Category Archives: Business

Comprehensive endpoint device security management

The variety of ways workers are now connecting together and to the web to work more effectively continues to grow.

 

As the connections expand, so do the steps that need to be taken to ensure those connections communicate with the network in a secure fashion.

Because employees increasingly are using mobile devices to connect to the corporate network, this puts pressure on IT to provide endpoint security and device management solutions that make sense for both the mobile worker and the enterprise.

Research firm IDC predicts that the number of mobile workers will increase to 1.19 billion by the year 2013. The variety of devices that these workers use to connect to the network will also continue to grow.

According to the iPass 2011 Mobile Enterprise Report, 73 percent of enterprises allow non-IT managed devices to access corporate resources. This is a figure that is likely to get larger as 83 percent of firms said they expect to support Apple’s iOS, while 77 percent anticipate supporting Android-enabled devices.

Each mobile device provides its own set of security vulnerabilities. Additionally, mobile equipment has less evolved security applications – most have no anti-virus or anti-spyware protection on the devices themselves. So endpoint devices are among hacker’s preferred targets.

According to the Juniper Networks Malicious Mobile Threats Report 2010/2011, there was a 400 percent increase in Android malware between June 2010 and January 2011.

To take advantage of the productivity offered by web-enabled endpoint devices, including laptops, smartphones and tablets, it is essential that firms adopt policies and procedures that protect enterprise data while enabling staff to use the mobile devices that best fit their needs.

Use Best Practices for Endpoint Security Solutions
There are a number of established best practices for endpoint security management- among these observances are:

  • Require the staff to sign policies and usage statements for all endpoint devices, including those owned by the business and employee-owned equipment. Policies and usage statements should clearly state the security and support that IT will provide, so it is responsible only for those apps and services that IT delivers and approves.
  • Use the cloud layer to route all network requests such as email and server access to block security threats before they can do any damage.
  • Place security solutions in the cloud. This method enables the enterprise to provide central endpoint device management and security rather than going to each device to install security applications.
  • Use the cloud layer to provide authorization capabilities, allowing workers to access different areas of the network, depending on their needs. For example, an auditor might need access to sensitive corporate financial information, while a customer service representative would need to access customer transactions.
  • Delete corporate information from endpoint devices in the event that they are lost or stolen or if the employee’s relationship with the company ends. The Juniper malware study reports that 1 in 20 mobile devices were lost or stolen.

Tips for Write a Business Plan

If you, like many entrepreneurs, are time rich and cash poor, option 1 quickly removes itself from the equation, given the cost of having someone write a plan for you.

You are then faced with the choice between using Business Plan Pro or building everything yourself, from scratch, in Microsoft Word and Excel. Why are we not recommending other business plan software options? Because Business Plan Pro is the best business planning software available – without exception. Palo Alto Software (the maker of Business Plan Pro) has a proud history, has had category leadership for years and has extensive lists of testimonials and independent reviews on the website, all corroborating this view. By all means, consider other software options; however, we are confident that your own analysis will reveal that Business Plan Pro stands head and shoulders above the alternatives.

When it comes to using Word and Excel there are undoubted benefits – not least the fact that they are ‘free’ in the sense that they are bundled on most PCs. The interface is also familiar, given the popularity of their use. However, while these tools are excellent when you know exactly what you need to produce, they offer negligible assistance when it comes to producing specific content, such as that required for a business plan. If the purpose of the business plan were simply to jot down a few notes to keep you on track, they would suffice. However, if you intend to circulate the plan to peers, colleagues or prospective investors, you will need to produce a plan worthy of your name. After all, you are the author!

Here are the reasons why we believe that using Business Plan Pro is the easiest way to write a business plan:

1. Offers significant time saving

Business Plan Pro was designed to help you write a plan as efficiently as possible. It comes with extensive help, lots of examples and expert advice.

2. Provides the structure

Business Plan Pro walks you through a list of specific tasks, step by step, in stark contrast to the blank screen and flashing cursor you face when you create a new document in Microsoft Word.

3. Includes hundreds of examples

Business Plan Pro includes over 500 sample plans so you can browse plenty of examples to help give you ideas.

4. Ensures you do not leave out any sections

Over ten years of history means that we know what sections to include, where they should appear in the document and what you need to put in them.

5. Makes the numbers part easy

We recognise that while compiling the financials is an essential part of any plan, it is a very challenging area. We have simplified this process with the inclusion of easy-to-use financial wizards and automatic calculations, linking together all the financials from Start-up costs to Sales Forecast to Personnel Expenses to Cash Flow to Profit and Loss.

6. Free support available

Alongside the extensive in-product help, we also offer a free support line and a comprehensive help facility on our website.

7. Signposts relevant resources at appropriate points

The software also includes links to relevant local resources where you can read specific advice on any areas with which you need further assistance, including trademarks, company formations, and more.

8. Designed specifically for producing a business plan

Whereas Microsoft Word is a general purpose tool, Business Plan Pro is designed specifically to help you write a business plan with the least amount of hassle.

Business Solutions Ideas

Many SMBs and SOHOs are walking away from their traditional phone companies and moving to the Internet for their telephony needs. In tech jargon, they’re switching from POTS (“plain old telephone service”) to Voice over IP (VoIP, pronounced as one word). Read on to find out what it is, why you should use it, and what to watch out for.

 

VoIP lets you make phone calls over the Internet with a number of advantages over your landline. It gives you low calling rates, especially when making overseas calls; excellent voice quality, rather than the muffled squawk of a traditional phone; and extra features (or easy access to the hard-to-use features you already have).

A phone using VoIP is different from a regular phone; instead of connecting to an analog phone line, it connects to a computer. That computer is usually called a VoIP gateway, and it’s the bridge between the handset and other telephone users.

 

Breaking it Down: VoIP Types

Cloud vs. Local

The gateway connects you to the regular telephone network, or to other VoIP users. Your gateway might be on-site, or it might be a hosted service—“in the cloud”—that you connect to via the Internet.

Running it yourself might be a good option if you have the expertise in-house, but for most people, a service is the simplest and least expensive option.

 

Which System?

Classical VoIP is based on Internet standards like SIP and RTP. The best-known example of a commercial service like this is Vonage; the best-known in-house product is probably the Cisco UCM Suite.

Some newer systems are based on a different standard, called Asterisk. This is a robust, battle-tested system supported by many vendors, including Fonality.

(Normally, you can ignore all this nerdy alphabet soup, but it’s helpful to know which standards your system uses, in case you ever need to know about compatible add-ons.)

No discussion of VoIP software would be complete without mentioning Skype. It’s probably best known as a consumer-focused, free, peer-to-peer service, but the company also offers a service aimed at businesses of all sizes. It’s not just a program you run on your computer; you can also buy dedicated desk phones that work with Skype.

 

Security

One of the advantages of VoIP over regular phone service is the extra security. In the VoIP world, voice scramblers aren’t just the preserve of the military.

It’s similar to working with a secure website, such as your bank. By enabling encryption, you get privacy for your business communication, plus authentication (i.e., protection against call rerouting).

Risks of managing remote workers

Visions of kicking back and working from the beach with a piña colada in one hand and an iPad in the other are no longer just flights of fancy for many workers. Businesses are finding that it really is possible for employees to work remotely on their own devices without losing any productivity.

 

As a result, many companies are measuring the benefits of employees working remotely against the logistical issues inherent in developing a mobile device management plan.

There are many tangible benefits of BYOD (Bring Your Own Device), including:

  • Reduced equipment costs
  • Increased employee satisfaction and efficiency
  • Decreased IT staff burden (since employees maintain their own equipment)
  • Reduced office space square footage (as workers are mostly off-site)

The risk in BYOD is that these devices can potentially expose security vulnerabilities not directly supervised by IT staff or addressed by corporate antivirus solutions. This is where the need for mobile device management comes in.

 

A new landscape of threats

Tablets and smartphones are arguably less secure than desktop PCs and laptops because they lack pre-installed malware protection. Most computers include at least a trial version of an antivirus suite, but for the newest mobile gadgets, individual users and IT managers are on their own to search for and install mobile endpoint security management.

This vulnerability has not escaped the attention of hackers, who unleash creative new threats like SMS text messaged-based attacks on a daily basis. The old-school virus, while still annoying, does not hold a candle to the damage caused by these new approaches in cybercrime, which include more sophisticated Trojans, keyloggers, phishing attacks and malicious apps than ever before.

 

Maintaining security while not breaking the bank

Enforcing a ban on these devices is a near impossibility, but there are options for businesses on a tight budget to maintain security:

  1. The first cost-effective step is to immediately establish protocols regarding these devices in the workplace, including guidelines for acceptable use, forbidden applications and how to avoid dangerous activities, such as browsing certain questionable sites while connected to the company’s Wi-Fi.
  2. Next, evaluate your current solutions to see if they can be modified to protect BYOD devices through password enforcement, remote wiping or other protective measures.
  3. If the quantity of devices or sensitivity of data requires a more robust solution, explore whether the use of Mobile Device Management (MDM) software makes sense. MDM provides a centralized platform to manage all BYOD devices and is recommended if IT personnel are spending an inordinate amount of time securing tablets and smartphones – or if the sheer variety of devices and new threats tests their expertise.

Giving Up Control Is Key to Creating Value

In the two years after Lew Cirne founded Wily Technology in 1997, he assembled an experienced executive team, hired 50 employees, and raised two rounds of VC funding. But he also had to relinquish three of five board seats to his investors, who promptly decided that Cirne should be replaced by a CEO with a stronger business background. CA eventually bought the firm for US$375 million — a far larger haul than Cirne could have brought in, as he admitted. But the founder was still chagrined about the early decisions he made that led to his ouster.

Whether in Silicon Valley or any of the other startup hubs around the world, Cirne’s dilemma is all too familiar. To grow their firms, founders desperately need financing, skilled employees, and the kind of “social buzz” that makes investors reach for their checkbooks. But the more investors or key hires who come aboard to provide much-needed resources, the more autonomy the company founder must surrender. Founders face a trade-off between retaining control and increasing the value of a young firm.

According to a new study of more than 6,000 high-potential U.S. startups that launched between 2005 and 2012, how one navigates this early-stage founder’s dilemma has a profound impact on the firm’s long-term value. The more power retained by founders, the author discovered, the less valuable their companies are.

For every additional position of power a founder occupies (being both CEO and chairman, for example, as opposed to controlling just one of those roles), the company’s value decreases by between 17.1 percent and 22 percent. The author also found that startups whose founders retain an additional level of power see a 35.8 percent to 51.4 percent decrease in the amount of financing they raise, depending on which variables he used to measure a founder’s control.

But this trade-off effect kicks in only after three years, at that delicate stage in which founders’ technical expertise or visionary outlook typically become less crucial to growth than the resources a firm has attracted.

Tips for Writing a Business Plan

Writing a business plan can seem a daunting challenge. However, this skill is a vital requirement for any entrepreneur or business seeking to increase their chances of survival. Here is a list of my top ten tips for writing that winning plan:

1. Write from the audience’s perspective

The starting point for any business plan should be the perspective of the audience. What is the purpose of the plan? Is it to secure funding? Is it to communicate the future plans for the company? The writer should tailor the plan for different audiences, as they will each have very specific requirements. For example, a potential investor will seek clear explanations detailing the proposed return on their investment and time frames for getting their money back.

2. Research the market thoroughly

The recent Dragons’ Den series on BBC 2 reiterated the importance prospective investors place on knowledge of the market and the need for entrepreneurs to thoroughly research their market. The entrepreneur should undertake market research and ensure that the plan includes reference to the market size, its predicted growth path and how they will gain access to this market. A plan for an Internet café will consider the local population, Internet penetration rates, predictions about whether it is likely to grow or decline, etc., concluding with a review of the competitive environment.

3. Understand the competition

An integral component to understanding any business environment is understanding the competition, both its nature and the bases for competition within the industry. Is it a particularly competitive environment, or one that lacks competition? How are the incumbents competing—is there a price leader evident? Finally, including a thorough understanding of the bases on which you intend to compete is vital; can you compete effectively with the existing players?

4. Attention to detail

Make the plan concise, but include enough detail to ensure the reader has sufficient information to make informed decisions. Given that the plan’s writer usually has a significant role to play in the running of the business, the plan should reflect a sense of professionalism, with no spelling mistakes, realistic assumptions, credible projections and accurate content. The writer should also consider the format of the plan, e.g., if a business plan presentation is required, a back-up PowerPoint presentation should be created.

5. Focus on the opportunity

If you are seeking investment in your business, it is important to clearly describe the investment opportunity. Why would the investor be better off investing in your business rather than leaving money in a bank account, shares, or investing in another business? What is the Unique Selling Proposition (USP) for the business? Why will people part with their cash to buy from you?

6. Ensure all key areas are covered in the plan

Undertake research on what a business plan should contain; one good place to find this is at Bplans . Include sections on the Company, Product/Service, Market, Competition, Management Team, Marketing, Operations and Financials. The plan should also take on board the readers’ various preferences for viewing data. While many plans are predominantly textual, the plan should include some simple colour charts and spreadsheets.

Emergency Exercises Like Just Another Drill

It’s no secret that the world can be volatile and violent. Shootings and bombings in public places. Floods, fires, droughts, and other dangers amid an uptick in severe-weather events. Any of these could be a threat to your organization, its people, its customers, and its suppliers. And although senior executives contemplate the likely impact of these phenomena in risk-analysis meetings, far fewer take the time to participate in real drills, instead designating someone else as a stand-in. After all, it’s tough to get an operational dry run on the calendar of a CEO, CFO, or other executive.

That is an enormous mistake. Executives who let someone stand in during practice set themselves and their teams up for failure when the worst happens: The first crisis may be beyond your control, but that is not the case with the second, highly avoidable crisis that results from a fumbled response. Participating in a rigorous, well-crafted, scenario-based drill is the closest you’ll get to experiencing the emotional tension and challenging ambiguity of an actual event that may involve fatalities, skittish investors, and intense media scrutiny. I’ve seen many occasions in which seasoned executives who start an exercise confident, even joking, wind up sweating amid the flurry of high-stakes decisions to be made in a response drill.

If you are a senior leader, you don’t need to attend every exercise, but you should make time for at least one in your calendar each year. It is the only way you’ll know what to expect in a true emergency — and the only way you’ll be able to judge whether those engaged in the nitty-gritty of the response are capable of succeeding.

An exercise is your chance get to know your emergency team, how it works, and where you fit in. It is also a chance to ask seemingly naive questions. If you are wondering about something, chances are someone else is, too. A drill will likely trigger important realizations or gaps you wouldn’t have known needed to be addressed had you not been in attendance. It will provide a real window into not only what a crisis might look like, but what the recovery will be in the weeks after.

Here are three frames to help you get the most from your investment of time.

Understand the operational rhythm (and how not to impede it). The first 20 to 30 minutes of any response will be chaos. Incomplete and sometimes conflicting information will be flying around. Resist the temptation to try to assert control — the easiest way to create chaos is to take command when you aren’t fully versed in the plans and protocols the response team members are using. Instead, watch to see how long it takes for the team to get into an operational “battle rhythm” in which the team members are effectively processing information, making or elevating decisions, and taking appropriate actions. What you can do at this point is ask how you can be useful.

A critical benefit of taking part in an exercise is trust building with security and safety managers with whom you might otherwise not have much chance to interact. In an actual incident, you’ll need to count on them, and they’ll need to be comfortable with you.

Learn what questions you’ll want answered. A good drill exposes gaps that lead to learning. For example, in the Deepwater Horizon oil spill response, where I did several days of field research, responders were prepared to provide Gulf-wide information on resource allocation — but elected officials wanted those details on a state-by-state and parish-by-parish level. An enormous effort was required to retool the mechanisms for more detailed reporting on resource allocation. That need could have been learned of and addressed ahead of time had those officials attended more drills.

Reduce Your Investment In Endpoint Security

Trojans, worms and spyware sound like elements straight from a summer blockbuster, but the kind of action/adventure they provide on your PCs, Macs, smartphones and tablets make them more like a horror movie.

By deploying effective endpoint security, you can help prevent attacks and keep your users safe from viruses and other malware, such as spear phishing and advanced persistent threats. Today’s  state-of-the-art endpoint security has come a long way from its early roots in “antivirus” and has morphed into a complex suite of sophisticated protections against modern threats.

 

But good protection isn’t free; so, how can you save money, while still protecting your computers? Here’s how to reduce your investment….

 

Keeping users safe

In an ideal world, users would be perfectly security conscious. These mythical users wouldn’t:

  • Click on suspicious links.
  • Open file attachments emailed by criminals pretending to be their friends.
  • Respond to phishing messages that appear to be from a bank.
  • Disable software updates because warnings and reboots are annoying.
  • Disable a security product because it slows down their PC.
  • Install free software from an untrustworthy developer, because their friend liked it on Facebook.

Sadly, our world is less than ideal. Much, much less: A recent report said that 86 percent of U.S. businesses surveyed had lost sensitive data during the previous year.

User awareness training helps, but it isn’t sufficient. That’s why your endpoints need securing. Doing so helps prevent your users from accidentally exposing sensitive business information, such as your  banking credentials, secret-sauce recipes or future product plans.

 

Save time and money on endpoint security

Your challenge is to protect your users while minimizing costs: How do you save time and money, while keeping your company safe?

Look for a modern endpoint security solution – not one thrown together from an old antivirus program and a fresh coat of paint.

The function that knows your company best

Tax discussions have the rare power to put senior executives to sleep yet keep them up at night worrying.

Business leaders have traditionally compartmentalized tax management as a compliance function, a complex specialty ceded to the experts. Although some C-suite executives have begun to realize that the tax function plays an important role in their overall strategy, it tends to operate relatively independently. When taxes do force their way onto the agenda of the CEO or the board, it is often in the context of bad news. Consider the uproar in the U.S. in recent years over corporate inversions, in which a U.S. company avoids paying U.S. taxes by buying a foreign company and moving its own headquarters overseas. And with the promise of some kind of tax reform under the Trump administration, the only certainty is that corporate taxes will continue to be headline fodder. On the other side of the Atlantic, the European Commission’s rulings against perceived cases of “state aid” in the form of favored tax treatment of certain companies can be costly to companies that are required to pay back their tax savings, as well as damaging to their reputation.

But to assign tax management entirely to a compliance role is to miss an important opportunity. In fact, executives should move quickly in the opposite direction: They should pull the tax function out of its silo and integrate it into the company’s daily operations. This function gathers data on every part of the business, including employees, assets, and intellectual property, in all territories. It’s one part of the organization where, at least once a year, you can be certain to find a comprehensive accounting of the entirety of the business.

This overarching perspective, of course, isn’t just “nice to have”; it’s increasingly necessary if companies are to communicate effectively with regulators and tax authorities. For example, multinational organizations are facing unprecedented challenges in the global tax environment as governments require greater tax transparency in the countries where they operate. Moves toward digitization of the tax system in a number of countries — Russia, Mexico, and Brazil are among those at the forefront — are also giving government tax authorities unprecedented amounts of transactional data about companies, often in real time. Since the tax function is gathering all this information together for regulators, it behooves the organization to use it more effectively in its own right. Thus, it is becoming a best practice to view the tax function as a strategic partner, one helping to set business priorities and giving the company a competitive edge. Otherwise, the tax authorities might have more insight about your company’s data than you do.

Save money with cloud computing

Why move to the cloud? There are plenty of good reasons, but mainly it makes good business sense. You can call it efficiency, or call it doing more with less. But whichever spin you prefer, cloud computing lets you focus on what’s important: your business.

Cloud computing can be used for almost all types of applications, not just business security. While the idea of cloud computing can sometimes seem hard to grasp, it’s clear that it saves its users money – especially SMBs, including small office/home office (SOHO).

 

Plenty of oh-so-clever industry people will tell you what cloud computing is and isn’t. Here’s my simple view: It’s what we used to call software as a service (SaaS), but it’s set up so it’s easy to switch on, simple to expand and contract, and usually has a usage-based pricing model.

Read on to discover why moving to the cloud will save you money in five ways (six, if you’re picky)….

 

1. Fully utilized hardware

Cloud computing brings natural economies of scale. The practicalities of cloud computing mean high utilization and smoothing of the inevitable peaks and troughs in workloads. Your workloads will share server infrastructure with other organizations’ computing needs. This allows the cloud-computing provider to optimize the hardware needs of its data centers, which means lower costs for you.

 

2. Lower power costs

Cloud computing uses less electricity. That’s an inevitable result of the economies of scale I just discussed: Better hardware utilization means more efficient power use. When you run your own data center, your servers won’t be fully-utilized (unless yours is a very unusual organization). Idle servers waste energy. So a cloud service provider can charge you less for energy used than you’re spending in your own data center.

 

3. Lower people costs

Whenever I analyze organizations’ computing costs, the staffing budget is usually the biggest single line item; it often makes up more than half of the total. Why so high? Good IT people are expensive; their salaries, benefits, and other employment costs usually outweigh the costs of hardware and software. And that’s even before you add in the cost of recruiting good staff with the right experience.

When you move to the cloud, some of the money you pay for the service goes to the provider’s staffing costs. But it’s typically a much smaller amount than if you did all that work in-house. Yet again, we have to thank our old friend: economies of scale.

(In case you worry that moving to the cloud means firing good workers, don’t. Many organizations that move to cloud computing find they can redeploy their scarce, valuable IT people resources to areas that make more money for the business.)

 

4. Zero capital costs

When you run your own servers, you’re looking at up-front capital costs. But in the world of cloud-computing, financing that capital investment is someone else’s problem.

Sure, if you run the servers yourself, the accounting wizards do their amortization magic which makes it appear that the cost gets spread over a server’s life. But that money still has to come from somewhere, so it’s capital that otherwise can’t be invested in the business—be it actual money or a line of credit.

 

5. Resilience without redundancy

When you run your own servers, you need to buy more hardware than you need in case of failure. In extreme cases, you need to duplicate everything. Having spare hardware lying idle, “just in case,” is an expensive way to maximize uptime.

Instead, why not let a cloud computing service deal with the redundancy requirement? Typical clouds have several locations for their data centers, and they mirror your data and applications across at least two of them. That’s a less expensive way of doing it, and another way to enjoy the cloud’s economies of scale.