What hourly IT support means for your small business

By | QCS Group Blog

Choosing an IT support structure is a lot like choosing a treat from the ice cream truck (we’re going somewhere with this, we promise). Some people are Fudgsicle people, while others always go for the Rocket Pop. The point is that IT support comes in different flavours designed to suit various needs and budgets.

Small businesses, which understandably have smaller budgets for IT spending, typically opt for low-overhead options. Specifically, they usually go for an hourly business IT support model, meaning companies are only charged by the provider when they actually use IT services. With this method, also known as break/fix, companies have access to expert IT support when their technical needs exceed their abilities. Unlike with a managed services provider or internal IT support provider, however, there’s no commitment to pay for ongoing support. Hourly support is the ice cream sandwich of IT services: simple, classic and provides just enough to get the job done.

Reduced upfront costs

The big draw of hourly IT support is the cost savings. If calls to the IT support centre are few and far between in your office, this payment structure just makes sense. Ditto if you have an on-site IT team that’s able to handle non-urgent issues. As supplemental 24/7 IT support, hourly IT is a good idea. After all, your internal IT guy probably appreciates being able to take a vacation every now and then!

If your support needs are fairly insignificant or irregular, you’ll find a pretty powerful argument for hourly IT support in the form of dollars saved. MSPs offer consistent monitoring, strategic planning and routine maintenance—but nobody works for free, including business IT support providers. Opting for the hourly structure can reduce upfront IT costs, particularly if your budget for such expenses is extremely limited.

Unexpected maintenance costs

The downside to the hourly IT support method is that it’s often hard to predict when things will break. You may be breezing along, working with an out-of-the-box cloud storage solution and a few mobile devices and desktop stations when suddenly everything goes kaput. You can’t figure out how to back up your network, your Wi-Fi is on the fritz and—because when it rains, it pours—a couple of those trusty desktop stations decide it’s time they meet their makers.

The situation we just described may be extreme, but it’s not entirely unimaginable. After all, the break/fix method makes it difficult to budget for upgrading your machines, networks and servers. Instead of receiving regular maintenance, your systems and equipment will keep grinding along until something either give out or is diagnosed and “fixed” by nontechnical employees.

There’s obviously no way to predict when you’ll find yourself at the centre of a perfect technological storm. That said, regular system checkups by an expert can offer some insight into your equipment’s expected lifespan and may even help you squeeze out a few additional years.

Impacted productivity

A slow computer or network adds time to every task you undertake. Moreover, when members of your team take time out of their days to deal with network outages or computer issues, that’s time they’re not using to work on their core objectives, which translates to lost productivity.

When you don’t have a dedicated IT team at your disposal, the work of correcting computer issues often falls to other team members. With an hourly IT support structure, employees typically need prior authorisation to contact IT services, so it’s faster (and less awkward) to diagnose computer issues themselves.

The problem is that unless you happen to have an amateur computer whiz on staff, you’re trusting the livelihood of your equipment to someone who may not really know what they’re doing. Meanwhile, something that a pro may need 30 minutes to diagnose and correct can take an inexperienced employee a full day of Googling and trial and error. When you add up the resultant lost labour, your hourly IT support system could be costing you a great deal of money.

Calculating your actual IT costs

That’s not to say hourly business IT support isn’t a good fit for small businesses. There are several factors at play, including your equipment, the internal resources available, your budget and what you have planned for your IT in the future. However, given the number of hidden IT costs associated with the hourly model—equipment replacement, lost business during outages, reduced employee productivity, etc.—it’s likely worth taking a more holistic approach.

Tracking how much time you spend internally fixing IT issues and how frequently you replace and repair equipment will help you get a feel for the real costs of business IT support. However, the cost isn’t the only thing to consider when you hire an IT services provider.

Short-term savings that can lead to long-term IT costs

By | QCS Group Blog

Technology is often presented as a way to cut operational spending—after all, if you can get a machine to do the work of 10 employees, you’re definitely going to see some savings. However, when it comes to IT services and infrastructure, choose your savings carefully. Low-overhead IT solutions may cost less upfront, but opting for these services can come back to haunt you during an IT support or security event.

Most organisations spend very little on IT solutions as it is—small businesses dedicate an average 6.9% of their budget to IT, while enterprise companies spend a mere 3.1%. Considering how much a data breach or server downtime can cost you ($3.62 million and $100,000 per hour, respectively), choosing economy-grade equipment and IT support isn’t always the wisest choice.

An easy analogy comes from the grocery store. Sure, a two-pack of paper towels costs less upfront than a pack of 24, but when you really break it down, you’re spending a lot more per roll than you would if you bought the bulk package—and it’s not like you’re going to run out of uses for paper towels!

Similarly, businesses may shave IT spending by opting for limited services packages, but this often backfires spectacularly when there’s a need for more intensive, personalised support. If your server goes down or you can’t access mission-critical data, you might end up paying through the nose for hourly IT support. Here are some of the techniques businesses use to save on IT services and solutions, as well as why those strategies often boomerang when the heat is on.

Refurbished equipment: Is it worth the long-term costs?

The best computers and devices are as reliable as the dawn: They won’t conk out on you in the middle of a huge report or suddenly go down during your busiest day of the year. However, top-of-the-line equipment is expensive, especially if it’s brand-new.

That said, refurbished computers, server machines and other devices present an opportunity for cash-strapped businesses to save. You can often find refurbished laptops and desktops on sale for hundreds of dollars below retail price—but what you save in money, you lose in easy IT support, longevity and coverage.

Keep in mind that return policies for refurbished products are usually fairly limited. Under Apple’s return window, for instance, you have just two weeks to identify defects and send back the product. And Apple actually has one of the more lenient refurbished equipment policies out there!

If you choose to go down the refurbishment path, you’ll also face restrictions on your warranty. Most refurbished products are only under warranty for 30 to 90 days, and in some cases, the warranty may not even be applicable if the manufacturer doesn’t have a repair centre in your area.

Lastly, used equipment may need to be replaced or repaired more frequently, even though it’s been refurbished. This issue tends to particularly crop up with used laptops, which have older batteries that require charging more often and may even need to be replaced altogether. A malfunctioning hard drive is another common problem, and you’ll have to pay out of pocket to have it replaced. Even if you don’t experience problems with worn-out parts, older equipment obviously becomes outdated sooner than brand-new models. The question becomes: Do you want to save now or save later?

Break/fix and hourly IT structures: Will they cover your IT needs?

Sure, investing in refurbished equipment is a gamble, but it’s a low-stakes bet compared to opting for limited IT support. Break/fix and hourly IT support structures exist for businesses that have very minimal IT commitments—under this model, your business is charged only when you call IT support. Unlike with managed services providers (MSPs), which can provide you with 24/7 monitoring and other ongoing services, you won’t pay a fixed fee for IT services with the hourly model.

Break/fix models typically cost less, so they may appear to be saving your business money. The problem is that these pricing structures make IT spending unpredictable and difficult to budget. Additionally, hourly providers offer largely ad hoc IT solutions, so there’s little due diligence to ensure the overall security of your infrastructure and systems.

Break/fix and hourly IT solutions may do for the short-term, but there’s not much preventative work done to head off problems down the line. Furthermore, you won’t have the planning and strategic advice of an expert. All in all, think of your IT support choices as being equivalent to seeing the dentist: You’re probably a lot better off going every six months for a cleaning than only when you have a cavity.

Skimping on IT security: A bad idea by any measure

If it ain’t broke… you know the rest. Maybe that mantra works for the government, but in terms of IT services, legacy applications aren’t all they’re cracked up to be. Older software often introduces security vulnerabilities into your network, and because these flaws may not be discovered until after an application’s release, the set-it-and-forget-it method of technology management isn’t a very successful policy.

Moreover, it’s important to reconsider your business security any time you add a network component. Even if you have robust data intrusion detection, firewalls and other IT solutions, you could be putting yourself in a vulnerable position if your wireless devices don’t all follow security best practices. There’s also the issue of data security with outside vendors—your information (and your clients’ sensitive data) could be at risk if those vendors aren’t using proper encryption, access management and other data protections.

This is where MSPs excel by evaluating your network as a whole entity, auditing for security weaknesses in applications, devices and infrastructure. They can also provide user training to knock out security issues resulting from human error and will work with outside vendors to ensure your data stays protected even when it’s not stored on your own servers or networks.

New Data Breach rules are in effect. Is your business ready?

By | QCS Group Blog

As the new Notifiable Data Breach Scheme has come into effect on the 22 February 2018, there is now an onus on business to protect and notify individuals whose personal information is involved in a data breach that is likely to result in serious harm.

When most people think of data breaches, they think of sneaky virus attacks with employees being tricked into opening files allowing viruses to penetrate servers, but the reality can be much more mundane, plausible and preventable.

And it’s not all about IT systems. There have been numerous cases of hard copy records being disposed of inappropriately, sensitive data on USBs lost on the way home or machines being disposed of complete with data on the hard disk. (As a side note, did you know that QCS Group offers a service where your decommissioned hardware is disposed of securely?)

Who is covered by the data breach scheme?

The Notifiable Data Breach (NDB) Scheme affects organisations covered by the Privacy Act – that is, organisations with an annual turnover of $3 million or more. But, if your business is ‘related to’ another business covered by the Privacy Act, or deals with health records (including gyms, child care centres, natural health providers, etc.,), or is a credit provider, then your business is also affected.

What do you need to do?

Complying with these new laws means more than ringing the bell and notifying your customers and authorities when a breach occurs. Organisations are required to take all reasonable steps to prevent a breach occurring in the first place. This means putting in place the systems and procedures to identify and assess breaches and issue a notification if a breach is likely to cause ‘serious harm’.

How do you assess your risk?

The Privacy Act already requires organisations to take all reasonable steps to protect personal information. The new data breach laws merely add an additional layer to assess breaches and notify where the breach poses a threat.

Firstly, consider some of the following questions:

  • How does personal information flow into and out of your business?
  • What information do you gather?
  • What information do you provide?
  • Where do you store private information? – What systems do you use, where do these systems store data, what level of security is provided within those systems and what level of access does each team member have (and should they have access for their role)?
  • Who in your organisation has access to sensitive information, and not just who is accessing the information for their work but who ‘could’ access this information?
  • What are the possible impacts on an individual’s privacy?
  • What are the policies and procedures in place to manage private information, including risk management and mitigation, are these adhered to and actively managed?
  • Do you have a policy review process, and if so, is it reviewed at least annually, and also with the introduction of new systems and technology? (Remember, you can’t just have a policy sitting somewhere, it needs to be actively reinforced and adopted by team members)
  • Protect your business. Document, document, document! If there is ever an issue where your business’ culpability is assessed, your capacity to prove that you took all reasonable steps will be important.

What is your Data Breach Plan?

When it comes to data breaches, all organisations must have a data breach response plan.

The data breach plan covers the:

  • Actions to be taken if a breach is suspected, discovered or reported by a staff member, including when it is to be escalated to the response team.
  • Members of your data breach response team (response team), and;
  • Actions the response team is expected to take.

The Office of the Australian Information Commissioner provides a sample breach response plan here.

Hopefully, all the systems you have in place will ensure you don’t need to deal with a data breach, but if it does happen, you will need to notify various parties, including:

  • the individuals impacted by the data breach
  • the Office of the Australian Information Commissioner

You can notify the Commissioner using this form.

To access the full guide to the Notifiable Data Breach Scheme, you can find it on the OAIC website.

While it’s unknown at this stage what the repercussions will be from a data breach and how the OAIC will police it, it’s important that we get our preparation in place. At the end of the day, making sure we have robust systems to protect the data of our clients should be high on the priority list anyway – this is just another reminder to ensure we have the right policies and procedures in place to back up what we’re already doing.

If you need any assistance assessing the security of your IT systems, contact us today to arrange a time for a consultation.

If you would like to know more, reach out to marius@qcsgroup.com.au or call 1300 858 723

Is Your Organisation Capable of a Digital Transformation?

By | QCS Group Blog

We read a great article by CIO the other day – it was about turning digital transformation into a practical reality. The piece got us thinking about practical considerations when it comes to digital transformation in businesses, and whether it is even feasible for certain businesses to make the digital transition. Read the article here.

Digital transformation often entails a cloud-based solution. Why? Because the cloud allows businesses to take advantage of significant on-demand processing power and storage without having to spend capital on building or maintaining an on-premises server room and all the infrastructure that goes inside. This move to the cloud though comes with some practical considerations that need to be made, as certain businesses might not be ready for a digital transformation.

So, You Want to Go Digital?

The cloud is the foundational enabler of digital transformation – it offers the scale, speed and fast execution that businesses need in the digital sphere. If you want a digital business, you need to determine which of your applications will be moved to the digital space (bear in mind you can go full cloud or choose a hybrid system). Making this decision isn’t easy – so here are some questions you should ask when considering your digital set up:

  • Who needs access to each application? How many of those people are there?
  • Where do they need to access them?  In the office, on the road?
  • How sensitive is the data you use and store?
  • What percentage of the data you need to store is “current” and requires frequent fast access versus historical, for reference purposes only?
  • How big are the files that you work with?  Word and Excel files are very different to large graphic, video and sound files, for example.
  • What volume of your network traffic accesses each application?
  • Given the volume of network traffic that accesses data proposed to be in the cloud, can your current or proposed Wide Area Network (the link to the outside world and back) handle it and deliver a good user experience?
  • How will you prioritise traffic so that you get the most out of your WAN and minimise network costs?

QCS Group Cloud Readiness Assessment

Not sure whether your business is digital transformation-ready? We offer a service that will help you to determine whether your cloud migration will be a success given your current application set, proposed WAN configuration and manner of conducting business.

This service is called a ‘Cloud Readiness Assessment’. Using advanced simulation tools, we can pinpoint all the pain points in your system before any capital outlay is made. The net result is a transformation plan that will ensure a much smoother migration.

The Importance of an Informed Decision

QCS Group has seen numerous businesses jump to the cloud to take advantage of all its benefits, only to fall flat because of all the hidden gotchas that nobody on the team expected (that’s usually when QCS Group gets a call for help). We can assist you to identify those hidden issues and make a plan to counter them ahead of time.

If you have any questions about whether your business is ready for a digital transformation, don’t hesitate to contact us.

5 Reasons Organisations Choose Office 365 Over Other Apps

By | Uncategorized

Employees who utilize modern mobile technology are more creative, satisfied and productive at work—yet 75 percent of American workers feel their companies are not using the latest efficiency-boosting tools. While traditional Microsoft Office products like Word, PowerPoint, Excel and Outlook lay the foundation for success, on-premise connections are severely limiting. If your business hasn’t moved to the Cloud yet, employees may be working off outdated documents due to multiple versions floating around, or they could be losing productivity because of limited file access when travelling for work.

For these reasons and many more, it’s not really a matter of if your business should move to the Cloud, but rather a question of how. Microsoft Office 365 enables employees to work more efficiently through familiar, cloud-based Office applications along with team chat, group email, online meetings, real-time co-authorship, secure file sharing and more. Google provides similar cloud-based productivity apps covering basic collaboration needs via G Suite.

For IT leaders, it’s important to continually evaluate these productivity tools—and the most efficient way to manage them. In addition to choosing the right solution, it’s also critical to partner with the most qualified Managed IT Services Provider (MSP). As one of Microsoft’s few direct Cloud Solution Providers, QCS Group helps take the complexity out of migration, support and ongoing administration of Office 365.

Here are five reasons businesses choose managed Microsoft Office 365 over other apps:

Flexible Pricing

Microsoft Office 365 and G Suite costs vary by organisation size and feature sets. However, many independent business evaluations have found Office 365 is a more cost-effective solution. For example, the CIO for the city of Palo Alto, Calif. chose Office 365 over G Suite because Microsoft offered superior functionality to Google. Additionally, the city government discovered Office 365 was actually 50 percent cheaper than Google Apps for the same set of features.

Working with QCS Group helps further maximise your Office 365 investment. Our certified Microsoft experts analyse your organisation to find the most affordable mix of features for every user, ensuring you’re never paying for wasted seats or unused apps.

Superior Privacy & Security

Human error or system failure account for 52 percent of all data security breaches. For small and mid-sized businesses (SMBs), the costs of a breach are staggering—IBM reports 60 percent will go out of businesses within six months of a cyber attack. Microsoft Office 365 combats this with essential privacy control functions, including email encryption, DLP, network access encryption, anti-spam and more, whereas G Suite fails to tick several of these boxes, potentially leaving organisations vulnerable to an attack.

Partnering with QCS Group further maximises your organisation’s security with around-the-clock support. We help your company define and implement specific security policies, and ensure you always have the latest version of Office.

More Storage Capacity

File storage is a serious issue for businesses of every size; when inboxes or servers run out of space, critical messages can’t be delivered and important projects can’t be saved properly. If these are common frustrations for your employees, Microsoft Office 365 is probably the best choice. With Office 365, you gain 1 TB of file storage per user for entry-level plans, plus 50 GB for email. G Suite splits storage among all of its apps and offers just 30 GB of storage in its base plan, which also encompasses email.

When QCS Group evaluates your organisation to optimise Office 365 licensing, we take your storage needs into account. Our Microsoft experts recommend the most cost-effective plans with plenty of space.

More Apps & Better Functionality

When it comes to the actual productivity tools, Microsoft Office 365 plans provide desktop, as well as cloud-based versions, enabling your employees to easily work offline. G Suite offers a handful of cloud-based apps with less functionality than Office 365. For instance, Microsoft Excel has been the gold standard spreadsheet tool for decades. It’s designed to crunch complex numbers and import and export mass quantities of data. Meanwhile, Google Sheets does the basics: graph creation, auto-fill sums and more—but it lacks the computation power of Excel.

Office 365 offers a more robust toolbox, but QCS Group can help your employees make the most of it. We help them adapt to new Office 365 solutions and features, maximising overall productivity.

24/7/365 Support

Software issues can disrupt work performance, which makes quick solutions critical. Microsoft and Google offer nearly identical technical support services for their products. Both provide 24/7 support via phone or email for critical issues. For non-critical issues, technical support is available during normal business hours.

At QCS Group, we understand your business relies on speed and reliability. That’s why our certified Microsoft experts are always here for you. We offer 24/7/375 technical support via phone or email for issues of any severity level, and we also provide a monthly ticket analysis accessible via a self-service portal.

The Clear Choice: QCS Group’s Managed Microsoft Office 365 Solutions

When it comes to cloud-based productivity tools, there’s no contest. With flexible pricing, better security, more entry-level storage and superior apps, Microsoft Office 365 is the clear winner for SMBs. With proven expertise in licensing, user configuration, administration and support, QCS Group is the best partner to manage it.

To learn how QCS Group’s Managed Office 365 services can transform your business, reach out to marius@qcsgroup.com.au or call 1300 858 723

6 IT Nightmares to Learn From in 2018

By | QCS Group Blog

Recently, Gabriel Leperlier – Verizon’s head of European advisory services for the payments cards industry (PCI) – visited a press briefing in London, where he talked through some of the worst-case scenarios he encountered when investigated payment card data security and compliance breaches. These breaches include hidden routers, dodgy security providers, secret modems and more.

Here are 6 IT security nightmares that were spotted by Verizon in the last few years – Take note and learn from the lessons!

When a Printer Is Not Just a Printer

At a military facility in the Asia-Pacific region, an infosec professional noticed unusual network traffic that appeared to be coming from a freshly ordered fleet of printers. According to Leperlier, “A few weeks or months after delivery one of the system admins realised that there was some very strange traffic on the network. He said to the firewall team, ‘this is strange, I can see some traffic between the printers and even between printers and other systems’.”

He took it upon himself to investigate further and disassembled one of the printers by hand.  What he found provided a big wake-up call.  He located a modem inside the device which was transmitting everything the printer’s rogue software could collect on the network to a foreign country!

The message to take away from this incident is that you can have all the technology and IT security control in the world – but without skilled and thorough employees (or contractors), your business is at risk.

Server Room Access for Everyone

While checking the IT security access on another company’s system, Verizon noticed that the CEO, CIO and other C-suite executives and cleaners had full access to the server room. Leperlier understood why the cleaners had access – they had to clean every room – but he wondered why the CEO needed access to this room (hint: he didn’t).

This case highlights the need not just for technology to keep information secure, but for clearly defined policies. Access should always be granted only to those who need it, not just because they are senior.  Senior personnel get compromised too – in fact, they are one of the primary targets for compromise by hackers.

Staff Workarounds 1

A Verizon team visited a gift shop (which was part of a wider shopping complex) to check the access to a payment terminal system. This terminal was accessed by a badge, and only the manager could access the most sensitive information. This information was given to the Verizon team by two staff members – who went on to say that the manager was on holidays and then proceeded to open a draw that contained her access card!

Leaving the card behind was intended to be helpful while the manager was away, but it actually compromised the security of the store. According to Leperlier, this indicates the importance of a good working knowledge of security culture at every level of the organisation, from the IT team to operations to managers and even staff on the shop floor.  Staff need to understand they can’t just create their own workarounds to information access issues and the company needs to make arrangements for issues like how to take holidays without compromising security.

One Character Passwords

4 years ago, Leperlier interviewed an IT security officer who was managing a physical access control system. When Leperlier asked about the process of providing greater levels of system access, the interviewee opened up a new security application and typed in a one character password to enter.

Leperlier couldn’t believe that this IT officer would rely on a one character password, so he asked him to log in again. Sure enough, he hit one key on the keyboard and was granted access. “Is that a one character password?” Leperlier asked. “Yes,” the interviewee responded, “That’s why I don’t like people looking at me when I’m logging in!”  In his (poor) defence he went on to say “it’s one character, but it’s a special character!”.

We probably don’t need to say it, but having a one character password, even if it’s a special character, is terrible information security practice – passwords should be complex and include capital letters, numbers and special characters.

Servers in the Bathroom

A couple of years ago, a retail company that operated partly out of Mexico suffered a security incident and requested an on-site audit. Verizon realised that this company was relying on an unknown security provider, and when they went to check out the offices of this service provider, they found a tiny operation that ran out of a small apartment (and all the servers were stuffed in the bathroom).

According to Leperlier, “PCI DSS is not just about technology, it’s about people and process… If we didn’t go out and see what was going on in Mexico then we wouldn’t have seen they were working from home with a server in the bathroom. You need to check!”

Staff Workarounds 2

Verizon visited an organisation that was sure it didn’t have any wireless networks operating in the building, but using scanning technology, the compliance team kept on coming across a signal. Eventually, the team pinpointed that this signal was coming from the server room.

The IT offices were located 3 flights of stairs up from the server room, and it turned out that rather than walk up those stairs every time something needed to be checked – someone had installed a router in the server room so that they could access the servers from their desk.

The hidden router represented an unprotected node on the system that extended the attack surface of the organisation without authorisation.  Again, an easy workaround had produced a security vulnerability.

Need an IT Security Review and Refresh? Contact QCS Group

When it comes to managed IT services, we make networks run smoother, boost productivity, increase security and fix problems fast.

Break-Fix Model Vs. Managed Service Providers

By | Uncategorized

The new era of IT support has changed the way IT consulting is delivered. What used to be a break-fix model has transitioned to managed service providers who consistently monitor a business’ technology. This new model is not only more efficient in terms of keeping a business up-and-running, but also provides SMBs with an affordable way to maintain their IT.

Break-Fix Model

This outdated approach of IT support addressed issues after it was too late. Once a problem occurred, the organisation would contact their IT consulting firm to send out a technician. This not only wasted time for businesses while the technician travelled on-site, then had to figure out how to solve the problem but also drove up costs because of the pricing model. The more issues a company had in one month, the more costly their bill would be while using the break-fix model.

Managed Service Providers

Fortunately, MSPs offered a new form of IT consulting that provides increased value to SMBs. Rather than waiting for an issue to occur, this model takes a proactive approach towards monitoring technology and solving small issues before they develop into larger, more costly ones. In addition, this model provides businesses of any size the opportunity to access the same benefits as a large corporation because of the fixed-fee pricing model. No matter how many issues occur, the price remains the same.

The shift from a break-fixed model to managed service providers has improved efficiency and reduced costs for organisations. Businesses as small as 10 employees can now afford an MSP and have peace of mind knowing their technology is being monitored and remains secure. If your organisation is looking to hire or change to a new Managed Services Provider, have a QCS representative contact you today to get started.

Call Us
Email Us