When the federal government offers incentives to support a change, many organizations sprint to meet the benchmarks that trigger the payoffs. That was the goal when, in 2009, the government offered grant money to spur the adoption of electronic medical records (EMRs). Since 2009, 80 percent of doctors and 60 percent of hospitals have converted to EMRs, and $28 billion has been paid out to health care providers for converting paper files to digital.
A large health care provider in the Midwest was among them. Serving more than 200,000 patients, the organization had thousands of medical records on file that needed to be digitized. The company ramped up the push for electronic records to meet the government incentives, including its requirement to use only electronic records for Medicare and Medicaid patients by the end of 2013.
But as the company, like many providers, rushed to meet these new EMR requirements, it found the cyber security requirements were changing far faster than other technologies.
The organization knew it needed to ramp up security — and quickly — to continue to meet its responsibility to its patients and their privacy, and to continue to meet health care privacy rules and HIPAA requirements, while maintaining the security of the entire system. But with IT resources tied up in the switch to EMRs, how could the organization best upgrade its security? (more…)
In the past, IT security was like insurance, viewed as an expense, not a revenue generator. That perception left IT with minimal dollars allocated to securing networks, data, and other assets. But with the increase in threats, ranging from malware to data and identity theft, security has become a priority for all organizations.
Over the past three decades, businesses have developed structured security programs as federal and industry regulations became more prevalent. The Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act (SOX), and Payment Card Industry Data Security Standard (PCI DSS) are some of the well-known guidelines that have advanced compliance-based security.
But regardless of the industry guidelines, both compliance controls and the threat landscape have evolved, introducing a new requirement to address: risk. Security can no longer simply check the box of compliance as it could in the past. Risk is the new basis for every effective IT security program. (more…)
Dig up your high school yearbook photo and you’re likely in for a laugh — the clothes, the hair styles, the glasses are distant memories for most of us. That snapshot of 18-year-old you is unlikely to be confused with who you are today.
And yet when it comes to IT, many organizations often find themselves the victim of a kind of snapshot syndrome, the common misconception that our environments exist in the state in which they were last measured or assessed. In reality, most infrastructure, policies, and processes are in a continually dynamic state, and just like current you compared to your high school yearbook photo, only a few undergo limited changes. (more…)
IT departments are centering their sights on key software and hardware initiatives for 2015, aiming to increase productivity and enhance the entire IT environment. But there’s a pervasive obstacle to those plans that often steals IT’s focus from these goals and robs them of the time to implement them. That IT time-waster is managing the multitude of vendors that an organization works with.
Most IT departments aim for an 80/20 distribution for vendor management: 20 percent of all vendors representing 80 percent of IT’s total spend, with the other 80 percent of vendors representing only 20 percent of the spend. Typically, the biggest players in the IT market – organizations like Microsoft, Oracle, SAP, and IBM – are an organization’s strategic suppliers and fill the top 20 percent. All other vendors represent the long tail. Here’s what that breakdown tends to look like: (more…)
In his classic book “Flawless Consulting,” Peter Block lays out the three ways that a consultant interacts with clients: as an expert, a pair of hands, or a collaborator. As Block points out, when a consultant is the expert, all the responsibility rests on his shoulders, and when it’s just a pair of hands, it’s of little value to the customer. But if the consultant and client collaborate to solve a problem, everyone gets the best outcome and the most value.
Nowhere is this more clearly illustrated than in IT. Companies approach professional services organizations (PSOs) when they face an IT problem they can’t fix on their own, whether because they don’t have the skill set internally, can’t spend the time, or don’t have the resources needed to solve the problem. The best of these relationships are true collaborations. The customer has a clearly defined problem and the PSO helps the customer develop and implement a clearly defined solution.
But too often organizations approach professional services with only a vague sense of the problem, like the need to “configure hardware” or “fix a performance issue.” The timeline is hazy, the goals uncertain, and the outcome poor. These projects often take longer and cost more than if the organization brought specific needs to the table from the start. It impacts the effort required on the part of the consultant, and even how the professional services are purchased.
Here’s how to ensure a strong collaboration with a PSO and get the job done on time and on budget. (more…)
Every year we regularly schedule physicals, oil changes, car inspections, and other appointments in order to keep the systems that we depend on running at peak operational efficiency. There might not be anything noticeably wrong to necessitate one of these checkups, but that’s not really the point. The purpose is to take a proactive approach to system maintenance in order to catch any coughs or hiccups that might later call for an expensive fix.
SHI recommends a similar preventative approach to IT security. Organizations need to regularly assess their security programs to pinpoint small issues that could later turn into devastating security leaks. They can do this internally or hire a professional security services team.
To help our customers confirm that they deployed their security controls properly and identify any security gaps that might exist, SHI developed the Security Posture Review (SPR). The SPR is an assessment designed to evaluate various technical and operational security controls within an organization’s IT environment, which will help maximize security spend.
Our SPR consists of three phases: (more…)
Purchasing new hardware or software can be a costly and burdensome investment for even the most profitable organizations. But purchasing outright isn’t a company’s only option. Organizations can lease hardware and finance software and maintenance to ease upfront costs and increase IT flexibility. So before you sign that check for your next big order of desktops, servers, or software, see if any of these options are right for you.
The two types of hardware leasing
Leasing is the most common way to acquire IT equipment without paying for it up front. There are two main types of leases: the fair market value (FMV) lease and the $1 buyout lease.
The most common type of hardware lease is the FMV. It’s similar to a car lease, in that you don’t own the product at the end of the term, which is typically two to three years. In an industry known for a 36-month product lifecycle, this is a compelling benefit. The greatest part of IT is that the power keeps going up and the price keeps going down. FMV leases offer the lowest payment option since you’re only paying for the use of the product, not the purchase price. Payments are usually referred to as rent. (more…)
Cisco’s SMARTnet technical support service is renowned for its hotline of Cisco engineers ready to help troubleshoot. After all, even IT teams have to call tech support every once in a while, especially when those teams protect complex and critical systems. And the award-winning service lives up to its reputation for slashing downtime.
But to maintain service for all Cisco equipment in use, organizations need to keep a close eye on their contracts and upcoming renewals to ensure there are no gaps in coverage. And too often, renewals become a challenge for many organizations. Many companies hold between 10 and 15 SMARTnet contracts for various Cisco devices. And with so many contracts, businesses struggle to keep track of important expiration dates, terms, and conditions.
No IT team wants to find out their SMARTnet contract has unexpectedly lapsed while on the phone with Cisco to get a system back up. But due to lack of contract visibility, organizations sometimes falsely assume their business-critical devices are secured by SMARTnet. Due to unpaid renewals or missing agreements, devices can slip through the cracks, risking downtime and other damaging network issues.
Just as harmful, many organizations continue to pay SMARTnet subscriptions for out-of-date or unused devices due to knee-jerk renewals on forgotten contracts. And as organizations grow and add more Cisco services and devices, the complexities associated with managing new subscriptions will only escalate.
For organizations seeking greater visibility into their SMARTnet services, here are four easy tips to regain control over contracts. (more…)
Late last year, Richard Smith, GM at Microsoft Worldwide Licensing & Pricing, revealed it would be introducing a “next-generation approach to commercial licensing” to provide customers a more flexible and simplified purchasing experience across all solutions. Dubbed by Microsoft as Next Generation of Volume Licensing (NGVL) or transformation of volume licensing, the initiative takes a multi-phased approach, which began and will continue to be driven by feedback from the different licensing communities–partners, customers, and Microsoft field.
NGVL then entered the pilot phase, for which SHI was proud to be one of the handful of participating partners across the globe. On Dec. 1, 2013 the initiative reached its current phase, a controlled, but broader, launch. This current phase is not the final product. We will likely see the transformation continue for some time to come.
Today’s offering, the Microsoft Products and Services Agreement (MPSA), is simple but clearly displays the three primary tenets of the transformation. (more…)
Gartner identified 10 strategic technology trends for 2014 at a symposium last fall, including mobile, the Internet of Everything, and cloud technology. As we enter 2014, several megatrends stand out from the rest, shaping the way we do business and accelerating the transformation of IT. It’s important to understand these trends beyond the buzzwords and marketing lingo. The key to preparing for tech’s imminent shift is recognizing the business drivers behind these changes and acknowledging their impact on the future of business.
Here are the megatrends that should be top of mind for IT departments and business owners alike:
Software-defined anything (SDx)
The traditional datacenter landscape has changed forever, leaving infrastructure abstracted and virtualized, delivered as a service. We’re seeing virtualization extend well beyond just computing, with storage and network virtualization quickly becoming the norm for most organizations.
This model holds true regardless of whether the infrastructure resides internally or in the cloud. Dependency on physical hardware is being eliminated as software manages everything, increasing flexibility and agility. As infrastructure becomes highly virtualized and moves toward the private cloud, traditional IT resources need to evolve or risk becoming irrelevant.
As businesses begin to consume infrastructure as a service, the skills required to architect and support these environments must evolve as well. Once infrastructure is fully abstracted and optimized, organizations can shift their focus to developing applications to support business outcomes. (more…)