Frequently Asked Questions
We know you have questions. Our customers do. Check out the answers to questions we often hear from small and medium sized business owners like you. See what the other guys are doing. Read more.
The answers given to these questions are designed for small and medium sized businesses like yours. Enterprise level businesses and home computer users have different situations and might have different answers.
- Should we have an in-house e-mail server?
- How much should I pay for an Internet connection?
- Should we host our own Web Server in-house?
- How real is the threat of spy-ware?
- How real is the threat of computer virus?
- I trust everyone that works for me. Why do I need centralized computer security?
1. The majority of businesses with more than four computers should have an in-house e-mail server these days. Until recently, the answer would have read "more than thirty" for cost reasons. Microsoft Exchange(TM) is our recommended solution for small and medium sized business, and the price had plummeted recently to the point where it is viable for much smaller businesses. But "what e-mail server" was not the question.
The primary reason you should have your e-mail server in house is that you need to be in control of managing your own "spam" (annoying junk e-mails that you may be getting by the boatload).
Your current e-mail is probably hosted by your Internet Service Provider (ISP). That means that the e-mail server is at their office and you just connect to it to get your e-mail. A good ISP will attempt to filter out spam for you. But your ISP has many, many clients and bases his spam filtering on word-patterns across all e-mails. So the result is a bunch of spam leaks through. That is not the critical problem though.
The critical problem is that some of your customers, suppliers or prospect may write you an e-mail that sounds spamy to your ISP and he dutifully filters it out for you. So you lose some valid e-mail that your ISP, not you, mistakenly decided was not important.
With you own in-house e-mail server, you control your own destiny. You can "white list" all your customers so that nothing ever gets misrouted to the spam bucket. Your e-mail server can learn what looks like spam and what does not look like spam for your specific business. A spam filter tuned for your business is going to be far more effective that a general one crafted by your ISP.
There are several other reasons to have your own in-house e-mail server too. These include the ability to store all company correspondence and contacts in a central location that is properly backed up and easily recovered if an employee leaves or loses his/her computer.
<Top>
2. There are many options for business to connect to the Internet these days. The option of using "dial-up" is one that you should likely avoid if you use The Internet in almost all cases. The reason is that besides being painful to use, dial-up actually costs if you think about it. Consider this scenario:
Say you share your fax line with your Internet connection. Also say you never lose an important fax or waste time waiting for the line to be available. So the phone line costs you nothing extra as far as The Internet is concerned. And say you pay about $20 per month to your Internet Service Provider (ISP) for dial up access.
- With dial-up, most people log on and wait for their e-mail to download because it is only a couple of minutes and that is too little time to go do something else useful.
- Say you have five people checking their e-mail twice a day every day. That is about four wasted hours per month because there are slightly over four weeks in a month on average.
- You lose the cost of wages and overhead for four hours. You also lose the opportunity of what could have been made in those four hours.
- In our recent research, high-speed Internet Access was available in Ontario for about $60 per month from either the phone company or you local cable company. With this kind of Internet connection, e-mail arrives more or less instantly.
- So you save $40 on Internet cost and lose four hours of productivity by using dial-up.
In the above examples, you can see a speedy Internet connection trumps dial up hands down. The truth is that most business should have at least a high-speed "DSL" or cable connection and most already do. The phone and cable companies each have products in the $60 to $120 range that provide fantastic performance and value for most small businesses with up to fifty people using PCs.
There are valid reasons that you may require some kind of more sophisticated or higher capacity connection in the $400 range and up. But if you are paying that much, you should make sure it is really necessary.
<Top>
3. The short answer is "probably not", but there are exceptions. First of all, let's be clear that we are speaking about your public "corporate presence" web site. Internal web sites for employees to share information are almost always better of being hosted in-house for cost and security reasons. For example, Microsoft Small Business Server includes a sophisticated web site called SharePoint(TM) at not extra cost. SharePoint(TM) gives your employees very easy to use and powerful ways to collaborate on documents and publish information to each other. Ironically, your public web site should be hosted outside for cost reasons too. Quality web hosting is very cheap these days. So let an ISP host yours and take the worry off your hands.
4.Spyware is probably the top threat to the productivity of your business today. At the time of writing, we had been called in by two new clients in the first week of the month because their computers had mysteriously become so slow that they were unusable. In one case, the new client had six people more or less idle for two days because spyware had infected a server running his customer Relationship Management System. In another case, a partner in a mutual fund sales office had been unable to use his computer or place orders for a week before he called us. That was during prime RSP season, so spending a week trying to fix it himself cost him real revenue.
While these examples are anecdotal, they support our experienced opinion that almost all computers that are not properly protected have some amount of spyware on them. Our opinion is that lots of business computers are totally crippled by spyware every day.
Spyware will infest your network if one employee clicks on one wrong web site, installs one free, cute program or opens one spiked e-mail. The spyware perpetrators are very sophisticated and go to great lengths to trick people into installing their program. And for the moment, they are quite successful.
5. At the time of writing, our own company was receiving about one e-mail every 10 seconds in a twenty-four hour period. A lot of it was spam, but that is another story. On one randomly selected day, our analysis showed that one in about every 50 e-mails had a virus in it. So that is roughly seven viruses every hour. No viruses have made it past our defenses in the last year.
We have a multi-layered virus protection strategy including a company firewall, virus protection on our e-mail server and anti-virus software on every computer, which are all updated daily. If we had not had all this protection, it is almost certain that something would have made it through.
In the same time period, we seen many virus infect small and not-so-small businesses that thought they were adequately protected but actually were not.
Viruses are a real threat. It is only a matter of time before your company will be infected unless you protect yourself properly.
<Top>
6. Centralizing your security is not a matter of mistrusting your employees. It is true that there are a few things that you would just not want to tempt an honest person to peek at, like your personnel files or the company books. But those things could be secured just by storing them on a physically inaccessible computer.
You could think about a disgruntled employee going in and erasing everything. That kind of doomsday scenario is rare in reality but probably worth insuring against. And then there are external "hackers" that could break into your network and steal credit card info from your customer database. This is a real threat could have fatal impact on your business, not to mention the liability issues.
But the key reason for centralizing security is to prevent accidental deletion of irreplaceable data. Here's a real life example one of our clients experienced before engaging us.
That client is a Chartered Accountant who also does bookkeeping services for some small businesses. Each day his staff would post all the monthly accounting entries to the bookkeeping system for each client. And each night, a junior staff member was responsible to copy the updated books for each client onto a CD for backup purposes. So the junior back-up person asked each bookkeeping clerk to share his or her hard drive over the network.
Unfortunately, the person doing the backup was moving the files to the backup CD instead of copying them. This was not noticed for some time because most of the clients only submitted their data once per month. When it was discovered that the files were missing, the appropriate CDs where retrieved but they had been improperly made and were unreadable.
The accountant recovered the clients' files from a monthly system back-up tape and then re-posted all the lost entries at his own expense. But the problem would have been avoided by centralized security that granted access based on job role. This would have determined that the "back up person" required read-only access to the client files.
If you are going to delegate the determination of your company policy regarding who has access to what data in what manner, you should make it a conscious decision instead of just letting everyone decide as they go. Your people may be good people for the job you hired them for, but there are pitfalls regarding data security that they might not be aware of.
<Top> |