One of the greatest threats to your company’s productivity comes from poor IT network performance. Yet it can be tough to maintain a healthy network in the face of cost constraints, changes to your business, and constantly evolving technologies.

Which can put you between a rock and a hard place, because when it comes to your organization’s IT network, what you need — regardless of whether you’ve undertaken virtualization or cloud computing or unified communications — is a stable framework for delivering communication, applications, and services that provide a consistent, reliable experience under normal conditions.

More...

For quite some time, small and midsized businesses dared to feel safe from most malicious attacks — thanks to their relative smallness. Over the last couple of years, that’s been changing, because larger firms are tightening defenses and, as I’ve said before, the bad guys exploit opportunity.

Which is why shoddy IT security is a wide open opportunity for hackers to rip you off. 

So I’m finishing our list with two elements easily overlooked as you face the hassles of keeping up with criminal creativity.

#9 Educate your employees about security

More...

Buying information technology is tricky. Too often, I've seen folks buy an expensive technology product only to discover it doesn't really deliver the functionality they need. If it's happened to you, don't despair — you can minimize your vulnerability.

Start by understanding that technology product sales reps are there to sell you — their goal is to escalate their product into the top spot on your list of IT projects. So if at the end of a sales presentation you find that your IT project list has been re-ordered so that now their product sits at the top of your list, stop and ask why.  

More...

Anybody seeking to overcome the limits of traditional IT environments and streamline their business has to consider one of the most significant paradigm shifts of our time — cloud computing.

But take note: Cloud computing takes planning, because each move to the cloud is unique.

More...

A service-level agreement works best when it’s the result of a collaborative effort between you and a service provider you can trust. This kind of trusted collaboration will uncover the most cost-effective ways your provider’s IT capabilities can be put to work for your business.

Part of that trust involves the fifth and last Essential SLA Element on my list: Procedures for the safe and prompt return of your data upon service termination.

More...

A good service-level agreement looks simple — but that’s because it’s been conscientiously negotiated to meet the buyer’s needs. Of the five essential SLA elements that every managed and cloud services customer should focus on, I’ve described two — specifying service functionality and describing the infrastructure and standards to be maintained by the provider.

Essential SLA Elements #3 concerns SLA changes. Your SLA should include a mechanism by which you can regularly tune it in response to changing business conditions or new technologies. You’ll benefit from building in a formal review of your SLA (at least annually) in order to use experience and new information to revise it.

More...

I’ve already blogged about the importance of negotiating a service-level agreement that specifies the functionality of the managed and cloud services you engage.

Now I’m going to focus on Essential SLA Element #2: Including details about the system, network, and security infrastructure and standards to be maintained for your services by the provider.

In addition to the functional description of the services you’re using, your SLA should describe the infrastructure on which they’re based in detail so you know and can rely on what supports the services you’re buying. This description should include — and commit your service provider to maintain — system, network, and security infrastructure and standards.

More...

Since the arrival in 2002 of the Sarbanes-Oxley Act (SOX) as well as other more stringent financial accountability standards, the role of SAS 70 Type II audit and certification has grown. My company takes SAS 70 Type II audits very seriously.

That's because both SOX and SAS 70 Type II use the same model of controls — so a SAS 70 Type II certification is the best way third parties (like our customers) can be assured of acceptable, SOX-compliant service organization controls.

More...