IT planning essentials
Overlooking basic IT planning is the norm at most small businesses. That’s like not having a plan for life—without a plan, a business may end up with anything, or nothing at all.
The basic elements of IT planning include:
Most businesses have an IT infrastructure before getting around to planning. There are tools for assessing what IT a business currently has, information that is fed into MIS master planning or system development plans. Chief among those tools are:
Zadada is experienced at and fully capable of doing any of the plans or studies mentioned in this posting.
Controlling IT expenses
Many small businesses are committed to an IT firm, or in some cases, to an IT person, who performs routine maintenance. This is all well and good provided the people or person doing the work knows what he or she is doing, but it can trap a business into unexpected IT expenses if a project comes along. The reason is that the IT person or persons will usually bill at an hourly rate with no estimate. No estimate means no cap on project cost. Businesses should be especially wary if the IT firm proposed the project rather than the business.
A business contemplating any significant project should obtain competing estimates from at least three IT firms. (Hopefully, the business wasn’t naďve enough to sign a contract making granting its IT firm exclusive rights to any IT work.) Obviously, we would like Zadada to be one of the firms providing a proposal.
Don’t expect any IT firm to provide a flat-rate estimate. Few, if any, experienced firms are willing to work on that basis because of inevitable “scope creep.” The client usually expects far more from the IT firm than originally envisioned by either party. The estimate will be based on an hourly labor rate but there will be differences from the IT person(s) of a business doing the work and billing the business after the fact.
Firstly, the IT firm or person will be working against an estimate; therefore, the IT person has a responsibility to attempt to keep costs in line with that estimate to a reasonable degree. Secondly, it prevents padding fees in various ways, such as adding “business expenses,” fees for travel time and price mark-ups on any hardware or software required. Thirdly, a proposal should include a timeline for project completion with benchmarks along the way. That will help to prevent an IT supplier from running up the bill by dragging out a project.
In summary, always get competing proposals for projects and ensure the proposals contain the following elements:
A business can ensure the proposals contain these elements by specifically requiring them in the request for proposal (RFP), even if it is only an email message.
Another consideration and another reason to request proposals are the qualifications of the IT persons involved. For example, if a project involves a network or security, some specific, high-level skills are needed, skills the average IT guy or gal doesn’t have. Zadada ensures that consultants with the required skills and decades of experience are assigned to any projects it undertakes. And we don’t mean basic skills, just enough to “wing it” through a project. We mean the most advanced skills that can be found plus 20 or more years of specific IT experience.
One final note on controlling IT expenses: it’s a good idea to have an IT budget. More about that in our next blog post.
Security is a very important issue for small businesses, especially those accepting credit cards or storing personal data such as patient information. There are few businesses that do not need to be concerned about security.
There are two general categories of security, software-based security and hardware-based security. All businesses need software-based security. You are probably familiar with the leading brands of it: McAfee, Norton and ESET, to name a few. Which is best is debatable; however, Norton is highly rated. The anti-virus/security software Zadada most often install is either Norton Antivirus or Norton Internet Security. On the other hand, some of us find Norton to be unnecessarily intrusive and therefore prefer use to ESET on our personal computers.
Antivirus and security software is relatively inexpensive. A one-year license for Norton Antivirus costs about $19 if ordered online. A one-year Norton Internet Security license costs about $26.
As you no doubt know, antivirus software is sold on a subscription basis with annual renewals. The best antivirus applications also guard against adware and spyware.
The other category of security is hardware-based. It includes the purchase and use of a security appliance. Our technical manager prefers those made by Cisco such as the Cisco SA520. Costing about $700, these devices are not cheap but they are essential for businesses storing highly sensitive data such as credit card numbers and patient information.
Businesses accepting credit cards are now required to verify the data is secure. This is dictated by Payment Card Industry (PCI) standards and administered by intermediaries such as ControlScan.
Verification consists of completing an annual questionnaire plus quarterly security scans. Most of the questions on the questionnaire are very technical and therefore difficult for many businesspersons to answer correctly. Zadada has a network specialist on staff capable of accurately completing the questionnaire for a business. The quarterly scan, on the other hand, is simple. A business need only schedule it and then complete a brief attestation after the scan is completed. The trick is remembering to run the scan on time and then remembering to perform the attestation afterward.
There are no fees involved in verifying PCI compliance; however, there are substantial penalties for failing to do so. Fines can run into the thousands of dollars.
This discussion of networks is primarily a discussion of options. Here are the local area network (LAN) options for a small business:
Most software companies such as Patterson or PEB will expect a client to have a permanent network installed but they will usually tolerate a mix of cable and Wi-Fi. This is especially true of the means of connecting laptops or notebooks, which typically connect via Wi-Fi.
This discussion has assumed a network will be Ethernet, which has over time become the standard network. Nearly all new computers have built-in Ethernet connectivity. In the early days of personal computing, there are other types of competing networks such as token ring and NetWare.
Because many new computers have built-in Wi-Fi as well as built-in Ethernet connectivity, the minimal cost for a network consisting entirely of Wi-Fi is usually only the labor cost for configuration; however, as stated above, CAT6 cable is much preferred due to the faster speed.
In addition to the local area network (LAN) discussed above, a practice or business has the option of separate Wi-Fi, if the LAN is cable, and also another separate Wi-Fi for the use of clients, if desired.
Related to the LAN, because it is a way to connect to the server, is remote access, which is typically VPN, an abbreviation for virtual private network, that is, a network that uses a public communication medium, usually the Internet, to securely connect to an organization’s LAN from remote locations. VPN is usually installed on portable devices such as laptops. VPN is entirely optional.
Don't sign an IT contract until…
Most clients quickly read contracts before signing them, basically to see if there is anything really unacceptable about the contracts. Don't sign a one-sided contract or one that omits important stipulations. Check the contract for the following:
This is not legal advice; it is IT advice. Even if the contract meets these criteria, you may wish to have your attorney review it. Whether you do that or not will depend on your comfort level with the IT firm and the contract as well as any past experience you have had with the firm.
How much should IT cost?
This discussion of the cost of IT is based on our real-world experience performing all aspects of IT infrastructure projects for small to medium-size organizations.
To begin with, the hourly rate quoted by an IT firm tells the client almost nothing, except that a very high hourly rate is obviously going to multiply times hours billed into a costly amount. The hourly rate for an experienced consultant typically runs anywhere from $75-150 per hour. That may seem like a high rate but the consultant must subtract taxes and overhead plus non-billable time and other expenses. The biggest factor affecting a consulting firm’s gross income is the work on the project is usually intermittent, that is, it is not study work. Many clients prefer to do IT projects in phases to spread out the cost, which results in down time for the consulting firm.
A prospective client should also consider what the IT firm will provide at no charge. For example, Zadada provides the requirements definition (what is needed), the specifications and the cost estimate at no charge. We also do not bill for any research we need to do to support specific software or hardware. In addition, we do not normally bill for any time spent contacting technical support for a specific product, even if the problem is with the product. You should also ask whether the IT firm bills portal to portal, meaning for travel time, and whether it bills for mileage. Zadada does not bill for either.
If the IT firm is going to provide ongoing support after the project, and it should, you should also ask about any minimum rate it charges for on-site visits. Some IT firms charge as much as $300 minimum to go to a client site regardless of the purpose of the visit. Zadada charges a minimum fee of $50 per site visit for providing requested support. Unlike many IT firms, we do not charge a monthly retainer for support.
You are advised not to ask for a flat rate for a project. Flat rates are notoriously impossible to abide by due to inevitable changes in scope or differences in expectations between the IT firm and the client. Few if any experienced IT firms will be willing to work a project on a flat rate. If an IT firm quotes an exceptionally low hourly rate or it is willing to work a project flat rate, then most likely it is relatively inexperienced or it is desperate. You get what you pay for.
Based on our experience putting IT infrastructure into dental practices and other small businesses, basic IT infrastructure for a small office usually costs $10,000-13,000. Why so much, you may ask? The answer is twofold. Firstly, there is considerable hardware and software involved in even a small office infrastructure, including a server, one or more workstations, network hardware, security hardware, cabling and peripherals, plus all the application and utility software other than the core system (for example, practice management or client contact software). Secondly, acquiring, installing, configuring, testing and documenting all of that hardware and software takes time.
The way Zadada bills is an exception from the way most IT firms bill clients. We normally bill about 50-60 percent of our quoted rate per hour if we perform a task the client might have been able to perform but which the client preferred we do. Most IT firms are going to bill any time spent on the project at the quoted hourly rate.
When discussing cost, another important factor is whether or not the IT firm marks up the price of any hardware or software it acquires for the client, assuming it provides that service. You can expect substantial mark-ups for hardware from core system vendors and usually lesser but significant markups for hardware from original equipment manufacturers (OEMs). Zadada does not mark up prices. It provides hardware software to clients at whatever its cost was. It makes every effort to minimize that cost by using established connections to vendors and their sales representatives that it knows and frequently does business with.
A rough estimate of the total cost of the project can be derived by adding $1300 per workstation for each workstation beyond the first one to a base cost of $11,000. For example, a server and three workstations on a Wi-Fi network will cost approximately $11,000 plus $2,600 for a total of $13,600. However, we recommend installing cabling is the client is going to occupy the space for a considerable time due to speed and security advantages. Cabling can add $2,000-4,000 to the cost of a new infrastructure. (Zadada has experienced cable installers available.) Workstations do not cost $1,300 but adding one costs that much when everything is considered: a USB backup drive, cabling, software, an uninterrupted power supply (UPS), a monitor and labor.
Zadada usually acquires and pays for the hardware and software needed for a project and then seeks reimbursement from the client on a net/15 basis. It invoices for labor weekly, also on a net 15 basis. These terms are negotiable.
IT is moving towards handheld devices, cloud computing and other
innovations. Projects can take these into consideration but depending on the core software the IT infrastructure is designed to run, a client may or may not be able to utilize these innovations immediately. For example, dental practices using XLDent can currently use handheld devices in conjunction with that software but only one brand, and it is not Apple. That means your iPhone or iPad is useless insofar as interfacing with XLDent. Other dental practice management software may or may not interface with any handheld devices at this time.
Another consideration is whether the core software has been updated to run on the latest version of Windows. Most of the major dental practice management or other core system software modules for other types of businesses now run on Windows 7 but Windows 8 is just around the corner. Microsoft has released beta versions of Windows 8 for testing. The current versions of XLDent, Eaglesoft, etc. may or may not work under Windows 8 prior to being modified. New computers currently come with Windows 7 installed, either the Home version or the Professional version. Zadada upgrades Windows to the Professional or Ultimate versions if the Home version is installed. It remains to be seen whether software vendors can update their software to run under Windows 8 by the time new computers are shipped with Windows 8 installed.
The money to fund IT projects is often a challenge for small and medium-sized businesses. Businesses should, but usually don't, budget for IT. The lifespan of most IT hardware and software is about three years. Some hardware may last twice that long but not servers or workstations, which will be outmoded in three years. It follows that if your office has a server and three workstations, the cost of replacing your IT infrastructure will be roughly $13,600 at this time, so you ought to be setting aside one-third of that amount each year. If you do not budget and that amount is greater than your spare cash on hand, you may have to finance IT at interest. Even though it is costly, keeping your IT infrastructure current is essential because it translates into efficiency. There is a high return on the investment (ROI) that may be difficult to quantify but nevertheless exists.
Mistakes organizations make when evaluating IT project cost
Our primary business process
Zadada utilizes multiple business processes, but our primary process is illustrated by the following diagram. Obviously, it applies to IT infrastructure projects versus ongoing maintenance or one-time tasks.
The critical point in this process is the decision to initiate or not initiate the project, a decision that is based on the requirements, specifications and cost estimate.
Phasing in a new IT infrastructure
The following is a phased, step-by-step approach to upgrading or replacing the IT infrastructure of a small business, one with approximately a dozen terminals and workstations. It begins at project initiation, that is, after the project has been given the go-ahead. With the exception of phase 1, there is some flexibility in the sequence of the phases. For example, workstations could be inspected prior to inspecting terminals and vice versa.
This is an example, not a rigid prescription for any business. Although it is intended to apply to a small business, it could be applied to a medium or large business.
Three useful utilities
Two useful utilities that we use on our Zadada computers and also on the computers of clients are Registry Mechanic from PC Tools (www.pctools/registry-mechanic/) and Driver Update from SlimWare Utilities (www.driverupdate.net). Both are licensed for one year for up to three PC's. They cost $29.99 and $29.97 respectively.
The functions these two utilities perform – cleaning up the registry and checking for driver updates – would be impossible to do manually, for practical purposes.
If you have 4-6 computers, you'll need two licenses, 7-9 computers three licenses, etc. Both of the utilities are downloads that are relatively simple to install. In each case, the user creates an account that can be accessed to download additional copies to other PCs.
Updating drivers is not necessarily a flawless procedure. Driver Updates has very occasionally downloaded a driver that crashed the computer when the driver tried to install itself. That is not the fault of Driver Update. The utility offers the user the option of creating a restore point. It's a very good idea to do so in case you encounter an incompatible driver that crashes the PC or causes a device to stop working correctly.
Driver Update doesn't only download and install driver updates. It also downloads and installs updates to the Microsoft Windows operating system and to application software such as Microsoft Office.
A third utility we recommend is Sticky Password from Lamantine Software (http://stickypassword-usa.com/), marketed via cleverbridge. First marketed in 2001, Sticky Password is among the best password managers available. The downloaded version costs $24.99.
It will initially import your saved passwords from whatever browser you're using; there is no need to enter them into the utility. Once you've done that, Sticky Password pops in user names and passwords when you bring up a web page. It will also auto-fill forms. It's quick, simple and so much easier than remembering and entering user names and passwords over and over.
Sticky Password uses complex encryption to protect the passwords it stores. It can be unlocked to access those passwords by entering a master password.
Backups: Step 1 of any IT project
It is good IT management to ensure that, prior to doing any IT work, adequate system and data backups exist and are being run on a regular basis according to a plan. From our perspective as consultants, good backups are also important to protect us from liability for lost system or data files.
We don't recommend a do-it-yourself approach to IT, including designing and executing a backup plan, but for organizations that insist on doing it themselves, the following factors should be considered.
If you can answer the above questions, you have most of the information you need to determine how to do proper backups.
If you're creating a system backup, which is an exact image of a drive, a USB drive is the most convenient option. The amount of used space on the PC drive dictates what capacity the USB drive must have. They typically come in the following sizes: 500 GB, 750 GB, 1 TB and 1.5 TB and range in price, depending on capacity, from $100-$190. They are sometimes cheaper when on sale.
A system backup for a server may require considerably more storage space than a system backup for a PC workstation. A quick check of the space required can be performed by going to the drive in Windows Explorer and then right clicking and selecting Properties. That will tell you the amount of space being used on the drive.
An alternative for small amounts of data is online backup. Although advertised as a flashier, more modern way to backup a computer, it is only practical if you have a fast Internet connection, at least 2 MB per second upload speed. The disadvantages are it may take longer to back up files and there may be a subscription fee for the storage website. The advantages are convenience and the fact that the data is stored off-site.
There are several options for data backup. If you're backing up no more than 32 GB of data from a PC, you have the option of using a flash drive. A 32 GB flash drive typically costs about $70 but sometimes costs considerably less on sale. Sixty-four GB flash drives are available but they are expensive, $130 or more, compared to a higher-capacity, portable USB drive,
If you are backing up more than 32 GB of data, the most convenient method of backing up data is a portable USB drive.
Having determined the amount of space needed for creating a system or data backup, one can obtain the necessary storage devices or subscribe to online backup. It is good practice to have two USB drives for server data and rotate them off-site, meaning one is always off-site and one is always on-site except while in transit. A third USB drive is needed for the server system backup.
One USB drive is needed for each unique workstation image, for each unique system backup. One of the three alternatives – online backup, a flash drive or USB drive – is needed to back up each workstation that has important data on it. It may be possible to back up data from multiple workstations on the same USB drive but that is impractical.
Regarding cost, a typical organization having a server attached to terminals plus workstations, the latter all with the same system image on them, would require three high-capacity USB drives for the server backups, one USB drive for the workstation system backup and probably several flash drives, one for each desktop workstation. If there are half a dozen desktop workstations, the total cost would probably be somewhere in the $700-$900 range. If there is more than 32 GB of data on some of the workstations, USB drives will be required instead of flash drives, increasing the cost about $200.
Backup devices and good intentions are worthless unless there is a backup plan that is rigidly adhered to. How often you backup data depends on how important the data is and how frequently it changes or is added to. Typically, a server should be backed up daily. The daily backup is taken off-site to a secure location. In addition, there should be a system backup for the server and each unique desktop workstation image that is kept off-site and updated as needed, which will be whenever the operating system or application programs are modified.
Rather than a full data backup, one can optionally do an incremental backup, backing up only data that has changed or been added since the most recent full backup; however, this approach requires two storage devices, one for a periodic full backup and one for the incremental backup.
The frequency of workstation data backups depends on how critical the date is and how often it changes. If the data is highly critical, like server data usually is, you may wish to have an off-site backup to guard against a disaster such as a tornado or fire. Also, you may wish to backup data every day.
Although Windows has an integrated backup accessory, we prefer Symantec Ghost, which costs about $24 per PC.
The cost of backup devices plus the time it takes to do the backups is an expense, but not nearly as expensive as losing either your data or your ability to operate due to the loss of critical system or application files.
If the initial setup of backups and a backup plan are either too difficult or too time-consuming for you, that is one of the services Zadada offers. In fact, as stated at the outset of this blog entry, we insist on a client having good backups before we touch anything else.
See http://en.wikipedia.org/wiki/Backup for more information about backups and storage devices.
Upgrade to Windows 7
We upgraded one of our offices from Windows Vista Ultimate 32-bit © to Windows 7 Professional 32-bit ©. (One cannot upgrade directly from a 32-bit operating to a 64-bit operating system.) This upgrade required backing up and reloading all data and also reinstalling all software, because the installation essentially wipes clean the hard drive.
Several issues arose, including the need to update peripheral device drivers and a required update to QuickBooks 2010 from an earlier version. We were unable to get the Windows 7 32-bit driver for one nearly new scanner to install, nor could the manufacturer's technical support team, despite several attempts. The temporary solution was to connect the scanner to an older laptop running Windows XP.
Upgrading to Windows 7 will not necessarily be seamless; however, regardless of what version of Windows you have installed now, we are well-informed about upgrading to any version (technically possible) of Windows 7 and also updating application software and device drivers.