By Bernard Collin, CEO, SafeComs
Taking back Control of your Data and Systems
A new approach to developing a “Trouble Free Work Place”.
We are creating a better work environment where fixes don’t depend on a reactive model witnessing damage already caused and finding issues after they have already turned into painful problems. Instead, the challenge is to provide stable applications, a safe access to critical data and implement policies you can control. This is the new challenge; in today’s world, many companies struggle with poor IT systems and procedures to support their business. Here are some of the cases that exist regularly.
IT Support externalised – Issues
1. Internal IT support: execution is often limited to very basic support
There will always be a need to externalise the function for elaborate or complex issues. Depending on their sizes, companies will organise some level of internal support, but this will mainly be limited to basic support level. It is nearly impossible to find a good level Engineer who will remain in a stable position when the majority of his time is spent answering low level user requests. If now you think you could find a very good engineer, paying a high-level salary for a basic support job is not really the best investment.
2. You are on a calendar for onsite visit.
IT support is often organised on a calendar of interventions, if your problem falls after a visit, you need to wait for the next one or accept a higher cost for urgent intervention and unplanned maintenance, and you will suffer the damage until then, hoping it will not propagate further.
3. You fix problems only after the damage they create become visible.
Support is only called after a problem is discovered, or because it became serious enough to require immediate intervention, which due to planning is not always possible. A problem left unattended for any length of time tends to escalade in a much bigger issue, especially if it triggers or propagates to other systems.
4. You have a seemingly low service fee charged monthly, but each incident is an aditional cost.
Your cost is of a fixed amount, calculated on the regular visit of a standard level engineer. The amount is constant until a major issue is discovered, and then extra time is required (at a likely higher rate), leading to an expensive corrective intervention and a fear by management to engage their IT resources until the last moment.
5. Whom do we send this week?
It is always difficult to get the correct level of engineer for your planned onsite visit because potential issues are not known yet. So, your supplier dispatches a standard service engineer, but the job that he notices requires advanced skills on SharePoint or MS 365 or Active Directory, and he is not effective for this type of intervention. This ultimately leads to delayed resolution and, likely, an environment that
does not comply with best IT practices.
6. You pay even if there is nothing to do, on the surface
Occasionally, the engineer will show up to have a conversation with your staff and look at what issues they are able to fix or improve, and sometimes you pay them for a conversation with your staff, as they have no issues yet discovered to solve.
Impact of the current model
A major incident never happens in isolation. It is the compounding of successive issues that will lead to a catastrophic failure when given time to propagate and escalade. A swift correction at the right time is usually all it takes to prevent a costly incident.
Current IT model do not handle this very well, first there is no real time monitoring of activities to detect small problems in their initiation phase, there is no automated timely checks on security and filtering elements to validate their effectiveness, there are no locking mechanism of vital elements as soon as a suspicious activity is detected.
In the majority of the cases, the moment companies seem to realise the size of the problem is only after the tip of the iceberg becomes visible and the damage underneath is already massive. Corrective action is inefficient when critical issues cripples the company network with either a partial or worse total loss of data, limited access
to critical system or locked IT network and third-party software unavailable.
Ultimately, as soon as the damage becomes visible, the client and outsource company enter into repair mode. This is when the business interests for the parties goes on two diverging ways.
- The company owner requires the fastest quick fix and needs to get back in business as soon as possible with a minimal downtime or limited loss and intervention cost controlled as tight as possible.
The company needs quick access back to their data, hopefully in perfect condition
- The IT support company on the other hand has other already planned customer interventions, will need to prioritise differently based on urgency or level of damage, and they also make money for the duration of the intervention.
- You will also get the first engineer available, not the choice you would hope for.
A better model to consider
The first element to consider is prevention.
There are a lot of signals that emanates from all your network elements and computers, and a constant monitoring coupled with great tools analysis can be extremely valuable to determine what might be developing on your network. Issues can be dealt with swiftly and before there is a risk of escalation or any damage can happen.
The efficiency of prevention depends on 3 factors
a. A correctly set up environment1, with adequate protection, processes and quality systems
b. Constant efficient monitoring with effective classification of issues
c. Alerts to be directed at the appropriates skilled person
Once this is in place, detection of events that could lead to issues can be immediately handled, hardware with regular failure rate can precede an imminent break up and will be replaced before it happens. New issues found on the Internet can be immediately detected and trigger the delivery of patches or change in configuration to make the system safe. Abnormal traffic or behaviour can be detected and lock immediately.
1. Environment: there could be some initial investment in infrastructure if the current environment does not comply with best practices.
The second element is Remote Management
Remote Management and Connection is the set of tools needed to immediately and correctly resolve over 90% of the issues. Our engineers can assign the responsibility of the remote tasks based on the set of skills and availability.
Resolution of issues is immediate2; the damage is avoided or in the worst case contained and limited. Cascading effect of problems will not happen, and faulty elements will be isolated. There is always a pool of engineers available to analyse and repair, and in some cases to determine that onsite presence is to be deployed.
2. Immediate: Currently M-F, normal business hours
Escalation and remediation
In case the remote management does not fix the problem, Engineers will be dispatched onsite, responding within agreed SLAs. Escalation will not trigger additional costs3 as it is our way to compensate you for your trust in our model.
We will draw with you our plan of actions to get your system backup as quickly as possible, and in most cases a recovery path would have already been set in place.
3. Costs: Depending on Customer location from city centre, a transportation charge may apply
A real Win-Win strategy
In this new challenge, the Support organisation together with the client both gain from low frequency and no incidents at all. The Support organisation because their level of work is constant and perfectly organised when they managed to avoid incidents for a constant compensation plan agreed with the client, and the customer is in a perfect environment to operate where the systems are all fully operational for a very predictive cost.
The penalty of a down time impact both the same way, the support organisation because they need to supply the manpower onsite to fix the problem till resolution without collecting additional revenue, and the client because his systems are not operational.
We are in this together as Partners.
Bernard Collin is the CEO of SafeComs, originally established in 1999 in
Australia with a strong focus on computer security in the SME and Enterprise market.
Bernard has been a resident of Thailand since 2003 when he moved from Sydney Australia to Bangkok to open Asian branch of SafeComs in a joint venture with LOXLEY. In 2005, SafeComs left LOXLEY to become a BOI company taking full ownership with foreign investments. Today SafeComs hosts 2 separate divisions with a common objective: Control of your Data, Systems, Process and Activities:
• IT support and Security, with a unique approach closely tying the interest of the client to those of the supplier in a win/win strategy, using a preventive main tenance approach and offering free interventions in case of issues.
• Software development featuring a global ERP in partnership with Odoo.com, a Belgian company, offering comprehensive vision over your business and control of your activities and results in real time.
SafeComs has received multiple awards, from SIPA, Red Herring, the Belgian Chamber of commerce, as well as being finalist for the Best SME of the Year with the Australian Chamber of Commerce.
Prior to SafeComs, over 10 years, Bernard was the CEO of Pacer Software inc. in Europe. He also served as European Marketing Manager, for Digital Equipment. Earlier, he was GM of Apple Belgium. Bernard holds a degree in Nuclear Electronics from the Institute of Nuclear Sciences in Brussels. He also holds various certifications on Network analyzers and Security programs. He is a private pilot and as a hobby, used to build ultralight aircrafts in the south of France.