News and Blog 

Sign up to receive our newsletter 
IT mistakes in Small Business our top 5 
 
You have decided to start you own business selling widgets, you see the market for them and you are the best there is at making them. So firstly congratulations on taking the first step to running your own business. Yes it’s all exciting and you are full of ideas but you have a strict small budget to start with. You have a small staff of friends who want to work with you. A few months along and everything is going great, orders are coming in and product is going out, but things aren’t quite as smooth sailing as you expected. Your computer system keeps slowing down, or stops working, you can’t print, order details have just disappeared and you have no idea why. Everything has been running fine, your receptionist’s son keeps popping in and looking at your systems, adds software and tells you everything is fine. 
 
Well STOP it’s not fine, you have lost control of your greatest business asset your IT. This is not an uncommon story, we see it a lot and it highlights the common mistakes a lot of businesses make, especially when starting up. There are various things you need to do as a business especially a start up to make sure you can function on a day to day basis, know you are secure and have all your customer data to hand when needed. We have narrowed it down to 5 common mistakes. 
 
1. Data Storage: Have central storage of data, most SME make the mistake of allowing employees to save their documents locally on their PC or laptop. This is no use if the laptop is stolen or lost, or the PC hard drive fails. If data is stored centrally then you have complete control of it, who has access and who doesn’t, what can be stored and what can’t. and it can be backed up 
2. BACKUP DAILY: It’s that important we will repeat ourselves BACKUP DAILY. If you have central storage then it’s easier to back up the one device daily. This can be done to a tape system, external hard drive, DVD or via the cloud. Whatever solution you choose make sure it is done daily, keep a record of what was backed up, your backup software will create a report. Make sure it is stored off site in case of onsite disasters. We would recommend looking at a reputable cloud based backup solution which has encryption technology. Cost should not be a deciding factor on this; how valuable is your data? 
3. Internet Security Solution: Have a reputable security solution in place and look at layered security. This means having a firewall separate from your router, consider email filtering and web filtering. Ensure whatever end point solution you have in place that it is updated and kept switched on. You can’t use the free offerings as it is against their licensing agreements. 
4. Can I really look at this online: Have an acceptable use policy for email and internet usage. You don’t want someone in your accounts department to email themselves or a competitor all your key spreadsheets. Have a policy on what websites can be visited and when. Unless you are using social media as part of your business strategy you don’t want everyone looking at the sites all day and not getting on with their work. 
5. Get some professional help: IT Support and systems. Employ a dedicated IT support staff or outsource to a company to do it for you. Having the receptionist or office manager do your IT support has some major flaws. It takes them away from their day job so you are losing a member of staff who is not doing what they are paid for. They will certainly not be looking for the right solution and as they will not be experts they will not have the correct solutions available and could compromise your data. Certainly don’t allow an employee’s child to support it and load software as in our story. You would be breaking all sorts of licensing agreements and could face a huge fine if you don’t have the licences for such things as Microsoft Office. Pay a company to do it for you and take away all the frustration and pain. As an IT business support company we see these things a lot and the amount of stress having a non-functioning IT can bring is huge. Not only for the owner of the company but also the staff who can’t function. Who then get blamed for missed orders. It can be a false economy to skimp on IT systems and processes and even more difficult and expensive to put right after a few years. Invest in the equipment, outsource to a reputable support company, build the relationship with them. Ideally you should be wondering why you are paying each month for the IT support as they should be running maintenance eon key systems in the background and you shouldn’t even know they are there. 
Battery Backups 
 
Battery Backups/Uninterruptible Power Supply or UPS as they are known have been around for years. Some are small underdesk units, some are rack mounted units and some are floor mounted units for powering data centres. Which ever one you have they need to be used correctly. We are finding more and more businesses love the idea of a UPS BUT and this is a major BUT think they can power everything from a single unit. 
 
So what is a UPS really used for? 
 
Provides instantaneous power for a period of time in the event of a power outage 
Provides surge protection 
Filters the output power in the event of poor supplies. 
 
While the main task is to provide instantaneous power when the mains fails there is a limit on how long it is going to be available. Ideally it gives you enough time to safely power down the equipment, but inevitably the power outage will be over night so the amount of time will depend on what is plugged into it and more importantly what wattage it consumes. In the computing world all equipment is supplied with power consumption information, usually in the spec sheet or on the equipment. 
 
You need to plan on what runtime you expect from your UPS. Say your equipment consumes 1000W of power, according to the APC runtime calculator you would get 24 minutes on a 3000VA UPS unit, 16 minutes on a 2200VA unit less if they are rack mounted units. Not too bad you think, this is a single unit plugged into a UPS. If you had two 1000W units plugged into the same UPS you would reduce your uptime to 7 minutes on a 3000VA UPS and they wouldn’t have any uptime on anything less. So planning is crucial on specifying a UPS. If you have a multi power supply server DO NOT plug them both into the same UPS. Ideally plug each power supply into separate UPS units or have one power supply plugged into the mains and the other into a UPS. 
 
Whatever you do NEVER plug in extension leads onto a UPS unless it is a specifically designed unit such as a PDU (power distribution unit) made specifically for a server or data rack. Again you need to specify the wattage expected to get the most out of your runtime. Test a UPS on a regular basis and as part of the test allow it to run down and recharge. Remember good quality UPS units can have their batteries replaced so increasing their useful life and savings in the long term. 
More than just Anti-Virus 
 
With the advent of more and more threats to business and home networks you need to think differently than the potential attacker. A bold statement I admit BUT a few sensible steps will give you a fighting chance. Each step is a separate subject so this is a brief overview 
 
Remember no security solution is watertight but you can try to make it as secure as possible. 
 
You have to take a layered approach to security. Start by thinking what is important to your company, Is it data or documents, email or web presence? 
 
There is a different approach to each issue, let's look at data security or network security. 
 
Your starting point is all about personnal preference, inside with the users or outside with your internet connection. We will look at this from the connection stand point. 
 
1. Whether you have a broadband connection such as cable or ADSL or a leased line you will have some sort of router or modem. If you manage this then a simple thing as changing the default router password is a great starting point as most default passwords are available online. Change it and don’t tell everyone what is it. Only those who need to know should do. Nothing worse than people fiddling with it. Most will have built in firewall options, do some research as to what these need to be, ideally you should be blocking such things as streaming sites for illegal movies etc. 
 
2. If a business it is an ideal time to look at investing in a UTM solution, commonly known as a firewall but a UTM is so much more. UTM stands for Unified Threat Management and will have various filters in place such as web blocking, spam filtering, intrusion detection and more depending on the manufacturer. Once in place it will need managing and updating as new signatures for the various components are rolled out to cover new threats. 
 
Thats the perimeter looked at. 
 
3. Next all depends on how your network is setup. Ideally you will have network switches which your devices connect to instead of just plugging into your supplied router. Again this is personnal preference on what type of switch is installed. There are a huge number of manufacturers but a managed switch is more secure than an umanaged switch or a network hub. 
 
With a managed switch you can disable unused ports, label ports so you know what is connected where, setup VLANS to separate various parts of the business. 
 
4. Wireless comes into all this also, it is a better solution to have guest access to your network for visitors keeping it all separate from your internal network so preventing infections and possble data loss. 
 
5. If your server or domain then this is usually used for sharing resources or distributing emails. Giving various departments password controlled folders keeps data within the group it is designed for. You wouldn’t want the whloe work force to be able to access the payroll application in accounts and everyone's pay details. 
 
6. Installing a reputable internet security solution on all servers, workstations, laptops and other mobile devices is a must. Password protecting the access to the program is highly recommended, it needs to be runnng all the time and the end user should not be able to disable it. Regular updates to the virus database is essential. 
 
As they say you get what you pay for so research the different ones available. A business SHOULD NOT use the free versions availble as you just don’t get the same support or security. 
 
7. End users, all your end users need educating on what is acceptable practice for internet and email usage, this is from the receptionist up to the CEO. An internet and email usage policy needs to be written, reviewed regularly and adhered to. While social media is a key business tool you don’t want everyone surfing the sites all day and not doing their jobs. 
 
8. If you have a slow internet connection then you need to make sure that users are not streaming music all day as this will have a business impact on the performance across the whole network. This can be blocked or regulated by yout UTM. 
 
9. Get dedicated IT support, be it in house or outsourced. IT and security can take up a lot of time and effort, if someone such as the office manager or receptionist is also supporting the network they are not doing their own job and therefore their side of the business is affected. 
 
So to summarize, looking at a layered approach is an ideal way to make sure your network is available to users and perform as you would expect. It helps secure your business critical assets and ensures that you can get on with your day to day business. 
Recent Posts 
 
 
Recent Comments 
 
Archives 
 
 
Categories 
 
News