Mark Hurley, Author at Spector

Enhancing Success Through Communication: The Key to Client-Service Provider Synergy

In the dynamic realm of professional services, the cornerstone of every successful project is the symbiotic relationship between clients and service providers. This partnership thrives on a foundation of effective communication, where understanding and collaboration are not just ideals but prerequisites for success.

The Initial Steps

Consider a scenario where a client, armed with a carefully nurtured vision, seeks the expertise of a professional service company to bring their dream to life. This initial meeting, charged with anticipation and the promise of collaboration, sets the stage for a journey where effective communication is paramount.

The essence of this relationship is mutual understanding. Clients share their aspirations, needs, and what success looks like to them, while service providers listen, ask probing questions, and ensure that even the quietest voices are heard. This practice is crucial in our work—it encourages inclusivity and ensures that every stakeholder feels valued and understood from the outset.

Growing Importance of Communication

As the project progresses, communication acts as the glue that binds each phase, decision, and milestone. Establishing clear, consistent channels of communication ensures that clients remain engaged and informed, fostering a sense of ownership and active participation in the process. Regular updates, feedback sessions, and progress reports become landmarks on a path marked by transparency, collaboration, and shared goals.

However, this journey is not without its hurdles. Challenges such as conflicts, shifting timelines, and diverging expectations are inevitable. Yet, it is precisely in these moments that the true power of communication comes to the fore. By replacing silence with open dialogue, discord with constructive conversations, and confusion with clarity, we navigate these challenges together, finding solutions rooted in mutual understanding.

Drawing a parallel to personal relationships, where emotions and unspoken assumptions often complicate communication, the professional realm demands a higher standard. Miscommunication, unmet expectations, and erosion of trust can easily derail relationships. The contrast between these narratives underscores the transformative power of effective communication in overcoming obstacles, building trust, and fostering long-lasting partnerships.

Communication is the bridge that connects differing perspectives, the tool that repairs breaches in understanding, and the thread that weaves through the fabric of successful relationships—both professional and personal. By embracing the art of listening, the courage to articulate thoughts, and the commitment to mutual understanding, we cultivate a foundation of respect and collective achievement.

We recognize that no single individual holds all the answers, but together, through asking the right questions and challenging assumptions, we can uncover paths to mutual success. Starting from a place of understanding and respect significantly enhances the probability of achieving shared objectives.

If you’re seeking a relationship with an IT service provider that truly listens and excels in translating ideas into tangible results, we invite you to book a discovery call with us. 

Many thanks for reading! To learn more about best practices for ensuring effective communication channels with your clients, read our blogs

Harnessing Strategic Technology for Business Excellence: A Guide to Success

In today’s rapidly evolving market landscape, technology is not just an operational tool but a pivotal driver of business success. The journey toward leveraging technology effectively, however, can be complex, especially for companies entangled in transactional or siloed approaches to their tech investments. Such perspectives often lead to inefficiencies, with businesses grappling with escalating costs and a lack of coherence in their technology strategy.

Gap Analysis

Reflecting on this, the first step we take is a deep, introspective look at where our clients stand technologically and where we aspire them to be in the next one to three years. 

This process, known as Gap Analysis, became our compass, as understanding the critical role of technology in business growth necessitates a strategic overhaul. 

This process involves evaluating the current state of your:

  • Strategic Business Alignment

In today’s rapidly evolving digital landscape, the alignment of business strategy and technology is not just beneficial; it’s imperative for organisations aiming to achieve sustainable growth and competitive advantage. The concept of Strategic Business Alignment focuses on harmonising an organisation’s technology investments with its business goals, ensuring that every technological advance propels the business forward. This alignment is crucial for bridging the technology gap, a divide that can hinder an organisation’s ability to adapt, innovate, and ultimately succeed in the modern marketplace.

The Essence of Strategic Business Alignment

At the core of Strategic Business Alignment is the understanding that technology should not exist in isolation from the business it serves. Instead, technology should be a driving force that supports and enhances the organisation’s objectives. This paradigm shift requires a deep integration of IT strategies with overall business strategies, ensuring that every technological initiative, from software development to IT infrastructure upgrades, is directly linked to achieving specific business outcomes.

  • Key Vendor Relationships

In an era where technology is a pivotal force in driving business success, the relationships companies maintain with their technology vendors have never been more critical. These key vendor relationships stand at the heart of an organisation’s ability to innovate, adapt, and excel in a competitive marketplace. As businesses strive to bridge the technology gap—a divide that can significantly impact their operational efficiency and market relevance—fostering strategic partnerships with technology vendors emerges as a vital strategy.

The Role of Vendor Relationships in Bridging the Technology Gap

The technology gap refers to the disparity between an organisation’s current technological capabilities and the potential it must reach to meet market demands or achieve strategic goals. Bridging this gap is essential for businesses looking to leverage technology for growth, innovation, and competitive advantage. Key vendor relationships play a crucial role in this process by providing access to cutting-edge technologies, expertise, and support that might otherwise be out of reach for many organisations.

  • IT Infrastructure & Cloud Services

In the quest to bridge the technology gap and drive business success, IT infrastructure and cloud services play a pivotal role. As businesses grapple with the need for agility, scalability, and efficiency, the transition to cloud-based solutions has become more than just a trend—it’s a strategic imperative. This shift not only addresses the immediate challenges of the technology gap but also lays the groundwork for future innovation and growth.

The Role of IT Infrastructure in Bridging the Gap

Traditional IT infrastructure often struggles to keep pace with the rapid changes and scalability demands of modern business environments. This is where cloud services come into play, offering a flexible, scalable, and cost-effective solution. By leveraging cloud services, businesses can:

  • Enhance Scalability: Cloud services provide the ability to scale resources up or down based on demand, ensuring businesses can handle growth and fluctuations without the need for significant upfront investments in physical infrastructure.
  • Improve Agility: The cloud enables businesses to deploy and update applications quickly, experiment with new ideas, and adapt to market changes more efficiently, fostering an environment of continuous innovation.
  • Reduce Costs: With cloud services, companies can move from a capital expenditure (CapEx) model to an operational expenditure (OpEx) model, paying only for the resources they use. This can significantly reduce IT costs while freeing up capital for other strategic investments.
  • Enhance Collaboration: Cloud services facilitate better collaboration both within organisations and with external partners, enabling real-time sharing and editing of documents and streamlining communication across geographical boundaries.

 

  • Cybersecurity Measures

In an age where digital transformation shapes the landscape of global business, cybersecurity has emerged as a foundational pillar for bridging the technology gap and ensuring sustained business success. As organisations leverage new technologies to enhance operational efficiency, innovate products and services, and engage with customers, the sophistication and frequency of cyber threats have also escalated. Bridging the technology gap, therefore, is not solely about adopting advanced technologies but also about implementing robust cybersecurity measures to protect these technologies and the valuable data they handle.

The Critical Role of Cybersecurity in Modern Business

Cybersecurity measures are no longer optional; they are essential for safeguarding business assets, maintaining customer trust, and ensuring the integrity of digital operations. The consequences of cybersecurity breaches extend beyond immediate financial losses to include long-term reputational damage, legal liabilities, and compromised intellectual property.

  • Business Continuity Planning

In today’s fast-paced and increasingly digital business environment, the ability to maintain continuous operations in the face of unexpected disruptions is more critical than ever. Business Continuity Planning (BCP) represents a strategic approach to ensuring that organisations can quickly recover from disruptions while minimising impact on operations, reputation, and revenue. As businesses work to bridge the technology gap—that is, the divide between current operational capabilities and those needed to compete effectively in a digital marketplace—BCP emerges as a crucial element for sustaining growth and ensuring long-term success.

Understanding the Importance of Business Continuity Planning

At its core, Business Continuity Planning is about proactive risk management. It involves identifying potential threats to operations, such as natural disasters, cyber-attacks, or supply chain disruptions, and developing plans to mitigate these risks. Effective BCP ensures that critical business functions can continue during and after a crisis, safeguarding both the short-term operational capacity and the long-term viability of the organisation.

  • Policies and Procedures

In the modern business landscape, where technology evolves at an unprecedented pace, the importance of having robust policies and procedures cannot be overstated. These guiding documents play a critical role in bridging the technology gap, ensuring that organisations can not only adopt new technologies efficiently but also manage the risks and challenges that come with digital transformation. As businesses strive for success in a competitive and rapidly changing environment, well-defined policies and procedures become the blueprint for sustainable growth and innovation.

The Foundation of Effective Technology Management

At the heart of bridging the technology gap is the ability of an organisation to manage its technology resources effectively. This involves more than just acquiring the latest tools and systems; it requires a structured approach to integrating technology into the business processes, safeguarding data, and promoting a culture of compliance and best practices. Policies and procedures provide this structure, offering clear guidelines on the use, management, and security of technology.

Strategic Alignment and Governance

One of the key benefits of having well-crafted policies and procedures is their role in ensuring strategic alignment between technology initiatives and business objectives. By defining how technology decisions are made, who is responsible for these decisions, and how technology investments are aligned with the overall business strategy, organisations can ensure that their technology efforts are directly contributing to their success.

Furthermore, policies and procedures establish a framework for governance, ensuring that technology resources are used responsibly and efficiently, and that risks are managed proactively. This governance framework is essential for maintaining operational integrity, compliance with laws and regulations, and the trust of customers and stakeholders.

The Shift

By identifying and addressing these gaps, companies can streamline their operations, enhance productivity, and ensure their technology investments are directly contributing to their strategic objectives. Transitioning from a fragmented to a unified technology approach enables organisations to achieve standardisation, operational efficiency, and a competitive edge.

Consider the transformative journey of a professional services client with offices across Europe. Initially hindered by decentralised technology decisions, the company faced significant challenges in maintaining efficiency and alignment. By adopting a unified technology strategy, they not only streamlined their operations but also set a foundation for sustainable growth, despite the initial resistance and the complexities involved in transitioning from legacy systems.

This narrative underscores the essence of a strategic technology roadmap, which lies in simplifying and standardising processes while effectively managing change. It’s about fostering a culture that embraces technological advancements and aligns them with business goals to drive efficiency, innovation, and collaboration. Key to this journey is involving all stakeholders in the change process, prioritising cybersecurity to protect valuable data and systems, and seeking external expertise when the scope of transformation exceeds internal capabilities.

In crafting a technology roadmap, businesses embark on a strategic endeavour that requires foresight, collaboration, and adaptability. It’s about envisioning an ideal future state where technology not only supports but accelerates business objectives, navigating the complexities of digital transformation with a clear purpose, and adopting a proactive approach to change.

As businesses navigate the intricacies of technology integration, the value of a well-constructed roadmap becomes increasingly apparent. It acts as a beacon, guiding companies toward technological empowerment and enabling them to harness the full potential of their digital investments. In an age where technology dictates market dynamics, a strategic approach to technology planning is not just beneficial; it’s imperative for success.

Contact us today to schedule a no-commitment Discovery Call to discuss how we can help you strategise technology roadmap and get your company ready for the future.

Many thanks for reading! To learn more about Business Technology, read our blogs.

Top tips to identify a suspicious email

Cyber Security

Estimated Reading Time: 5 Minutes

Phishing attacks are trying to hack your brain!

Some hackers use code to commit cybercrime; others use simple social engineering. Phishing attacks rely on hacking (psychologically manipulating) the user’s brain to gain access to sensitive information. Unfortunately, this has proved to be rather easy for hackers to do. In fact, 97% of people around the world are unable to identify a sophisticated phishing email, according to cybersecurity expert Estelle Derouet.

Not only are phishing attacks likely to be successful due to widespread user ignorance, but they are very easy for the cybercriminal to administer using automated Phishing-as-a-Service campaigns. This is why over half of all internet users get at least one phishing email a day.

Of course, there are enterprise-grade IT security services that companies use to stop the majority of these malicious emails entering users’ inboxes in the first place. But, no matter what companies do, a few will manage to find their way through. These are the more sophisticated phishing campaigns, and, therefore, you can bet that if they have got this far that they are more likely to be successful.

Stop social engineering attacks in their tracks

Defence really is the best form of retaliation when it comes to suspicious email activity. There is not yet a helmet invented that you can pop on the user’s head to ward off social engineering attacks. But, luckily, a bit of user training can do the trick! Educating your employees on how to identify a suspicious email is the best protection against any scammer that gets through your security measures. Read the tips below in the infographic and list to remain vigilant.

8 tell-tale signs that an email is not safe

Top Tips to Avoid Phishing Attacks Infographic

Still not sure if your brain is being hacked? Some scams are very clever and will leave you guessing. If you are not sure about the authenticity of an email, always take the precautionary step of contacting the company featured in the email. Large companies are very often aware of scams that are circulating and may have alerts on their website or social media accounts. By reporting a scam email to the company that has been misrepresented, you are helping them to raise awareness and reduce the damage done by such scams.

Are you looking for a company to take your IT support to the next level? Make sure to give us a call on 01 664 4190 or contact us for a chat about your IT challenges and needs. We are always happy to offer some sound advice on how you can best support your growing business.

List Format

1.      Check the sender’s email address

Scammers usually try to mimic the email address of the company they are pretending to represent. The display email address in the user inbox will, therefore, contain a well-known company name or brand. While this tactic gives a sniff of authenticity to the email, it is not difficult to find out whether there is a fraudster behind what looks like a genuine sender.

By simply hovering your mouse over the display name the real email address behind it will be displayed. Right-clicking on the sender name should reveal the same information. A bizarre email address behind what looks like a respected sender name is a sign that the email is suspicious.

2.      Check links in the email (but do not click!)

Again, do not click on any links contained in a suspicious email! You can test links by opening a new window in your browser and typing in the company name. If the email purports to come from a big brand or company, open a new tab and search for the official website of that company. You can then compare the URL address to that which has been sent to you in the email.

3.      Are they seeking personal information?

Scammers posing as banks, lenders, or other legitimate businesses will often request personal information. Some email scams use information that they already have to make you believe that they just need you to “confirm” or validate the remaining details. Banks and legitimate businesses will never request personal information via email.

4.      Are you made to feel under pressure?

Beware of instructions to log-in to your account for an urgent message or update. Recipients are often threatened with account closure or service termination if they fail to click on the link and log-in to their account. You can do a quick check by simply logging into your account in a separate window or contacting your service provider directly.

5.      Put your detective hat on to find mistakes

Poor spellings and grammar are obvious signs that the email does not come from a legitimate source. But look out for less noticeable mistakes too. UK Consumer Rights Organisation, Which, reported detecting an email scam because of a mistaken date. The email, sent in March 2017 contained details of a competition with a closing date of December 2016.

6.      Consider the greeting

Do they know your name? Many email scams will address the recipient with impersonal language such as “Dear valued customer” instead of using a name. This one isn’t full proof because some legitimate companies simply do not use personalised marketing, but it is still worthwhile adding to your checklist, just in case.

7.      Unexpected attachments (do not open them!)

Attaching files that contain malware or viruses is a common phishing tactic. Clicking on these files can put your computer at risk and can enable a scammer to damage your files or steal your passwords. If you cannot tell what the attachment is, then do not open it.

If you really must open it, then do it with Notepad to have a look at the data without it automatically running. However, keep in mind there is still a small chance the code could be designed to exploit Notepad. In this case, a sandbox is your safest bet.

8.      Does that logo look blurry to you?

Just like using a well-known brand name in the display email address, scammers will often insert a logo or brand name into the email header. Keeping a watchful eye on the appearance of logos contained in an email can pay off. A poor quality or out of date logo is a sure sign of a fake email. Double-check by opening the last genuine email you received from the company.

 

Embrace BYOD, but be smart about it!

Outsourced IT Support

IT infrastructure extends far beyond the office these days. Business-on-the-go once referred to the travelling salesman, checking in with the boss at the next pit stop with a payphone! Today, people can check-in to the office from virtually anywhere. Remote working, working from home and digital nomads are all viable and common work practices made possible by unified communications, multi-device software and continuous improvements in consumer technology.
Do you bring your mobile/laptop/tablet to work? Do you access work-related data and applications from your personal device? The BYOD (bring your own device) culture has gathered momentum, but businesses should be aware of the implications it can have on your IT security.

BYOD is not going anywhere

BYOD is a practice that is expected to continue to grow in popularity. The United States is leading the way, where 87% of companies rely on their employees using personal devices to access business apps. This is becoming less of a choice and more of a requirement. There are many reasons for the BYOD explosion:

BYOD is cost-effective

With annual licencing costs, software updates and maintenance costs, IT resources can be expensive. BYOD decreases the investment businesses make on IT. Not only is this good news for the business, but it is easy to put into effect because nearly everyone has a smartphone.

According to Deloitte:

“90% of Irish adults have a smartphone while the number of people with access to a tablet has increased from 64% to 71%. We are increasingly using our phones and tablets for purposes which we traditionally used PCs and laptops for including work.”

Benefit from better technology

Not only are Irish people already using their phones for work, they are also likely to look for a device upgrade 12 months after their initial purchase. It follows that consumer technology is often further developed than the typical company-wide IT infrastructure. Few Irish companies can keep their technology this up to date.

Benefit from productivity increases

There have been a number of studies conducted on this subject, with Cisco finding that on average employees saves 81 minutes every week in productivity if they are using their own device. This is attributed to ease of use. People are familiar with their own device and do not need user training to navigate the interface. Not only does this feel more comfortable, but it offers people the potential for a better work/life balance.

BYOD offers flexibility

This leads us back to business-on-the-go. Employees and employers benefit from the flexibility of being able to work outside of the office. Take ‘the beast from the east’ as an example! People all over the country were forced to stay at home, many for at least three working days. BYOD and the ‘anywhere access’ it provides makes unpredictable occurrences such as this a non-issue.

“But what about our IT security?”

What happens if an employee loses their device or it is stolen? Are devices used for personal reasons more likely to encounter malware? These are justifiable concerns for any business.

The primary risks associated with BYOD are:

  • Data loss, by mistake or by theft
  • Data leakage if the device is not secure
  • Public exposure, especially in Wi-Fi zones
  • Malicious apps on the device
  • Cross-contamination of user data and corporate data
  • The general loss of control over sensitive data

The importance of IT security has become increasingly apparent since 2017, the year which reminded businesses all across the world that cyberattacks are a real and constant threat. So, where does BYOD fit into IT security? The answer is the combination of a strong mobile security solution and a clear BYOB policy.

Robust mobile security

It is essential to choose an enterprise-grade mobile security solution for your entire mobile infrastructure. Comprehensive end-to-end security ensures that there are no vulnerable links in your network and continuously scans traffic for usual behaviour. While defending your devices from malicious attacks, a sophisticated mobile security solution will enforce your security policies across all devices and users.

Draw up a BYOD policy

BYOD should not be a free-for-all, although right now in many businesses it is. This is simply because of the enduring fact that culture struggles to keep up with technological developments. However, a simple and straightforward BYOD policy can get everyone quickly up to speed.

Set boundaries for user behaviour

In the policy, outline exactly what is an acceptable use of BYOD for your company. Assume your sensitive data will go everywhere: to the user’s home, on their commute to work, to cafes and restaurants, and probably even on holiday. It may be helpful to list the applications that are permitted during work hours, and others which are not.

Remember that personal devices are notorious for distracting users towards personal errands, so a clear statement of the company’s opinion on this kind of activity during work hours can be worthwhile. Alongside this should be the usual necessary references to appropriate behaviour in the workplace.

How will reimbursement work?

Does the company offer any kind of reimbursement towards the cost of the device? Typically the user’s device will need to store business applications which eat up storage and energy. Determine what exactly are the company requirements from the user’s device and from there decide the level of reimbursement necessary.

What technical support will you offer?

What devices does the company support? Who is responsible for technical issues? What problems are the IT team’s responsibility? These questions need clear answers to avoid confusion when an issue does arise.

Give good security advice

As with the company computers, it is a good idea to have a security guide for BYOD users. This section should include recommendations for setting and storing passwords, device security settings, application privileges and general mobile security awareness.

Setting boundaries and disclaimers

This section should define what happens if various unfortunate events should arise. Recommendations should be made about what course of action the user would take and what the company’s response would be. The company’s right to access data and wipe data from devices should be defined. Equally, the protection of users’ personal data should be guaranteed. Where liability falls for each eventuality should be stated and what rights the company reserves in worst-case scenarios.

With the right framework in place, both employers and employees can benefit from a BYOD practice. Setting boundaries and implementing security measures will ensure there are no inherent risks, leakage, or misunderstandings. Get in contact today to strengthen your IT security against cyberattacks and network security breaches!

Are you looking for a company to take your IT support to the next level? Make sure to give us a call on 01 664 4190 or contact us for a chat about your IT challenges and needs. We are always happy to offer some sound advice on how you can best support your growing business.

Identity Management and access control

IT Support Ireland

Cloud-based storage systems and applications are now a huge part of how business operates. The shift towards using cloud computing has resulted in an increase in Software as a Service (SaaS) and Platform as a Service (PaaS) applications.

Using cloud software and applications alleviates the burden of updating services, managing downtime and staffing an in-house IT department. It’s also cost-effective, with many providers offering fixed-cost monthly subscriptions allowing you to pay only for what you use.

Balancing access and control

Getting the most out of SaaS/PaaS means striking a balance between providing users with enough access to do their job while at the same time protecting company data and resources. A robust identity management and access control policy will reduce security risks, increase efficiency and ensure compliance with regulations that govern the privacy of personal data.

Managing users

Creating and managing users involves deciding who can access what and how. Individual users can be assigned Single Sign-On (SSO) capabilities and often need to access company resources across a range of platforms and applications on-site and remotely. Advanced security measures that require more than single step sign-in are also available. Multi-factor authentication (MFA) provides an extra layer of safety. For example, in addition to the traditional username and password, users may need to enter a code received by text, or use a smart card or fingerprint.

Identity Providers (IdPs)

Directory services or identity providers can create, maintain and manage identity information. Microsoft Active Directory is an IdP developed for Windows domain networks. Active Directory is an umbrella title for a broad range of directory-based identity-related services. In many cases, user information is sourced from different repositories. Identity providers must not only manage identities in different systems but also be able to synchronise information and provide a single source of truth when required.

Putting together your company’s Identity management strategy

With so many services, applications and platforms and so much security at stake, the composition of an efficient identity management policy can appear daunting. The process can, however, be simplified by considering four basic factors.

1.     What do you need to protect?

List the assets you need to protect when implementing your identity management and access control system. Databases, customer and employee information, company statistics, software, transaction information; these are precious commodities. The purpose of identity management and access control is to confer those who need it with maximum access to these assets at minimum risk.

2.     Assess the risk

Now that you know what you have, classify all your assets according to their value. The value of an information asset pertains to how damaging it would be to have that data or application altered or accessed by a non-authorised person. For example, identity theft is a serious and common crime.

Databases containing customer and employee information might, therefore, be considered high risk. For assets such as these, you might consider investing in a multi-factor authentication (MFA) service.

Assessing the risk of each asset will provide a foundation for deciding how protected each one should be, who should access it and how.

3.     Choose your management system

Your choice of management system will depend on what systems you are currently using. Microsoft Active Directory is a popular management system for those operating with Windows. If you use an OS such as Unix or Linux, Lightweight Directory Access Protocol (LDAP) might be the application for you.

No matter what computer infrastructure your business is using, there is a compatible access management programme available with options for even the most diverse platforms.

4.     Implementation

Having assessed your company’s data and assets and chosen your management system, it’s now time to implement your identity management and access control strategy. Users should be aligned with an appropriate level of access that affords convenience and security.

Depending on staff numbers and distribution, you may decide to allow remote access to certain applications. If there are multiple applications with different user id and password systems, an enterprise-wide single sign-on (SSO) system would be advantageous. SSO products range from Imprivata (used by medium-sized companies) to IBM’s Tivoli (for larger companies).

Flexibility

Once established, your identity management system should provide the flexibility to modify the access levels of its users. Rights of access can be conferred in blocks by establishing groups with specific privileges reflecting job function or staff locations. Other employees will need customised access. Request and approval procedures for modifying privileges should be built-in to your access management programme.

The keys to the castle

Identity management technologies represent the keys to your castle; they allow you to protect your business, manage user identities and access permissions in an automated fashion. A clear and universally upheld identity management policy will allow your company to extract the very best of what these digital keys have to offer.

If you’d like to discuss ways to better manage identities and access in your company, talk to Spector about the different ways we can help.

Grow your SME without frying your brain

Cyber Security

Can you remember what it was like to not have a mobile phone? Although we may harbour some gripes about our increasing dependence on technology, it is difficult to imagine leaving the house without this object of security and resourcefulness in our pocket. Sure, we might take the odd Sunday OTG (that’s off-the-grid, to you and me), but for the majority of us, the advantages modern technology brings to our daily lives are simply overwhelming.

This is our personal experience of technology, but what about in the competitive realm that is business? Obviously, technology provides advantages here too, but, more than that, it is utterly crucial for growth as well as basic survival.

Survival of the fittest, aka the most innovative, efficient, knowledgeable…

Don’t get us wrong; the successful modern workplace still relies on people. In fact, it is fuelled by knowledgeable individuals using their time effectively on tasks that produce real results for the growing business. This sounds fairly obvious and straightforward, that is until you break it down.

What defines a knowledgeable worker? Are the majority of daily tasks directly affecting the business’s goals? Or is a lot of time spent on menial tasks that must be done to get to the ‘’real’’ work? If this is so, how can people be truly effective? And how can a business grow when the brains it relies on are wasted in this vicious cycle?

Today’s business technology can provide answers to each of these concerns. How? By gathering and relaying knowledge in the form of real-time data to inform daily decision-making and by automating tedious office housework to free up employees for the high-value tasks. This is what makes growth possible. That is why we have made up a quick list of some of the most noteworthy productivity tools on the market that will help you take your business to the next level!

4 productivity tools for the growing SME

Trello – project management

How do you currently track your projects? Valuable information and time are often lost in emails and quick conversation by the water fountain. Trello is a project management tool that keeps everything in the one place. It uses the Kanban system, developed by Toyota for lean processes and just-in-time manufacturing.
With Trello, each project has its own Board and the tasks to complete the project are organised by Cards, which can be edited in real-time and moved across the board until the project reaches its completion. The interface resembles sticky notes on a whiteboard, keeping it simple for everyone to use while remaining productive. Your whole team can get involved, adding comments, images, files, checklists, and deadlines to tasks during the entire process.
Project management tools, such as Trello, allow for real-time collaboration. Everyone on the team is kept up to date with what is going on, and momentum is maintained by the drag-and-drop function, assigned accountability and explicit deadlines. The particularly great thing about Trello is that it is free and available on all devices.

Slack – unified communication

The power of unified communication cannot be underestimated because, after all, effective communication is the bedrock of good business. Yes, we all have email accounts, but emails have their own specific (somewhat stuffy) culture. The user-friendly interface instant messaging apps such as Slack provide results in more streamlined conversations.

In Slack, communication is succinct and actionable because of the instant aspect. This increased response time leaves email in the dust. Of course, email is still necessary for external communications, but, for your teams, Slack can greatly increase efficiency as the crux of important decisions is unearthed faster. However, Slack offers more than just texting for business. It allows for presence management by showing who is available online in real-time, supports file and image sharing while also organising multiple conversations over numerous streams.

Due – invoicing software

Cloud technology is empowering the smallest of businesses to push their production capacity further than ever before. Due is an invoicing software that takes the hassle out of chasing payments. Here all your invoices are organised by what stage they are currently at, Sent, Received, Saved or Paid. Invoices can be set to send recurrently, and you can even automate late payment reminders!

With notifications to remind you what payments are due and billing timers to keep the cash flowing, this is an accounting solution that not only simplifies the nuts and bolts of the invoicing process but it also helpfully communicates with the user and their clients directly. Due is free for up to three invoices a year. After that the most expensive plan is only $49 a year.

IFTTT – app integration

Can’t find an automation tool that does what you need? Why not make your own ‘’recipe’’ of automated actions with IFTTT? IFTTT stands for ‘’if this then that’’ and this cloud service offers a library of simple automated processes, or Applets, to make your workday easier. If you still can’t find one that answers your specific needs, you also have the opportunity to make your own. Do you need every email attachment to be automatically downloaded as a PDF into a certain folder? Or do you want every new email contact to be listed in an Excel document? There are Applets on IFTTT to ease the pain of all kinds of tedious tasks, and the great thing is this service easily integrates with hundreds of third-party tools. But more importantly, is it free. Yes, it is!

If you are not the techy type, the word ‘‘automation’’ can sound complex and alien, but we hope we’ve showed you that with some simple and very inexpensive tools your SME can flourish while competing in the modern digital landscape.

Are you ready to take your SME to the next level? Make sure to give us a call on 01 664 4190 or contact us for a chat about your current IT infrastructure. We are always happy to offer some sound advice on how you can grow your business with productivity tools.

GDPR: A Q&A with Michael Brophy, CEO of Certification Europe

IT Support Dublin
Aaron Nolan and Mark Hurley of Spector, with Michael Brophy, CEO of Certification Europe

Estimated Reading Time: 6 Minutes

by Mark Hurley – Managing Director, Spector

With GDPR just around the corner, it’s clear that implementing robust security policies will be essential for every business. Cybersecurity is an ongoing concern for companies everywhere, from SMEs to large multinational corporations. Ensuring your IT environment is secure is important not only for the protection of your own sensitive data but also because of the potential impact on clients and suppliers.

I was pleased to be able to get an insider’s perspective on what the future of cybersecurity will look like when I interviewed the CEO of Certification Europe, Michael Brophy. He has a longstanding career in all matters of international standards and compliance and is considered a leading expert on standardisation in Ireland. Michael has served as an authority on data security for numerous EU Commission committees and was closely involved in the development of electronic signature standardisation.

During our chat, we discussed Cyber Essentials and ISO/IEC 27000, ‘’self-assessment’’ certificates, the impact such certifications have on GDPR compliance and what the future of Certification Europe will look like.

IT Support Ireland

Mark Hurley and Michael Brophy

Mark Hurley: Hi Michael. Welcome to Spector! We cross paths once again. Many thanks for your help with the set-up of our ISO/IEC 27001 certification. Today we have a few questions for you around cybersecurity…

When we look at Cyber Essentials, for example, we approach it from a security policies foundation. The policies and evidence we gather around these policies are what we submit, with the guidance of your team, to Cyber Essentials for our SME clients. But cybersecurity is a continuous event, rather than a single event. I’m wondering, how do you see this approach changing in the future?

That’s right, Cyber Essentials and ISO/IEC 27001 approach cybersecurity as a journey, not a destination. It’s the start of the process, which has to be maintained. But at least now we have a reference point. For 27001, Cyber Essentials provides a marker. It is a grid reference point.

If you are a hard-pressed managing director and you have no internal IT support, the worry is knowing just how exposed you are. How do you determine how good your security is? This is why it’s good to have the likes of Cyber Essentials for peace of mind. They can tell you whether you are doing it right or not; if you’re not, at least you’ll have the resources at hand to quickly get on top of it.

MH: How do people come to you? Do they get in contact directly looking for training or management in cybersecurity, or do they come through managed IT service providers such as Spector?

There are two main ways.

We deal with about a thousand organisations around the world, most of which are SMEs in Ireland. Often, they will have encountered other standards to which they have had to adhere, such as quality or environmental standards, so they are already members of our client base.

The second route to us is very much via companies such as Spector. They are questioning what they should be doing and are now looking for a reference point to anchor this process. Cyber Essentials seems to be the main reference point for SMEs in Ireland.

MH: When we began looking at Cyber Essentials, in particular in the UK, we saw it as a crest that displayed our cybersecurity standards as certified by Europe. When we applied for the certificate, it was a stringent process, but now there is the option of the ‘self-assessment’, which would seem to devalue it. Would you agree with this?

I agree. In general, the idea of self-certification or self-approval is always somewhat lacking. It will always be open to question because it essentially comes down to the company stating ‘We are great!’ Well, who says so? ‘We do!’ That will always be contentious.

Whereas, in the case of an independent assessment, people tend to feel a lot more certain that the security standards are up to scratch.

MH: Regarding the gap between a Cyber Essentials certification and moving up the ranks to ISO/IEC 27001, is this about the size of the company, or something else?

Certainly, ISO/IEC 27001 is a step up. The reason some companies start at this level of certification and others work up from Cyber Essentials might be because of size. Particularly if you’re a large company in the tech sector or financial sector, you would be looking at going straight for ISO/IEC 27001.

Also, it has to do with the type of customers you deal with. Major drivers are customer expectation and supplier-side pressure. It could be that the companies you work with simply expect you to have ISO/IEC 27001. In certain sectors, it is virtually mandatory, especially for data centre hosting, online hosting or cloud-based services.

On the other hand, SMEs that are simply wondering if their security is up to standard and whether they are leaving themselves exposed, tend to go for Cyber Essentials.

MH: We’ve found that ISO/IEC 27000 series seems to go a very long way when it comes to GDPR compliance. Do you find people are taking this route because of GDPR?

I think you’re spot on. We find that clients who have had ISO/IEC 27000 (especially for a few years, as they are quite mature systems) not only experience a cultural change within the company, but it also provides a framework that can be used for things other than IT security.

For these companies, GDPR is a natural progression as there are a lot of areas they will already be able to tick the box for. Of course, some elements are very specific to GDPR and will still need attention, but our ISO/IEC 27000 clients say that they have 75%-80% of the compliance already done, so they are just making up that 20% difference to be assured they have met the requirements.

MH: Is Certification Europe providing any services to fill that gap?

That’s a good question and very pertinent at the moment. It’s a case of watch this space! Once GDPR comes into effect in May, one of the first things we can expect is that the EU will make a pronouncement on what certification schemes are recognised. I think it is unlikely they will say that any sort of certification is compliant. But what we have seen in other fields is that certification will be given due recognition, particularly from a risk point of view.

One could assume that when the Data Protection Commissioner or the Information Commissioner’s Office are looking at organisations to possibly audit, and assessing risk profiles they need to regulate, companies that have voluntarily sought certification will be further down their lists.

MH: How much interest is there about GDPR from your current client base?

At the moment, the clamour is getting louder and louder! What’s interesting is that there are already moves for potential certification schemes. There is a standalone management system, called ISO 10012, which is especially for data privacy. It is a standalone standard, so you can go for it without previous certifications.

Another interesting development is a current working document called 27225, which is a bolt-on to the 27000 world series. It’s still in draft format but is specifically about managing the privacy of information. For a company that already has 27001, rather than going for another certification which sits in isolation, this will allow you to build on to 27001 and bring in data privacy requirements – in line with GDPR. It will be an integrated management system. I’d say a lot of 27001 clients will be keen to look at this in the future.

MH: My final question is, what does the future look like for Certification Europe?

In a general sense, I think independent verification is going as a business. Information security continues to grow in importance. In many sectors, it is now mandatory. Clients are aware that this is a crucial question to ask of providers and vendors, and they know to question the standards that are in place. That’s why certifications such as ISO/IEC 27000 matter and will continue to grow.

There are three areas that we are focusing on. They may be two, three, four years down the line, but sectors such as artificial intelligence, blockchain technology (it will be very interesting when it moves out of the financial services sector) and the fintech sector are developing rapidly. They haven’t reached our purview yet, but soon enough there will be new discussions to be had around acceptable standards and certifications. It’s something we are already preparing for and will be a fascinating area of development.

MH: Fascinating stuff! Thanks very much for your time, Michael. We look forward to working with you into the future.

[Featured image shows (l-r) Aaron Nolan and Mark Hurley of Spector, with Michael Brophy, CEO of Certification Europe]