Helping clients manage their technology for over 30 years.

Essential SLA Element #2: The devil’s in the details

I’ve already blogged about the importance of negotiating a service-level agreement that specifies the functionality of the managed and cloud services you engage.

Now I’m going to focus on Essential SLA Element #2: Including details about the system, network, and security infrastructure and standards to be maintained for your services by the provider.

Continue reading

Essential SLA Element #1: Why specifying each service to be provided is critical

I see five essential elements that you absolutely need to pay attention to in your managed and cloud services SLAs. I’ll review each of them in my blog, starting with: Specifying each service to be provided.

This may seem obvious, and, in fact, it is. Yet too many service-level agreements are surprising vague about what exactly you’re buying.

Continue reading

Your SLA: Forgotten secret to getting the most from your cloud provider

To get the most out of your managed or cloud service, you need to invest the time in negotiating a good service-level agreement.

The SLA is a key part of the contract between you and your provider, since it describes the levels of service being provided and the metrics used to ensure your provider delivers full value. And the right SLA with the right service provider can mitigate cloud risks and help your business flourish.

Continue reading

Why a SAS 70 Type II audit matters

Since the arrival in 2002 of the Sarbanes-Oxley Act (SOX) as well as other more stringent financial accountability standards, the role of SAS 70 Type II audit and certification has grown. My company takes SAS 70 Type II audits very seriously.

That’s because both SOX and SAS 70 Type II use the same model of controls — so a SAS 70 Type II certification is the best way third parties (like our customers) can be assured of acceptable, SOX-compliant service organization controls.

Developed by the American Institute of Certified Public Accountants (AICPA), SAS 70 Type II audits mean an independent third-party has verified that a service organization’s policies and procedures were correctly designed and operating effectively enough to achieve the specified control objectives.

Continue reading

2 tricks that can deliver the right service provider treats

It’s a 21st-century truth that even small businesses need complex information technology infrastructures to thrive. Which is why so many enterprises, both large and small, depend on the expertise of independent providers of managed and cloud services.

But using managed and cloud services can be risky, too. How reliable is the service? Where’s your data? And what about security?

Continue reading

On the menu: Networking, dinner, and the scoop about cloud computing

Cloud Computing has been defined by the National Institute of Standards and Technology (NIST) as “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

No wonder the Sacramento chapter of Financial Executives International (FEI), the leading organization for senior-level financial executives, wants to hear about it.

Continue reading

Dangerously vulnerable: 3 quick (and scary) anecdotes

How secure are the data, applications, systems, and networks your business depends on? If you’re like too many of the executives I talk to, you may believe all is well — but only because you haven’t asked the right questions.

One executive told me recently, “We’re cool; we haven’t had to touch our firewalls in three years.”

Continue reading

Don’t let your firewall get burned by employees’ mobile devices

As more and more of your employees use mobile devices, these machines may start out behind your firewall — but they don’t stay there. They move around, to other networks with different firewall rules. Or no firewall at all.

When that mobile device returns to its trusted place behind your firewall, it may carry a cyber-infection that can attack your network from the inside.

The great firewall challenge lies in balancing the tradeoffs between degree of protection, usability, and cost. That balancing act starts with understanding what your firewall actually does.

Continue reading

Employee smartphones and tablets getting to be a huge administrative hassle?

If so, I’ve got good news: Now it’s easy to optimize mobile communications functionality and security while minimizing downtime.

Quest’s new Mobile Device Management Service will secure, monitor, manage, and support 50 to 5,000 mobile devices, regardless of whether these devices are company-owned or BYOD (bring your own device). The Service is available for virtually all smartphones and tablets, including: iPhone® / iPad®, BlackBerry®, Windows® Mobile, Palm™, and Google Android™ / Android™ Tablet.

Continue reading

Protecting the value of your business

I can’t emphasize this enough: All of the technology products and services an organization devotes to securing its data, applications, systems, and networks have but one aim — to protect the value of the business.

Conversely, every data breach reduces the value of the business — and there are more data breaches every year.
Continue reading