactive security system and policy in place. Our Managed Security customers have this assurance in place since we continuously protect their system from botnets and other malware. If you’re not sure that you’re protected, talk to us today.

Related articles:

• Kneber botnet described as ‘massive’ and ‘worldwide’ (inquisitr.com)
• Kneber attack resurrects notorious Zeus Trojan, say experts (guardian.co.uk)
• Malicious Software Infects Corporate Computers (nytimes.com)

For businesses of all types and size, managing data online is critical to the smooth operation of a website. However, incorporating data collection programs can be time consuming, especially if any of your data is “time bound” – meaning it’s only valid and useful during a specific period of time.

Here’s a solution. FormSpring provides free and paid website data collection services that eliminate the need for additional programming or the purchase of additional software.

If your website includes contact or event registration forms, surveys, and the like, FormSpring provides services ranging from a basic free option to more feature-intensive offerings with custom made forms based on your unique requirements. There’s no long-term registration contract, and you may cancel at any time. FormSpring also offers a 30-day money back guarantee.

It’s worth noting that the data is stored on FormSpring’s servers, so if you have special compliance requirements for privacy or security you might want to check to ensure you remain compliant.

Overall, FormSpring is a very useful website for companies or groups that need a hassle-free way to collect data through their website. Check out their free version of the plan or use the 30-day money back guarantee to explore whether FormSpring meets your data collection needs.

If you suspect that you’ve responded to a phishing scam with personal or financial information or entered this information into a fake Web site, take these steps to minimize any damage.

Read more

Phishing, pronounced “fishing,” is a type of online identity theft that uses e-mail and fraudulent Web sites that are designed to steal your personal data or information such as credit card numbers, passwords, account data, or other information. Follow these guidelines to help protect yourself from phishing scams sent through e-mail.

Read more

The growing reach and power of the internet has changed the way people do business, with more and more web-based services popping up. One of these is SaaS.

SaaS stands for Software as a Service, which refers to any licensed software being “rented” to a company by another company on an as-needed basis.

To illustrate, let’s say Company A is in need of licensed software, but only for a specific period of time because of a one-time client or project. Company B, as the SaaS provider, rents out the use of the software  to Company A for the time Company A needs to use it – weekly, monthly, and so on. (Company B is specially licensed to do this, of course.)

The term became popular near the end of 2000, but the service started in 1998 with a website called siteeasy.com. The concept has become increasingly popular because the legal alternative to rent/outsource the use of the software spares the expense and hassle of procuring software licenses.

As with other outsourced services, the hardware used for SaaS are remotely located and hosted, and accessed through the internet by the subscriber. Virtually all kinds of software can be used through a SaaS service, and availability of the software depends on the subscriber.

There’s vast potential in the use of the internet and web-based services such as SaaS, but the nature of the remote hosting service is not for everyone. If you’d like to learn more about the pros and cons in relation to your business model, we’d be happy to discuss a possible SaaS road map with you.

Most small and medium businesses can’t afford the luxury of a qualified IT administrator, let alone an entire IT department. If you’re in this position, how do you maintain the information technology infrastructure that’s critical to your organization?

One option is Managed Services, in which you outsource this role to an IT expert called a “managed services provider,” which will typically offer on-site or remote network and security monitoring, data backup and technical support.

Because the Managed Services model allow a business to focus on its core competencies, it is increasing in popularity—but sometimes it’s hard to separate the real benefit from the hype.

What’s the value to you?

• Peace of mind. Your managed services provider will monitor your IT infrastructure and prevent or resolve any problems—a sharp diversion from the traditional “fix it when it breaks” model of IT management.

• Simplicity. Your managed services provider will provide many of its services remotely, via the Internet, instead of through on-site visits. This reduces time and cost.

• Constant support. You don’t have to worry about support; your  managed services provider will offer the assistance you need, when you need it.

• Affordability. Managed services providers typically offer several price structures, including a per-month fee—which is much lower than the cost of building an in-house IT support department.

• Accountability. Have you ever tried to resolve an IT problem only to find that one vendor blames it on another who blames it on another? With managed services, you don’t have to go to multiple vendors to figure out why your network is down or you’ve experienced a security breach. You’ll have one point of contact: your managed services provider.

Want to learn more about how Managed Services can give you dependable IT with predictable costs? Give us a call.