The title

Month: September 2016

Is Your IT An Investment Or An Expense?

In the course of our work with business owners and senior management of organizations with less that 200 staff we see many recurring issues.  We have been this doing since 1996 and over this time the same challenges continue to crop up. A common theme is this:

“We know that as an SME we need to use every resource available, and we also know that IT can be a key enabler in business development and productivity – but we don’t know how to do it….”


Critical Questions

 

  • How do we ensure that we are making the most of our IT?
  • How do we choose a technology direction and platform to support our core business direction?
  • How do we know what needs to be upgraded or replaced? [AND where and when?]
  • How do we ensure that our expenditure on IT is an investment and not just an expense?
  • How do we maximise our ROI in IT?

The Fundamental Issue

 

Because SMEs are too small to be able to afford a full-time IT Director the business owners do not have the knowledge and understanding of expected technology life cycles to devise and execute an informed strategy they are unable to make informed choices and decisions about upgrades and replacements.

The consequence of this is that they are exposed to the core business impacts of software and hardware failures. This is a major risk and exposure to their core business.


Virtual IT Director – the PASR solution

 

Business owners of companies with under 200 staff do not have access/budget to have an IT Director. We provide this as a virtual/part-time service giving the business owner appropriate advice for their business situation. If you would like to discuss this and what it could mean for your business, please get in touch.

Since inception in 1996, PASR Technologies has been providing SME business owners with a level of service and support to the SME business owner that is typically only directly available in very large organisations.

Servicing businesses from 10 to up to 200 employees, our clients range from local SMEs through to regional offices of larger MNCs, and include airlines.

At PASR Technologies, we solve your IT problems before you even realize you have one!

 

Who Manages Your IT?

A recent study which investigated IT in SMEs quotes a senior manager of an accounting practice:

“We have had trained IT staff once. Like in any accounting firms there is always staff turnover. In the past we had two very good people that were very knowledgeable about computers. I got  the management function of IT in the firm by default when they left”.

We work with business owners and senior management of organizations with less that 200 staff providing a one-stop shop for all their IT infrastructure needs. We have been doing this since 1996. Over this time we regularly come across the same, repeated concerns facing SME management. Regardless of business sector, the same challenges continue to crop up. One of the biggest issues is: “Who manages the company’s IT?”

For large companies with over 10,000 users it is easy – they have an IT Director with a fully staffed IT department to cater for all their IT requirements.

The challenge is that managing IT in an SME environment of under 200 users is not a full time job.

When you have 10 (or 100) staff, it’s a much more difficult question. So who actually does it?

As with the accounting firm mentioned above, it is almost certainly undertaken on a part-time basis by a manager or director with other responsibilities. But this approach carries risks and can have a detrimental impact on the business.


The business impacts of “part-time”/dual function IT management

 

Let’s briefly consider 3 typical scenarios:

[1] If, as an owner-manager, you do it yourself it takes time, and that means time away from building your core business. This also assumes that you fully up-to-date in the IT field, and staying up-to-date takes even more time – i.e. time away from your core business. Conversely, NOT staying up-to-date can also have a negative impact on your business. So the reality is that is a “catch 22” situation.

[2] If one your staff members does it, assuming they are sufficiently ‘up to speed’ with IT to provide support, they also lose valuable time and that distracts them and diminishes their core value to your business.

[3] Or, maybe like many companies, you have a guy who comes in as and when needed to deal with problems on a one-off basis. This can work out fine when dealing with the “known knowns”  – BUT [and this is a very big “but”] what about the “unknown unknowns”? For example, how do you deal with the problems that you don’t know about, like security, malware protection, data leakage?


If you would like to discuss this issue and what it means for your business, please get in touch. Since inception in 1996, PASR Technologies has been providing SME business owners with a level of service and support to the SME business owner that is typically only directly available in very large organisations.

Servicing businesses from 10 to up to 200 employees, our clients range from local SMEs through to regional offices of larger MNCs, and include airlines.

At PASR Technologies, we solve your IT problems before you even realize you have one!

 

The True Cost Of “One-Off” IT Support

To many small business owners it may seem perfectly logical to bring in an IT support specialist as and when you have an identified need. But the reality is that the one-off approach to IT support issues leaves many holes and doubts and it can prove expensive.

We work with business owners and senior management of organizations with less that 200 staff providing a one-stop shop for all their IT infrastructure needs. We have been doing since 1996. Over this time we regularly come across the same, repeated concerns facing SME management. Regardless of business sector, the same challenges continue to crop up.  One of the big recurring issues is to do with the cost – the true cost – of one-off IT support.


“We don’t know what we don’t know…”

 

This issue of the true cost of one-off support falls into the “we don’t know what we don’t know” category.

For many owners of small businesses, dealing with IT support and maintenance is  the same as dealing with car maintenance. In other words, it’s OK with the “known knowns” e.g. a printer isn’t working/a tire is flat, BUT how do you deal with the “unknown unknowns”? How do you deal with the problems that I don’t know about, like security, malware protection, data leakage?


A lack of consistency leads to cost in-efficiency

 

Over reliance on “one-off” support can expensive. Here is a typical scenario:  You have a problem, for example User A can’t print, so you get external technical support to come in and fix it. They update the printer software and get User A printing and leave. BUT, the very next day, Users B & C can’t print either, so you call the IT support people back in again for yet another fix ….AND yet another fee!

The business impact of your over-reliance on one-off support means that you do not have the consistency and cost efficiency of a centralised and holistic approach that would instead install printers centrally, and roll out appropriate changes and updates to all users via a centralised policy.

Two further examples of how the small business owner’s lack of knowledge is a big exposure for the business:

[1] You bring in external IT support to solve a problem and yet they break other components…and you have know way of knowing.

[2] You can’t determine whether quotes to repair/upgrade are valid, realistic and appropriate.


If you would like to discuss this issue and what it means for your business, please get in touch. Since inception in 1996, PASR Technologies has been providing SME business owners with a level of service and support to the SME business owner that is typically only directly available in very large organisations.

Servicing businesses from 10 to up to 200 employees, our clients range from local SMEs through to regional offices of larger MNCs, and include airlines.

At PASR Technologies, we solve your IT problems before you even realize you have one!

 

The Black Art of SPAM Prevention

Most organisations today categorise email as mission-critical to their business, and so the ability to reliably send and receive emails receives a lot of attention from us. However, as we are all aware, the amount of junk mail – ‘SPAM’ – received is a continuing annoyance.

A quick check of our servers shows that over the past three months, a massive 53% (of nearly 1/2 million emails) of all emails received were suspect. Now obviously it would be great if we could simply block such messages, but detection of SPAM is more a black art than a defined science, and so SPAM filters must be continually adjusted and refined to ensure all real/valid emails get through (zero false-positives) while all SPAM is blocked. We could simply turn off SPAM filters, but generally this would result in 50% extra emails reaching each users’ inbox – a situation no user wants to contemplate.


Breakdown of the 53% Suspect Emails

 

Breaking down the above 53% shows that:

  • 2% of all emails contain malware – Viruses, Trojans etc – we definitely do not want these passed through.
  • 31% of all emails are from known spammers  – we want these blocked automatically, but as some users want to see some of these, we need to provide a mechanism whereby they can be retrieved.
  • 20% of all emails are where we have to be somewhat creative and apply our black-art talents to separating the wheat from the chaff, and it’s this 20% that seems to cause the most questions and mis-deliveries.

How to determine the validity of incoming email?

 

So what ‘black arts’ do we employ to determine the validity of this 20% (90,000) of messages? Essentially, each and every message is tested and given a Spam Confidence Level (SCL) score, and when it gets above a defined level, it is tagged as SPAM. Virtually all anti-SPAM solutions – whether in-house, or in-cloud, software-based or appliance-based – employ some or more of the following checks:

  1. Reputation of Sender:
    1. Is the sending server on a blacklist? This occurs when a recipient reports receiving SPAM from a server, and is placed on one or more of the 100+ blacklisting organisations.
    2. Is the sending server properly set up with a fixed address – determined by whether it has a Reverse-DNS (RDNS) entry. (Spammers will use arbitrary/impermanent servers).
    3. Does the sending organisation designate approved sending servers – via the Sender Policy Framework (SPF) stipulated in DNS
  2. Message Content:
    1. Does the message subject or content contain known SPAM-like words – such as ‘Drugs’, ‘Viagra’ and so on.
    2. Does the message contain multiple languages, such as combined English & Chinese?
  3. Message Distribution:
    1. How many recipients is the message sent to? More than a handful generally means the message is more likely to be Unsolicited Commercial Email (UCE).
  4. User Overrides:
    1. Has a given user either black-listed or white-listed a particular address?
    2. has a given user chosen to be more or less aggressive in their application of the above checks?

How to ensure that emails we send get read?

I trust from the above readers can get an idea of the issues we face in categorizing SPAM for delivery, and I trust that readers will also see that it’s very much an imperfect ‘guesstimation’ at best, and there is little as recipients we can do to more accurately qualify messages. But what should we do to ensure that messages we send get the highest possible chance to be delivered?

  • We MUST have adequate malware protection for inbound emails, and ideally also scan outbound emails for malware to ensure we do not compromise our message recipients.
  • We must properly designate and authenticate our outbound servers – via RDNS, SPF – and ensure all mails from our domain are sent only from these servers. This may not be just your corporate email server: – we must also check any other servers that send emails on behalf of our domain: -for example if our website sends emails, then it must also be properly designated and authenticated.
  • We must regularly check that our sending servers have not been blacklisted.
  • If we regularly need to send messages to more than a handful of recipients, we should consider using a third-party service rather than send such ‘mail-blasts’ through our own servers – which reduces the likelihood of getting our servers blacklisted.
  • If we send Unsolicited Commercial Email (UCE) as a Singapore organisation, we must ensure the subject line contains <ADV> and we must provide (and act on) an unscubscribe link – to ensure we comply with legislation, or otherwise face the risk of legal action against us.

If you would like to discuss this issue and what it means for your business, please get in touch. Since inception in 1996, PASR Technologies has been providing SME business owners with a level of service and support to the SME business owner that is typically only directly available in very large organisations.

Servicing businesses from 10 to up to 200 employees, our clients range from local SMEs through to regional offices of larger MNCs, and include airlines.

At PASR Technologies, we solve your IT problems before you even realize you have one!

 

© 2022 PASR Technologies Pte Ltd

Terms & ConditionsPrivacy Policy

Support

Support Hotlines

Email: support@pasr.net

+65 6340 1017 (Chat only)

  • Singapore

    9635 6482