Is your business taking a gamble?

The stakes are high when your business is at risk of an outage.

The British Chambers of Commerce found that 93 per cent of organisations who lose data for more than 10 days file for bankruptcy within a year, with 50 per cent filing right away.

SMEs experience an average of 14 hours of downtime per year, during which staff can only function at 63% of their normal productivity. Organisations lose an average of nine hours per year after their systems are up and operating due to the time it takes to recover data. Employee productivity only rises to 70% during these times.

Then there’s the issue of human behaviour to consider. Here is something we’ve all done at some point: we went to our trusted supplier, found out they couldn’t fill our order and went somewhere else to make the purchase. If the experience was positive, we transfer our loyalties and money to this new provider. Although there will be a certain number of customers who will purchase from a competitor but return to you, there will be others who will not.

What does this tell us (among other things)?

1. Data loss and data unavailability are not the same things. While your backups are functional and your data is fine, there might be a scenario in which you have to wait to get it.
2. Recovering data takes time, a lot of time.
3. Downtime has a significant impact on staff productivity.
4. Unavailability of your services can cost you loyal customers or negatively impact your relationship with them.

In essence, evaluating the cost of downtime is not a simple task as it implies many factors. This article will provide a rough estimate for the calculation of downtime and outline preventive measures to mitigate the risk of system outages towards the end. Continue reading if your not sure about your network’s resilience.

Cost of Downtime – A Rough Estimate

Businesses are now more technologically reliant than ever before in today’s digitally connected society. We’ve established that any amount of downtime can have an influence on how a company functions, whether it’s sales processing, online traffic, customer calls, or the impact on employees, as the growing usage of cloud-based apps necessitates a larger reliance on reliable internet connections.

Here is the math behind it:

“Total Cost of Downtime = Lost Revenue + Lost Productivity + Cost to Recover + Cost of Intangibles”

A detailed overview of each factor is listed below.

Lost Revenue

Start with the areas of your business that generate revenue and break it down to hours, minutes, days, whatever you want this stat to be based on. Next, think about the revenue-generating areas that rely on uptime. Represent that number with a percentage. You’re ready to calculate the cost of downtime due to lost revenue now.

Quick example:

An SME generates £8000 in daily revenue while 40% of the revenue-generating areas rely on uptime. The cost of downtime due to lost revenue is £8000/8*40% = £400/hour.

Lost Productivity

Some of your employees will be forced to stop working when your systems go down. We covered the cost of lost revenue, but the organisational overhead increases the overall cost of downtime further. Take the cost per employee including the overhead (benefits, holidays, etc.), break it down per hour and estimate how much of their job this person can do without access to the systems. Represent that number with a percentage. You’re ready to calculate the cost of downtime due to lost productivity now.

Quick example:

An SME has 10 employees with an average cost of £200 per day and per employee. Without access to the systems, their productivity drops to 60%. The cost of downtime due to lost productivity is 10*£200*0.4 = £800 per day or £100 per hour.

Cost to recover

This one is tricky because it comes with a certain level of unpredictability including potential ransomware payments or services needed to recover encrypted data, hardware repairs or replacements, cost of any lost data.

Imagine you lost the documentation of a business-critical procedure and have to go through the governing certification process again. How much time, effort and money would it cost your business?

Intangible costs

Hard to quantify but devastating at times, intangible costs include lost clients and penalties for not meeting governmental regulations like GDPR.

Summary

The impact of downtime can be devastating for all kinds of businesses. It can be calculated as the sum of lost revenue, lost productivity, cost to recover and cost of intangibles. While continuity solutions are typically more complex to set up and maintain than simple backups, their capabilities have saved many businesses in the past and continue to do so in today’s cloud era.

IQ in IT is a Technology Success Provider and operates as your outsourced IT department. If you have any question or would like a deep dive on any of the topics discussed, don’t hesitate to get in touch.

This is certainly not the first article about the UK General Data Protection Regulation (UK GDPR) but there is a lot of, in parts even contradictive, information about it and it still is a relevant topic – hence this page. For this post, the main source will be the webpage on Security by the Information Commissioner’s Office.

In summary, GDPR explains the general data protection regime that applies to most UK businesses and organisations. Covering each of the data protection principle, right and obligations, it summarises the main points to consider regarding individual rights and personal data breaches, accountability and governance, security and the basis for processing. As IQ in IT’s main focus has always been security, a huge part of this article will focus on that. Please feel free to check out the original resource here: Guide to the UK General Data Protection Regulation (UK GDPR) | ICO.

What is personal data?

Let’s start by explaining what ‘personal data’ actually means. The UK GDPR defines personal data as “any information relating to an identified or identifiable natural person (‘data subject’)”. The natural person is considered as identifiable by “reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity”. In short: a natural person is an individual who can be identified or who is identifiable, directly from the information in question or who can be indirectly identified from that information in combination with other information.

Risk Analysis

Do you have a risk policy in place? How often is it reviewed and who is doing the audits? These are questions worth asking when looking into data protection – as part of the GDPR compliance and outside the scope of it. The goal is to build a culture of security awareness. Let’s have a look at the different factors to consider when analysing Cyber Security Risks and how to deal with them.

The chance of sensitive data, funds, or corporate processes being disrupted online is known as cyber risk. Cyber hazards are most usually connected with situations that potentially result in a data breach. The following are some examples of cyber risks:

• Ransomware
• Data leaks
• Insider threats
• Cyberattacks
• Phishing
• Malware

Risks are categorised based on likelihood, financial impact (information value, reputational loss), exposure and vulnerability, among others and deliver a matrix that determines focus areas as it shows risks on a scale from low to extreme.

Being aware and being able to quantify and qualify these threats is a great step towards mitigation. If you don’t know where to start or would like an independent pair of eyes looking over your assessment, don’t hesitate to reach out.

What do security measures need to protect?

The next step is to define and implement measures to protect personal data. The goal is to ensure that personal data

• can only be accessed, altered, disclosed or deleted by those authorised to do so.
• remains accessible and usable

So, if personal data is accidentally lost, altered or destroyed, you should be able to recover it and therefore prevent any damage or distress to the individuals concerned.

External bad actors should not be able to log in to your emails, the CRM tool, or databases. Strong, independent passwords and the use of a password manager are therefore crucial. Please keep in mind to protect your machines with passwords as well. Stolen laptops pose a huge risk as they offer login credentials to all sorts of systems within your organisation. Deploy a tool that allows for remote data encryption to add another layer of security for employees who travel a lot or work remotely.

Apply appropriate security levels to different teams and their members. Start with no rights for new hires (can’t see or do anything) and decide what they need to be able to do before giving them access to new tools and sets of information. This is called the principle of least privilege and is based on the idea that any user, program, or process should have only the bare minimum privileges necessary to perform its function. If your sales rep shouldn’t be allowed to delete contact information, don’t give him the option in your CRM. If your personal assistant should be able to download your emails, don’t allow it … you get the idea.

Make sure data is encrypted when it’s being moved, especially when people work from home or are connected to some shady public networks in a cafe for example. Your hardware is only as good as the configuration that is applied to its software.

The last line of defence is your backup and recovery mechanism. Take regular backups. Run regular restore tests. Make sure you follow the 3-2-1 backup rule (3 sets of data on at least 2 different media with one of them offsite.) As an example, take a server. It should continuously run backups to a local appliance, a different physical device but in the same network, and replicate to an offsite location such as cloud storage, a private data centre or your secondary office. Make sure the data for both backups is encrypted at rest and in transit.

Having your data backed up is a great start. The next step is to ensure that it’s ready when you need it. How long does it take to get your data back and the server running? If everything is stored in the cloud but your production machine is in the office and runs the software for your business, consider the option to be able to virtualise the production machine in the cloud. Virtualisation is the process of spinning up a copy of the production machine and granting access to the people in your organisation who need it.

Summary and Key Takeaways

The UK General Data Protection Regulation explains the data protection regime about the use of personal data. Personal data is information that can be used to identify an individual through identifiers such as name, birthday, address, and many many more. Your business is responsible to process this information securely by means of “appropriate technical and organisational measures”.

Carry out regular risk assessments and build a matrix with focus areas. Avoid reusing the same password on multiple platforms – a password manager can help. Follow the principle of least privilege. This can be achieved through security policies.

Make sure data at rest and in transit is encrypted when working remotely. Use a remote monitoring and management tool to wipe stolen laptops if needed.

Backups are the last line of defence against cyberthreats. Test the integrity of your backups regularly. Consider an upgrade from backups to a continuity plan to avoid costly downtime.

IQ in IT is a Technology Success Provider and operates as your outsourced IT department. If you have any question or would like a deep dive on any of the topics discussed, don’t hesitate to get in touch.

Introduction

Did you know UK businesses are more likely to have both internal and outsourced support in comparison to France, Netherlands, and Germany? But what does outsourced IT involve?

IT Service Providers deliver the technical expertise that businesses need at a much lower cost than hiring dedicated IT staff. They can recommend, install, and manage technology according to business objectives and core competencies, as well as ensure that critical data is safe and secure. That’s why according to a study conducted by Strategy Analytics, 1 in 3 European small and medium-sized businesses (SMBs) currently outsource some or all of their IT support. Rather than waiting for something to break or shut down, Managed Service Providers (MSPs) take a proactive approach to IT by ensuring a customers’ IT can avoid most tech issues in the first place. We understand there are many considerations for companies thinking about moving their IT to another company.

In this article, Datto and IQ in IT summed up the key factors to help you decide what’s best for your company. Let’s get started!

What’s an MSP?

A Managed Service Provider is an IT service professional that companies outsource their technology needs to.

“MSPs are technology partners who put people and processes first and allow companies of all sizes to maximise their technology investment.”

They can deliver ongoing monitoring and management of client applications (email, website, security, etc.) and IT infrastructure remotely. This is typically accomplished through remote monitoring services, which allows them to keep tabs on the health of their clients’ IT environments, change and update systems and troubleshoot problems. MSPs closely monitor a wide variety of IT solutions that businesses have implemented such as:

• Application monitoring & management
• Helpdesk
• E-mail
• Security
• Storage
• Backup and Disaster Recovery

MSPs work with a variety of technology vendors to deliver these services. However, it’s not just about technology. Ultimately the expertise of the service provider holds the most value for all sorts of companies because IT-related downtime can have a devastating impact on revenue and reputation – especially for businesses trying to grow.

Why SMB’s Adopt Managed Services

One Size Does Not Fit All

We understand each company is different. Therefore the specific reasons SMBs adopt managed services depend on the unique needs of the organisation. For example, the IT needs of a five-person company with no in-house IT will be quite different from those of a 100 person company with a dedicated IT team. Therefore MSPs can provide different levels of support to meet the technical requirements of various businesses.

“Moving all or some IT tasks to a managed service allows businesses to focus on their core competencies instead of day-to-day IT management.”

According to SMB IT Usage and Perceptions 2019 Report, the top reason UK SMBs adopt managed services today is “down to the increasing complexity of IT”. But, context is essential because the size of the business will determine the complexity of the IT infrastructure for the evaluating company. A larger business may face more challenges in implementing its IT strategy across its organisation and may use an MSP to manage the process. The 2019 report also states larger SMBs believe IT helps their business to succeed; therefore, they are likely to contract with MSPs for strategic reasons. At the other end of the spectrum, it might mean outsourcing some routine tasks so in-house IT experts can focus on higher-level technical challenges. This concept is called co-managed IT.

Many businesses also choose to work with IT service providers because they have expertise in a specific area of IT. For example, 28% of respondents from the SMB IT Usage and Perceptions 2019 Report said they adopted managed services for “enhanced security/compliance”. This is likely due to the roll-out of GDPR across Europe in 2018, in addition to ransomware attacks frequently appearing in the news. On average, 2 in 5 SMBs from Datto’s 2019 European State of the Channel Ransomware Report, reported that they had fallen victim to a ransomware attack. In particular, SMBs who don’t outsource their IT services were more at risk. MSPs can work to keep software patched and up to date to protect against security breaches, as well as to ensure the company’s data is fully protected from malicious or careless actions.

Save Time and Money

MSPs can also initiate new projects and implement new technologies quickly. They have the resources and flexibility to get projects off the ground, which might take weeks or months in-house. Implementing new technology with your existing environment can be complicated and time-consuming. Because MSPs work with a wide variety of clients with different IT needs, they are uniquely equipped to take on complex IT projects. They also have vast experience troubleshooting the products they use – allowing them to resolve problems quickly.

“Because MSPs work with a wide variety of clients with different IT needs, they are uniquely equipped to take on complex IT projects.”

Depending on the company, cost savings may also be a factor – especially among smaller companies with straightforward IT needs. Monthly fees for managed services will vary depending on the services delivered. But managed services are generally more cost-effective than hiring in-house IT staff for smaller businesses. According to Kaseya’s 2019 MSP Benchmark Survey Results, 26% of MSPs said their average monthly managed contract is £750 – £1900. Therefore, SMBs are paying a fraction of a yearly salary for an IT professional in Europe.

Conclusion

There are a variety of reasons that SMBs need help from MSPs. Very small companies look to reduce IT costs while getting the IT expertise they need by partnering with an IT service provider. Larger businesses typically work with IT service providers to offload many difficult or time-consuming tasks, allowing their internal IT staff to focus on mission-critical activities. If you’ve never considered an IT managed service offering and are trying to manage your own IT, it’s worth being aware of this cost-effective way to have your IT burden lifted.

If you’ve never considered an IT managed service offering and are trying to manage your own IT, it’s worth being aware of this cost-effective way to have your IT burden lifted. If you are working with an IT service provider on a project basis, it is worth investigating whether they offer managed services as well. Or, if your current IT team is running ragged, perhaps you can offload some difficult IT tasks. MSPs can help keep you focused and keep you safe!

Let’s have a look at one of the many tools that come with the Microsoft SaaS Package.

In a world that turned into one big Teams meeting over 4 different devices and infinite time zones, it’s worth asking why productivity is not necessarily increasing. Is a meeting always adding value or do we have them for the sake of having a meeting? It certainly sounds important, very important even.

“I just had a very important project meeting about flame powered food processing with my lifelong mentor and friend, where I learned about his preferences.”

… just asked my dad how he wants his steak – although I should know that by now.

From experience, everybody knows that it takes a bit more than just sending an invite and hang around for half an hour to call it a productive meeting. Microsoft happens to offer a solution to help with this thought process. MyAnalytics provides insights into two of the key factors in personal productivity.

How do you spend your time and who do you spend it with?

It can be hard to go deep on your most challenging work when you are distracted by back-to-back meetings and endless notifications.

Want focus time every day? Plan your week!

By blocking just 2 hours of time for focused work into your calendar every day, you can get more done in less time, master your task list, and unleash your creativity. Block some time out to finish the report for your director, write that blog post about productivity, get that proposal out before your competitor swoops in…

MyAnalytics helps with automation. It reserves time automatically, reduces distractions by muting Teams chats and provides weekly reports that show focus trends that allow you to plan ahead.

Your time in meetings should matter.

In case you can’t escape an invite to a meeting, make sure to make the most of it. Set expectations, clarify goals ahead of time, have an agenda – it sounds so obvious but enforcing it will lead to a more efficient team.

Network

When was the last time you solved a massive problem all by yourself? Meeting new people and communicating with them helps with new ideas, different angles to problem-solving and quicker results. The key is healthy, productive communication – internally and externally.

Are you growing your network?

The MyAnalytics Network page shows how many people you actively connect with in the last month and gives you suggestions on how to improve connections with your most important contacts, such as your manager or your direct reports.

It also shows your top collaborators in either a map or list view, enables you to view details about the important people in your network and suggests people to add to your important list of people and grow your network.

Have a look here for more information.

Wellbeing

Working from home (I know…it’s probably the first time that someone picked this topic…) came with a bunch of challenges. People work whenever their phone rings, inevitably more than their contractual hours. This leads to a disconnect from friends, partners, family and leaves individuals even more isolated than the lockdown already did.

“People who disconnect daily from work, report lower levels of stress and anxiety.”

While more and more restrictions are being lifted, “old habits” take some time to exit the new work culture. So, in reality, we need to find a consensus that keeps friends, colleagues and customers sane and mentally healthy.

Summary

Be smarter with your time and other resources. Not every meeting needs the whole team to be involved, especially not when nobody planned it.

Not every Teams chat message needs to have top priority. Switching between tasks costs time and leads to worse results – literally a lose/lose scenario.

Make sure to take the breaks that you need to make your working hours matter. Your family and friends will thank you for it, so will your mental health.

Your network is your biggest asset. There is nothing wrong with collaboration if done right.

Use Microsoft MyAnalytics to improve your working habits.