Nothing to fear from GDPR?

Over the past 2 weeks, I have been undertaking a wide range of customer activities based around GDPR. Here at Select Technology we have held a GDPR Breakfast Briefing, a Webinar and numerous face-to-face workshops with our customer base, all offered free of charge.

We have done this for many reasons, sure, there is the potential for income based on enhanced services to help customers prepare for the GDPR (something we should all be honest and transparent about,) however our main reason for these activities is to deliver one overriding message;

Don’t Panic!

My view of the GDPR opposes a lot of the alarmist nonsense that has been propagated by many organisations looking exploit fear and doubt in the mind of potential customer, in the hope of scaring them in buying.


The GDPR is genuinely nothing to be scared of. It is, in fact, a great opportunity to develop a framework to fix the things we all know are wrong with our businesses.

At the core of the GDPR is a single concept, Accountability, NOT compliance. Compliance will come but it will be because of this accountability. Accountability based on good process.

We all have those things we don’t like about the way we do business. No one seems to know where they come from but they have somehow become issues that many of us think are just too difficult to address.

Whether it is the pile of boxes full of unindexed files in the corner (that keeps growing!) The shared drive that continues to swell despite being only 5% business documentation and 95% pictures of a cat you think belonged to someone who left in 2009. Or that part of that process, you know that one. It’s too hard, so we just don’t bother with it.

This is where the GDPR comes in.

The path to the GDPR drives us to look at processes within our businesses and think about the impact they have on what we do, the information we manage and how to recognise and mitigate process failure. So, if you need the motivation to address the pile of boxes or the cat pictures, GDPR gives us just that. It represents a rare opportunity for us all to align our entire business and work toward a common cause (and we all know how hard that can be!)

The technology exists to make any journey to the GDPR simple, straightforward and logical. The only thing most organisations lack is the will and enthusiasm to embrace that technology and begin that journey.

Good process, the right technology and an open mind transforms GDPR from the scary legislative minefield you may have been told it is into the most powerful, collective workplace transformation opportunity in a decade. I for one intend to embrace it and help as many customers as I can do the same.

Written by Marcus Naris, Sales Manager at Select Technology – Marcus is a former pre-sales Solutions Specialist at Microsoft and is passionate about helping customers understand that there is usually a better way of doing things, and that change in all its forms, should be embraced.

How to catch a Phish

With the media attention Cyber Crime has been given over the past 12 months it is clear that the risks are increasing all the time. According to IBM, Cyber Crime is now worth an estimated $450 Billion per year and more worrying is that it’s not showing any signs of slowing down.

There are many forms of Cyber Crime, which require a technical based response; you will be told that you need stronger passwords, better perimeter IT security, additional security software, regular security reviews, email cleansing services, anti-virus and anti-malware software etc.

But no matter how much technology you have or how good it is, there is one form of Cyber Crime that targets the human element of your systems and that’s Phishing.

So what is phishing? Phishing is a fraudulent act whereby emails are sent to individuals posing as reputable companies or as people known to you in your organisation to gather personal information from you such as passwords, credit card numbers or even requesting money transfers to companies you would normally deal with. More recently Phishing emails have been used as a delivery method Ransomware further increasing the security and business risk.

Over the past decade, phishing attacks have evolved to become highly sophisticated making it challenging for even the most well informed of people to spot them especially if the emails are in context e.g. you are already banking with HSBC, you have just bought something using PayPal, your trusty IT people advise of a password change etc.

The success of these kind of attacks has increased over the last few years as more and more of us use modern communication techniques.

You may be thinking, “What can we do about it?” Well, education through a process of continual testing and training is key. By monitoring and measuring staff behaviour and response to artificial phishing emails, we can track their actions and determine the degree of risk and the right level of education based on their behaviour.

So how does it work?  After an initial bench mark of Phishing results from the first Phishing test, the programme will then run continuously typically monthly in a continuous cycle through- testing, reporting and education… Over time, awareness and education will improve and this naturally reduces company risk.

By combining technology, alongside user awareness and education programmes, the chances of a successful Phishing attempts can be drastically reduced.

If you’re interested in finding out more our friendly sales and technical teams are more than happy to discuss our approach with you.

Written by Chris Malyon  Chris joined Select Technology in 2011 as 3rd line engineer and is now responsible for all Service Delivery. He has a talent to grasp new concepts quickly and masters technical detail.

Cloud Agility Vs On-Prem Deadweight

“Why should we move our IT infrastructure to a cloud based model, when we can purchase on-premise physical hardware and not have to worry about it again for the lifecycle of the equipment?” – a question our consultants in the Professional Services Team are often asked by Clients.

In our minds, the answer is “Why wouldn’t you?”.

Traditionally, IT infrastructure hardware (physical servers, networking equipment, etc.) has been considered to be a necessary burden that is accounted for as a CapEx purchase made only when absolutely necessary, i.e. when the assets have been “sweated” for the highest return on the investment possible, or when they have ceased functioning as required (or even at all).

When taking total cost of ownership into account, factoring in “hidden” costs directly attributable to on-prem environments (examples of such being power, cooling, hardware warranties, downtime for patching and routine maintenance, etc.), a very different picture emerges regarding the size of the investment.

Physical infrastructure also increases a reliance on a geographical location, reducing mobility and impacting resilience and reliability at a time when patterns of work are evolving to allow users to work anywhere, anytime, on anything. A key variable in improving work/life balance, and increasing productivity and job satisfaction.

The migration to a Cloud based infrastructure, charged on a rolling/usage basis, is a big step to take in the short term, but a highly rewarding one if implemented correctly. Whilst some may see the increase in monthly overheads as undesirable, when considering the TCO considerations mentioned above the impact is significantly lessened. Indeed, a key point that is often overlooked in comparisons between Cloud Vs On-prem is capacity planning. When designing a physical infrastructure refresh, the highest expected load over the entire lifecycle (possible up to five years) must be accommodated. Therefore, every second a piece of physical infrastructure is running at less than peak utilisation, it is incurring additional cost to the business rather than adding value to it. Predicting capacity requirements with any degree of accuracy over a timescale of 3-5 years is a challenge in itself.

Consider the alternative… planning for the lowest usage, and scaling up as and when required, and back down when demand has reduced. Only paying for what you actually use, rather than what you could potentially use. In businesses that require development and test environments, not having expensive equipment lying dormant and depreciating when not in use, and simply creating entire development architectures when required (and shutting it all down when no longer needed). The ability to be truly agile as a business, with happier, more productive, staff that are no longer constrained by geography. Enjoying the peace of mind inherent in knowing that your critical business systems and data are protected by the highest levels of resilience, redundancy and security, rather than in a room (or even cupboard) in the same building as your users.

The benefits of a business strategy based on the ‘Digital Transformation’ mindset cannot be overestimated, and provide a paradigm shift in Clients business processes and goals.

Viewing IT as an operational expense (that acts as a business enabler), rather than a capital expense (that increases drag and reduces agility), results in the question posed at the beginning of this post rapidly transforming from “Why should we…” to “When can we…”.

Written by Scott Relf With a background in Operations Management, Scott has applied his expertise to our Services and Service Desk functions since joining in 2014. He now leads our Project Consultants as they provide specialist implementation services.

The IT Service Value Paradox

How not calling your IT Support Company is actually better value for your business

Having spent the last 10 years working in the IT Services sector, I have seen first-hand the transformation of the Managed Services Provider or the MSP as we are commonly known.

Back in the early 2000’s, IT Support was very much based around maintenance contracts with a break/fix approach.  Customer satisfaction was largely based on how quickly an IT company could respond and fix a reactive issue and these reactive issues were simply billed in time and materials.  Looking back, this was quite a negative service because the IT Company benefited from the clients misfortune and with no commitment very little incentive to be preventative.  Something had to change.

A few years later we saw the emergence of the Managed Service Provider (MSP) and the Service proposition became very different.  Managed Services are typically designed around delivering a fully unlimited managed service for an all-inclusive fee.  This became desirable to clients because for a simple flat fee everything was taken care of and it was easy to budget for too.  This “all you can eat” model changed the dynamics of IT Service Delivery because no longer did the MSP make money from the clients misfortune (like in the break/fix model), but now with an “unlimited service”, downtime became mutually painful for both parties, after all, the risks were now mutual.

This change in dynamic was the catalyst which forced MSP’s to re-think their proposition and this led to a need for the service to be more proactive which has defined the modern day MSP.  MSP’s had to get more proactive thus reducing risk for both themselves and the client with added benefit of becoming more efficient, reducing risk and increasing service quality.  This led to the introduction of more intelligent IT tools which could monitor infrastructure so small issues could be detected mitigating the risk of a major outage.  The trouble is, even though the monitoring software may well prevent a bigger issue emerging later, if you weren’t expecting an alert from the monitoring software, this is still by definition ‘reactive’ time.

So fast forward to today and where are we?  The Managed Services model continues to evolve and while new ingredients are added to the MSP services, the same goal is always there – to increase the quality of service and also the efficiency.

MSP’s are having to keep innovating to offer the best service whilst still remaining competitive.  As a result, smaller MSP’s can suffer from a lack of resource and require their techs to “wear multiple hats” which can be the enemy of true proactivity.  As a busy MSP it’s all too easy for tech’s to get pulled into the reactive support vacuum.

But, to be truly proactive, we believe the answer is dedicated delivery areas outside of a reactive support desk.  This very structure allows us to provide a sustainable proactive service to our clients and this key differentiator sets us apart from an average MSP.

We have “Behind the scenes” delivery areas driving efficiency, preventing issues through best practices and processes.  Our best practices are distilled from all the collective technical brilliance across our Senior Techs.  Using this super database, we have scheduled proactive time on our clients infrastructure, leaving no stone unturned and comparing our findings against these best practices.  We meet quarterly with your leaders and discuss your business not just statistics showing that we are delivering the service we said we would.

Although having more delivery areas making up the Service could mean a higher entrance fee, the benefits of being part of this far out weight the costs. Paying less for a reactive service is not going to help your business.

When an MSP becomes truly proactive not only will the client see the benefits through increased reliability and greater productivity while enjoying less reactive tickets and less business risk.

So we can conclude that not calling your IT Company is better value for your business.

Written by Simon Moore, Technical Services Director – With 20 Years’ experience in technical roles, including the investment banking sector, Simon combines and obsession for customer service excellence with a passion for technology. Since joining Select Technology in 2006 he has transformed our services business and now focus his time on the strategic direction and leadership.