fbpx

A Super Simple (ish) risk management system for businesses

In our travels providing IT Support and various IT Services, we work with lots of different businesses.  Many small businesses start and grow very organically and have little time for pie in the sky ideas like “security policies”.  Usually it takes a mandate from a business partner or external stakeholder to prompt a small business to even start thinking about risk management.

The problem for many is that it’s very daunting to start with nothing, having no experience with any risk management system, and somehow end up with a valuable and solid system.

In our case, we enlisted the help of a security consulting firm.  The result was that we gained the internal knowledge and experience to run our own Information Security Management System (ISMS) and controls, based on the ISO 27000 series standards.

So, to help out our Business IT Support clients, we are going to share a few simple steps and cookie cutter templates that should enable many small businesses the develop and implement some management control of their Information Security and give them a head start into expanding on that.

So here we go:

The foundation of our ISMS Information Security Management System is identifying what data you have to protect, and then identifying the risks to that data and the IT Systems surrounding it.  Bear in mind that “protecting” the data means protecting its:

Confidentiality: Only those that should have access, have access

Integrity: Ensuring that the data is accurate and not accidentally or maliciously altered incorrectly.

Accessibility: Ensuring that the data is accessible to those that require access.

All 4 areas must be addresses to give a complete risk management strategy.

Step 1: Develop an “Information Asset Register”.  This is a basic list of the key information stores of the business.  See the below link for a template which includes some common small business assets.

Step 2: Develop your “Information Asset Register” into “Risk Register”, which is a list of risks that could affect each Asset.

Step 3: Mitigate your risks to a level of risk you are happy to bear by creating security “controls”.

Step 4: Schedule regular time slots where you check and revalidate your asset register, risk register and mitigation controls.

This is entirely a management process but requires deep understanding and consideration of the risks and possibilities, so you need to have a deep technical understanding of your environment.  As such it can be very helpful to enlist the advice of a professional consultant.

See attached a template to help get you started at Information Risk Asset and Control Register

 

Buy a computer

Buying a Computer for Business

Helpful guide on buying a computer for Business

Why does it seem like every time you buy an appliance – TV, Washing Machine, Fridge or a Computer they seem to fail at the most inconvenient time when they are just outside the warranty period? It’s so frustrating when things fail when you just want them to work.

As with the entire IT industry, computer’s rapidly change. Over the last few years, we have seen things change from spinning disks to SSD’s (Solid State Drives), more CPU power, smaller form factors, higher resolution monitors, all in one PC’s and much more.

The majority of hardware failures we see in devices these days are Hard Drive failures and less commonly power supply failures. Generally, we see a lot more failures and issues from consumer grade machines that are built to compete mostly on price, verse business grade machines that are designed to be robust.

When buying a new Desktop Computer, Workstation, Laptop or Tablet i treat the purchase like I am purchasing a new lounge. Yes, I mean “lounge”, you know that big comfortable thing you sit on after a hard day at work with your beverage of choice. Why a lounge? Well think about it, you might spend a lot of time on your lounge or you might not, but the time you do spend on your lounge you want it to be familiar, comfortable, reliable and recline when it is supposed to, and last a long time. This is exactly what to look for in a computer.

Think about the following:

  1. How long do you want the computer to last for? A good rule of thumb is 3 years, as this coincides with the warranty period for most mainstream manufacturers (for business grade computers) – That said, I am writing this on a 4-year-old laptop that I love and has not missed a beat but yes, I do have backups and I have backup machines I can use if this fails.
  2. What are you going to do with it? I always like to over spec a little, as I want the best bang for buck and to get the most mileage out of all my new devices. I, like many people, really hate when a computer doesn’t respond or is slow, and my stress levels are important to me so I like to have a high performing computer at all time.If you are doing graphic design, then you will need a machine that can handle what you are going to do with it. It is never a good idea to buy a $500 laptop from a retailer and expect it can handle AutoCAD or Photoshop (or anything really) with any reasonable amount of performance.If you only work on cloud-based products like Xero, Office 365 via the portal and web clients, then you might get away with a slightly less high performing computer because the workload of these applications is mostly done by the servers up in the cloud.
  3. Warranty – You may or may not know, but if you buy a business grade computer from a well-known manufacturer you can generally purchase different types of hardware replacement warranty. You can even get 24 hours a day, 7 days a week 2-hour onsite hardware replacement warranty. This essentially means that the manufacturer will send a tech out to your home or business and repair or replace your device within 2 hours. Not a cheap exercise, but various options are available. Most business’ use 3-year next business day onsite warranty which is much more cost effective. Think about your needs and talk to your supplier about what you need.
  4. Features – Do you ever use the Bluetooth on your computer? What about WIFI? Or maybe you need an Ethernet port or a large amount of storage. Think about what you need and try not to pay for features you will not use. Also think about things like weight, battery life, screen size and resolution.
  5. Hard drives: At the time of writing this (September 2018), I would never again purchase a computer or laptop with an old school spinning disk hard drive. It must be Solid state disk all the way. The difference in performance is huge and not an area to cut a small amount of cost.
  6. Laptop Screen resolution: One mistake I have seen a few times is getting suckered in to buying a laptop with a poor-quality screen and low resolution. Windows 10 is simply not going to work well with a screen resolution that is not FHD (1920×1080) unless you have a screen size under 14 inches. However, if you were to by a 15-inch laptop, with only a HD 1366 x768 screen, you will be trapped, and the only option is to drop it off a cliff (as you will feel like doing) and buy something better.

In conclusion, as someone who sees many different types of PC and specs, your order of priority when buys a machine should be:

1. Specification
2. Warranty
3. Looks
4. Feel
5. Smell
6. Taste
7. ……….
8. Price

AUIT helps many of our customers choose the right hardware for their requirements.  We would be more than happy to have a chat to you about your business computing requirements.  If this is of interest to you,  please contact us at https://auit.com.au/contact-us/

Why we partner with JINGL.com.au

At AUIT we are always on the lookout for great solutions to implement for our customers that give them real world business advantages.  Often we implement the exact same solutions for customers as we use ourselves and so it is the case with the hosted phone system solution (also known as a hosted PABX) provided by JINGL.com.au.

A few years ago we were moving offices, so we started looking around at our phone system options.  Back then the normal thing to do was to ring up Telstra, get them to install some phone lines and hook them up to a phone system in your office and run cabling for your telephones.  So at the time hosted phone systems were fairly new, however once we started looking into it we soon discovered the many benefits.  At the time we took out trial accounts with many of the hosted PABX offerings so we could do a direct shootout.

We discovered that JINGL offered many benefits over the competition and for us this included:

1. A super easy to use interface for managing your phones and your phone bill.  This was REALLY what set JINGL apart when we tested out all the competition.  JINGL’s management interface really is just way ahead of most of the competition.  Within 30 minutes of getting a trial account I was ready to signup as the interface was easy, intuitive and just worked.  In comparison the interface of many of the alternatives was clunky, difficult to understand or just lacking in the required features.  This made JINGL the winner!

2. Flexibility to automatically and manually direct calls.  This is especially important in a 24/7 support scenario to allow us to divert calls to techs who may be out of the office or working from home.

3. Redundancy:  A very important factor for us was redundancy.  If for whatever reason our head office was to be unavailable (fire, flood, theft, power outage etc), then we simply need to run to our backup site and the phones will be working as there is no dependency on a physical phone system at our head office.

4. Features such as autoresponders (press 1 for sales, 2 for support etc).

5. Amazing pricing.  When we compared our phone bill, to what we could expect under JINGL, the JINGL solution was way ahead on price.  This has held true for most of the customers we have helped to move to JINGL.

There are many more really useful features of JINGL, but these were the big ones for us.

So for this reason we now have a partnership with JINGL where we provide professional services to help our customers to move their existing business telephones to the JINGL platform.

If you would like to talk to one of our consultants about your options, please give us a call on (02) 6176 3400