True Security Doesn’t Mean Passing a Compliance Audit

Keeping company IT resources secure is a critical goal. Meeting compliance standards supports that effort, but achieving compliance isn’t the same as achieving security.

Compliance vs. Security

Compliance is about taking the steps necessary to satisfy regulatory scrutiny. Typically, a business will need to meet a compliance standard based on its industry or the nature of the data it collects. The standards provide a checklist of measures that need to be implemented in order to be in compliance.

Security, on the other hand, is about taking steps to reduce the risks faced by business IT resources. This usually requires going beyond the baseline measures needed for compliance. There are a few reasons for this:

  • compliance is not nuanced. Compliance means you’ve done or not done a particular security task. Whether the way the task was completed actually increases security isn’t important. For example, compliance often requires annually training employees with respect to secure computing. There are many ways to meet that requirement, and not all of them effectively educate employees and result in increased security.
  • compliance is not current. Compliance requirements don’t keep pace with the threats. By nature, they require a lengthy review process. In the meantime, technology is changing and bad actors are discovering new ways of doing damage. Meeting last year’s compliance policy doesn’t protect you against today’s threats.
  • compliance emphasizes the wrong risks. The requirements listed in a compliance document don’t always match up to the most important risks the business faces. To ensure the company’s systems are safe requires addressing the actual threats, not just the items emphasized in a compliance standard.

Security Counts

You may need to check off the boxes on a compliance questionnaire, but achieving security means going beyond that minimum. Businesses need to identify the real risks they face and focus their efforts on addressing those, not deciding “job well done” because they’ve passed an audit. You need to develop policies and processes that provide real security, and implement control that match the level of risk on an application-by-application basis.

This requires keeping up with current trends in threats, making sure necessary patches are deployed, giving users meaningful testing, and integrating technology that effectively detects and blocks intruders, even when it’s not required by any compliance standard. Complete security requires addressing risks in your network, on devices, in your applications, in your data, and in your users.

Security is harder than compliance, because it relies on your own understanding evaluate risks and your own assessment of what steps you need to take to protect yourself. CCS Technology can help you develop and implement a security solution that offers true protection. Contact us to learn how to move beyond compliance and effectively protect your critical IT resources.

Additional Security Resources

Discover the Dangers of the Dark Web

Create An Information Security Culture to Protect Your Data

6 Ways to Keep Your Cloud Secure

Cloud Migration Requires a New Monitoring Strategy

Most businesses have a multi-cloud, hybrid IT environment. Whether according to a strategic plan, the result of individual department IT decisions, or shadow IT usage by their employees, they are using more than one cloud provider. In addition, they continue to have on-premises IT resources. This complex environment makes monitoring complex, as well. In many cases, businesses should build out a new monitoring solution more capable of monitoring their mix of technologies.

The Challenges of Monitoring Hybrid and Multi-Cloud Environments

The mixed environments businesses are supporting today are difficult to monitor. Every provider has their own tool that provides metrics for that environment only; there are also likely multiple tools monitoring resources within the data center. Yet despite the many tools collecting data, it’s difficult to obtain an overall, consolidated view of status. That lack of insight makes providing support and investigating issues challenging.

Cloud vendor’s monitoring tools may lack data to help the business assess the effectiveness of its cloud migration. Performance metrics may be collected or presented differently than metrics were in the data center, making it impossible to effectively compare performance across environments. The tools may also make it hard to understand utilization, and can lack historical data needed for analytics. Finally, the tools don’t effectively capture the user experience, as the user’s access to a business service may depend on multiple technologies that are deployed in multiple locations.

Another important concern is that simply knowing what needs to be monitored is difficult. The dynamic nature of cloud means services are continually being added and removed. Besides making it easy to overlook an important component, the steady change makes it harder to compare metrics over time, as they’re never looking at exactly the same thing.

Learn more in 5 Cloud Migration Mistakes to Avoid.

Build Monitoring into Your Migration Plan

Because of these challenges, succeeding at cloud can’t rely solely on the cloud provider’s monitoring tool; you also can’t rely on operations staff to monitor multiple dashboards for each cloud environment.

Instead, businesses will need to be proactive and plan for a new approach to monitoring as part of the migration planning. This will typically require evaluating various tools available that pull together data from multiple clouds, or even implementing your own tool to create a consolidated view customized to meet your needs. Making sure the selected or built tool captures the necessary data requires spending time to identify the metrics that matter most to your business. Gathering the data must be automated for the tool to be successful.

Creating an effective monitoring strategy is just one of the challenges of planning a cloud migration. Contact CCS Technology Group to learn how our cloud services help you succeed with your migration and ongoing cloud usage.

Functionality and Usability: A Perfect Pairing for User Adoption

For growing businesses, an ERP decision is a hefty, stressful decision. As a decision maker, you already know you can’t please everyone—especially when looking at a software as broadly used as ERP currently is. From gaining value to recouping costs, there are two factors that need to be well balanced to ensure users adopt and embrace a project.

As we begin to wrap up our series on the realizations you may have when outgrowing entry level accounting software like QuickBooks, we would today like to turn our attention to two critical factors in getting users to embrace a new software—functionality and usability.

One of the many considerations you need to make as you vet and select your ERP vendor and partner, the ability to deliver these two criteria may be one of the most important.

Catch up with our accounting to ERP series by reading our latest postsThe Hassles of Using Desktop Software in a Socially Distanced BusinessNever Let a QuickBooks File Size Hold You Back: Grow with Confidence in the Cloud, and Are QuickBooks Workarounds Putting Your Business at Risk?

Are You Getting the Most of Your Software?

For many businesses, QuickBooks delivered both of these in the early days. One of the easiest to use platforms, this software was built for the early stage, low-user business who just needed the basics. The file size maximum once felt like an unreachable ceiling. The processing power was enough, and it did basic accounting tasks easily. Familiar and functional, there’s no denying that it made life easy for millions of businesses just starting out.

But times have changed. That once-unreachable file size? You passed the limit years ago. Now It either puts you at massive risk of corruption or slows you down. The processing power? It was great for 5 users. The basic accounting tasks? Still does those—just a lot slower. But for many growing businesses, this isn’t enough. It’s still just as easy to use as ever, if you’re willing to put up with slowdowns, happy with disconnected processes, and content with lackluster information.

Why Both Functionality and Usability Matter

Though QuickBooks does provide the usability, you’ve long since outgrown the functionality. This leaves you at a crossroads en route to new ERP, and finding a solution that’s not only easy to use but able to deliver matters.

However, this does present a challenge—finding a usable software. Though nearly every solution available provides a wealth of features, ERP is a complicated beast, and has historically been known for having a steep learning curve. That’s why it pays to find a solution that delivers both a comprehensive product and a flattened learning curve.

The best software in the world won’t do much for you if no one’s using it. The easiest software can’t help you if it doesn’t do anything you need. More often than not, if a product lacks one of these two factors, it’s likely to be ignored—leading to very expensive shelfware.

Nucleus ERP Value Matrix Looks to Guide Leaders to Functional, Usable ERP

Luckily, a recent analyst report from Nucleus sets out to help decision makers focus their software choices by striking a balance between functionality and usability.  Analysts note,

“The race to the cloud has been reignited as fallout from the COVID-19 pandemic caused an abrupt and permanent spike in the demand for the ability to work remotely. Cloud-native solutions stand to gain the most from this paradigm shift, but vendors with large on-premises deployment bases will have the chance to make good on their own transition roadmaps.”

An annual report on who’s who, the Nucleus Research ERP Technology Value Matrix 2020 lists eight Leaders—including Acumatica—and provides detailed profiles of 23 ERP vendors to enhance your research. Here are just a few things they had to say about Acumatica:

  • The Channel Model Delivers Innovation: “No competition among vendor and partner sales teams for similar customers, allowing Acumatica to focus on product development and customer support.”
  • Easy to Understand from the Start, Ready to Deliver What You Need: “Customers note that the solution’s usability is a differentiator during initial evaluation and implementation, but the software can then scale to handle complex and high-volume data processing as well. New users can be onboarded quickly and collaborate efficiently across departments and geographies.”
  • Still Improving, too: “Since the 2019 Value Matrix, Acumatica has maintained a regular product update pattern, with major releases arriving twice per year.” Nucleus notes that everything from Acumatica’s machine learning initiative to its better integration with even more tools will make life easier for users for years to come.

This report is provided to users free of charge by Acumatica, and will also discuss the following:

  • Nucleus Research’s rationale for categorizing 23 ERP vendors as Leaders, Facilitators, Experts, or Core Providers.
  • Why even long and costly cloud migrations may be essential for your company’s survival.
  • Which vendors are making significant product investments to deliver more value.
  • Why customers believe Acumatica delivers value by providing an ideal balance of usability and scalability.
  • The biggest benefits of Acumatica’s 2019 R2 release.

Click here to read the entire report.

The Right Partner Helps You Go Further: Just Call CCS

When companies move from accounting software to ERP, they are making a big decision that will impact the next decade of operations. If you’re looking for a local partner with the skills and expertise to make your ERP journey a reality, look no further than CCS Technology.

We were founded on the principle that technology should make it easier to run your business, and have spent our time in this industry ensuring our clients realize this.

We invite you to learn more about your journey from entry level to the cloud by reading Seven Signs You Need ERP Software5 Benefits of ERP for Accounting and Financial Management, and How to Improve Efficiency with a New ERP Solution. Read to learn even more? Contact us for a free consultation.

Getting Your House in Order as You Move from Recovery to Operations

The recovery is coming. Slowly but surely, businesses are trying to get back to normal and focusing on a strong year-end and a better 2021. But before you do, it may be time for a bit of self-reflection. Things have been great for so long, you may have gotten a bit complacent, milking growth and living as usual. But the shock to the system provided by the recent pandemic and lockdowns may be a sign that it’s time to think of your next steps.

Following our last article on some of the technological challenges you may run into during the process of phasing in employees and restarting your business, we would today like to explore some of the ways to clear a path for takeoff.

From managing your current financials to planning for a variety of scenarios over the next 3-6 months to exploring ways you can modify your operations to focus on business transformation, smart decisions early on can go a long way in establishing resiliency at your business. Today, we discuss some of the steps you can take to fortify your business against present and future threats.

Take a Deep Look at Your Business

Hard times create or reward strong business models. It’s a lot harder to see gaps in your business when things are going well. With GDP growth more than 4 percent in the past few years, growth just came naturally. But the past few months presented economic adversity for the first time in a while.

Lessons Learned from Two Decades Back

Think back to the dot-com bubble, a time when internet companies could essentially launch a website, prove growth, and have investors beating on their doors. Especially during the ramp-up, no one really looked at how these companies spent their money. But when reality hit, it hit hard.

But take a look at some of the notable companies at the heart of the bubble, many of these companies had good ideas. While there were a lot of questionable ones, there were also a lot of players before the crash that delivered services you don’t think twice about using today. You could just as easily be watching your favorite gamer streaming on pseudo.com, posting hot takes to theGlobe, holding virtual meetings on Radvision, or connecting with suppliers on Traxex, VerticalNet, or PFSweb.

Part of this boom was built on impressions. Rather than focusing efforts on delivering for customers, improving (or even building) the product, or investing in talent, these companies put more effort into hosting lavish parties to announce the launch.

The crash hit and within months, tech companies either ended up folding, getting acquired for pennies on the dollar, or going under the radar for a while to focus on value. It resulted in the move to agile in the space, and set up a lot of case studies for the last decade of tech companies to learn from.

The Same Goes Today

Even if you’re not in the tech space, the lessons from the dot-com bubble still hold true. Smart, future-proof strategies and good business models are timeless. Being able to understand your business, deliver results, and focus on what improves both is critical.

Forging into a Recovery Starts with a Better Understanding

The challenges presented during the lockdowns have probably put stress on your company. Money may be tight, and it may feel like you’re starting all over again. So where do you begin?

Assess Your Business Model

One of the first steps as you push towards a new business model is to look at how everything about your business works together, determining if you need to make any changes in processes. Start with the key performance indicators that define success and tailor your business around improving specific models.

Not sure where to begin? Check out these guides including Key Performance Indicators for Manufacturing and Key Performance Indicators for Distribution. From here, take steps to establish change management metrics. Is a customer segment looking more lucrative in the next few years? Now is the time to make the pivot to serve them.

Ensure the Financials Are Ready for Anything

One of the hardest parts of the recovery process? No one knows the degree or speed of the bounce back. Business owners sound optimistic, but you can’t assume that. Begin by planning around a few recovery models in the second half of the year, running analyses that include acceleration, slowdowns, and consistent revenue flows.

Depending on how things look at your business, this is also the time to look at funding options. Maybe this includes renegotiating credit agreements, seeking new funding or credit, or finding grants.

Take a Look at Your Revenue Model

Paired with the aforementioned business model analysis, you may also want to look at the way your goods and services are sold and offered. Is there a way to make the money go further? Would a change in pricing model help you spur your recovery? These and other approaches need to be aligned with your business goals and put you in a position to achieve them.

Consider a Technological Update

Whether it’s measuring KPIs, planning and analysis built on a variety of scenarios, or understanding what’s working at your business, the right technology can go a long way in taking you there. Not only does it deliver more powerful analysis, it’s also a switch that might be easier now. People have already spent the last few months changing the way they work around the business, so why not offer a change that will help them do more?

Learn More: Five Companies Who Kept Their Business Running Smoothly

Despite the move from lockdown to reality looking less like flipping the switch and more like accelerating, resilient businesses who turned to the cloud either before or during the lockdown have been reaping the rewards. A recent Acumatica blog discussed how some of the companies who did embrace the cloud made it work.

Ready to learn more about empowering your employees no matter where they stand? Read How 5 Acumatica Customers Keep Business Running Smoothly from Anywhere, download the free IDC report discussing how the cloud enables business resiliency, and contact us for more information.

Gaining Momentum before the Recovery: Preparing for a Safe Return to Work

The last few months have been, for lack of a better term, a wild ride. This isn’t to discount the challenges that you, your family, your employees, and your business have faced, but when you look at things like the stock market, retail spending, and confidence reports, there is optimism for the post-lockdown world. But you didn’t get this far in your career through blind faith in macroeconomic trends or surveys. You know that success is built on pragmatism, planning, and performance.

Your Journey Back to Business as “Usual”

Understandably, the same goes for your business’s recovery plan. There are many steps you’ll need to take to combine planning with action, optimism with caution, and the safety of your workers with the sustainability of your business.

Rather than thinking about the speed with which you get back to full capacity, you need to think about the steps involved and explore how to efficiently take such steps. Can you afford to take the step today or will you have to wait another month? Can you readjust your office to fit ten more people, or will that put them at risk? Should you go so far as to change your business model, pricing strategy, or vendor relationships? All valuable questions you need to ask.

That said, there’s not exactly a lot of time to ask them. Lockdowns could have lasted for months longer than they did, which would have put you in a different position than you are today. But with even slow-to-recover states jumping on board with the recovery, it’s safe to assume that you can start opening your doors to a few more employees, customers, and dollars.

So, as phases go from two to three or three to four, how can you build up your momentum while keeping a wary eye on your business to avoid any backsliding? Today, we explore a few tips for making that a reality.

Technical Challenges That May Emerge During Phased Reentry

The last thing anyone needs right now is a second lockdown. With articles coming out predicting that to be the case, your number one priority should be to avoid letting your workplace become ground zero for a new outbreak. From cleaning to distancing, you will need to take steps to prevent this.

This starts with the adoption of new practices focused on a combination of cleaning (removes dirt and germs), disinfecting (kills the germs), and sanitizing (lowers the number of germs). Develop a regimen that involves each. Learn more about some of the practices from the CDC.

Whether it’s a change in work schedule, a new floor plan, or temporary closure of common areas, communicate with your staff how their lives will change. No more water cooler (literally or figuratively), no more coffeepot, and maybe even a reimagined break process.

Technical Challenge: Hybrid Work-From-Home and a Single Source of Truth

The most likely scenario will be a phased recovery plan that allows for some employees to work from the office and others to work from home. In turn, for those companies using desktop software or who relied on limited access to software over the last few months may face challenges when half the office is back at the office. This may result in delayed decisions or slower processing—as those at the office have the instantaneous processing and those still at home might be minutes (or more) behind.

Technical Challenge: Easier to Call in Sick—But What About the Hardware?

When the first symptom is a dry cough, it’s better to be cautious. Luckily, we’ve gotten accustomed to working from home, so for most businesses, it’s okay to be overly cautious and allow sick days. Ensure you’ve communicated explicitly about how employees should report to human resources if they become sick or start experiencing any symptoms.

Unfortunately, for those legacy companies who had to buy new laptops or take hardware home to access on-premises software, this makes for a challenging time. Employees probably had to bring back the devices they used—and now those whose cough might have simply been the result of cold are left out of the loop. Luckily, for those companies in the cloud, it’s simply log in and go.

Learn More: Five Companies Who Kept Their Business Running Smoothly

Despite the move from lockdown to reality looking less like flipping the switch and more like accelerating, resilient businesses who turned to the cloud either before or during the lockdown have been reaping the rewards. A recent Acumatica blog discussed how some of the companies who did embrace the cloud made it work.

For example, C&O Nursery improved customer relationships without missing a beat.

“Before, if we were out in the field and a grower said, ‘By the way, do we have XYZ variety?’, we would call into the office. Now that we’re cloud based, we can actually log in, look at our inventory, and answer that person within about three minutes with an accurate answer,” says CEO and President Todd Snyder in the company’s customer success story.

Ready to learn more about empowering your employees no matter where they stand? Read How 5 Acumatica Customers Keep Business Running Smoothly from Anywhere, download the free IDC report discussing how the cloud enables business resiliency, and contact us for more information.

Additional Acumatica Resources

What is the Total Economic Impact of Your ERP?

ERP Evaluation Checklist: 5 Important Things to Consider

Why Every IT Executive Needs Cloud ERP Software

Summer Storms Shouldn’t Take Down Your Servers

Summer means power outages. That can mean a data center outage; but it shouldn’t. All businesses should have appropriate disaster recovery plans to keep them functioning through power outages and other incidents that take down systems.

A disaster recovery plan includes the steps needed to bring information systems back online, but it isn’t just a copy of the daily runbook. The plan needs to document:

  • Inventory of systems affected. Both hardware and software resources should be identified.
  • Risk assessment and prioritization. Some systems can have downtime without major impact on the business; others serve critical business functions and need minimal downtime. Analysis should rate each system’s level of risk and its importance to the business.
  • Recovery objectives. “As soon as possible” is not specific enough guidance for the IT team. In order to appropriately design a recovery procedure, the business should define a recovery time objective (RTO) and recovery point objective (RPO) for each application. These numbers tell the IT team how long an application can be down and how much data the business can afford to lose. With those numbers in mind, the technology team can implement high availability and backup solutions appropriate to the business needs. Without those numbers, IT has no choice but to overspend and provide high availability to all applications or underspend and fail to provide applications the support they need.
  • Recovery procedures. Because teams shouldn’t need to scramble to figure out what to do in the middle of a crisis, the plan should include specific details of the recovery process. It’s particularly vital to include dependencies to ensure systems are brought up in the appropriate sequence. Also critical is documenting the process to check out the restored servers and verify that they’re up and operational with the correct data.
  • Recovery personnel. Include a list of key contacts and their backups. Also document responsibilities, including who has the all-important authority to invoke the recovery plan.
  • Fallback process. Recovery may include bringing systems up at another location; eventually, they need to be restored to the normal production servers. In many ways, this process is the same as the recovery process, just to a different set of machines, but any special considerations should be noted.
  • Impacts on business processes. It’s possible that some recovery procedures will change the way the business needs to perform certain operations. For instance, you may opt not to have secondary servers for a low-priority process and to switch to a manual process in case of failure.

Once the recovery plan is developed, it needs to be tested to ensure that it works. It’s surprising how easy it is to leave important systems and important steps out of the plan! Only testing can provide the reassurance that the plan will be effective. Tests can be as simple as a tabletop read-through, but full-scale disaster simulations that execute the documented processes are the most robust way to test a disaster recovery plan.

Finally, the plan needs to be kept up to date to reflect changes in IT resources and business processes. It’s a good idea to update the plan as part of your change management process whenever a new system or device is deployed in production. Annual reviews, coordinated with an annual test, are also effective.

For more guidance on developing an effective disaster recovery strategy, contact CCS Technology Group.

Additional Disaster Recovery Resources

5 Disaster Recovery Disasters to Avoid

Make Sure Your Disaster Recovery Plan Isn’t Just Words on Paper

Craft An Effective Disaster Recovery Plan

Searching the Dark Web Should be Part of Your Information Security Strategy

Peering into dark corners can be scary, especially when it’s the dark corners of the web. If you’re concerned about whether company data has been exposed on the dark web, you have to go looking for it, but you need to do it carefully. There won’t be blinking signs lighting the way to your stolen info, and if you aren’t careful, you can even draw unwanted attention. Nevertheless, there’s more risk in ignoring the shadows than in checking to see what they’re hiding. Here are some things to keep in mind:

Checking the dark web lets you know if you’ve been victimized

Every business is vulnerable to attack, but it isn’t always obvious that an attack was successful. Because hackers often post stolen data on the dark web, finding it there confirms that you’ve been attacked and lets you know what sensitive data was taken. You can then focus your security efforts to change those stolen passwords and increase security where you were vulnerable. While some of that new security is reactive, knowing what’s on the dark web can identify new threats and let you be proactive in adding security measures, too.

It isn’t easy to find your data

There’s all kinds of stolen data available on the dark web, but it isn’t easy to access or to identify where it came from. In addition, there may be data about your business on the dark web that wasn’t stolen but can still make you more vulnerable to attack. Some data on the dark web may even be completely innocuous. You can easily waste a lot of time trying to find data and then figure out whether what you found is significant.

You can make yourself more vulnerable when you explore the dark web

The queries you do when you search the dark web can leave a trail the bad guys can analyze to learn more about your IT resources. It’s important to be smart about exploring the dark web to make sure you learn more than you reveal.

What are the kinds of things you should look for on the dark web? You’ll want to search for data that reveals the inner workings of your business, plus sensitive information about customers. This includes data about your executives, including their personal information and information about their activity outside of work. Customer data, including personal data and account information, is also online. In addition to data about people, there may be data about systems, including helpful hints on how to set up fraudulent accounts or bypass security measures.

You may want to look for more than lists including name, address, account number; there’s code on the dark web, so it’s worth looking for proprietary source code along with other intellectual property.

Protect Your Business With CCS Technology Group

Protecting your business requires knowing what data has made its way onto the dark web. CCS Technology Group’s dark web scan provides a safe way to peer into dangerous places on the web and gather the insights you need to protect yourself from further damage. Contact us to learn more about why exploring the dark web should be part of your cybersecurity strategy.

Additional Dark Web Resources

Is the Dark Web All Bad?

Discover the Dangers of the Dark Web

What is the Dark Web and Why Should We Care?

Decision Maker’s Guide to Vetting and Selecting an ERP Solution

Following our articles discussing the challenges that growing businesses face when using desktop accounting software when they should be embracing ERP, we would today like to explore a few tips to make the selection and decision process easier.

Catch up with our accounting to ERP series by reading our latest posts: The Hassles of Using Desktop Software in a Socially Distanced Business, Never Let a QuickBooks File Size Hold You Back: Grow with Confidence in the Cloud, and Are QuickBooks Workarounds Putting Your Business at Risk?

It Starts with Getting Users on Board

Getting from accounting software to ERP is rarely an easy task. Your people are used to a specific operating environment. The workarounds that we mentioned in our last blog have become a way of life. Your employees, who may be resistant to change, will say that the hiccups and hassles are just ‘quirks’.

However, this is a challenge you can overcome. Getting users on board starts with talking to them about their opinions and thoughts on how to better the current processes. Find out what the pain points are from each department that uses the current accounting software, evaluate which software and users would be brought into a larger ERP solution, and ask how you can help.

This will help you to not only drive the point home that there are better solutions out there, but will also inform your decision.

Use the Pain Points as a Guideline

With so many solutions available to you, the number of options available to you may seem overwhelming. This is even harder for companies who haven’t gone about a move from single-focused products to comprehensive solutions. It may feel like every product is better, but few are perfect.

Some solutions are better tailored to your processes than others, some have a flatter learning curve, and others deliver more customization and configuration. With user critiques in mind, you have a reasonably nebulous picture of your needs, and can generally piece together a dozen options.

Take Advice

ERP is a big market and in turn has spawned its own cottage industry of analysts and review sites whose goal is to help you understand your move. These companies are built on their word, and take steps to minimize bias, vet reviews, and take their own approach to evaluating solutions.

In jour journey from accounting software to ERP, you’re going to want to take the advice of the analyst reports and reviews to understand metrics for evaluation, reasons behind the decision, and recommendations from those who are in the know.

Analyst Reports

In the same manner that software vendors compete for customers, analyst firms need to provide value for those who pay to commission or reproduce the report. Often, this means that each analyst firm will take a unique approach to the way they look at software using clearly defined metrics to create an apples to apples comparison. Additionally, these reports often discuss broader market trends that can be used to understand which platform fits into their criteria.

Here are just a couple examples:

  • IDC MarketScape Reports: Compares vendors on their capabilities and strategies to determine which vendors are leaders, major players, contenders, and participants. Their recent report, Worldwide SaaS and Cloud-Enabled Operational ERP Applications 2019 Vendor Assessment, evaluated 14 firms and provided in-depth analysis of each. Read more about this report here.
  • ERP Technology Value Matrix: Written to evaluate vendors on two criteria (usability and functionality), the ERP Value Matrix explains how easy it is to get up and running with a solution and how much it delivers. Written by Nucleus Research, this can help you understand whether the software has a steep learning curve and whether or not it makes your job easier. Read more about this report here.
  • Gartner Magic Quadrant: A report on the health and future of the ERP vendors you’re evaluating, this takes a broader view of the companies themselves, looking 15 criteria to determine a company’s ability to execute and completeness of vision. Get to know more about the latest Gartner Magic Quadrant here.

User Reviews

Though your processes may be unique in total, it’s likely that each process has been tackled by a system before. With thousands of companies having used each of the solutions you’re looking at, it shouldn’t be hard to see if a solution has been configured to the way you work. This is where user reviews come in.

User reviews are vetted for accuracy and honesty, often discussing the company’s journey to the solution and aftereffects of installing. Here are just a few places to look:

Bonus: Analysis Based on User Sentiment

One analyst firm went further, consolidating user reviews to create an emotional footprint, exploring how well a company delivers on user expectation. The Info-Tech Enterprise Resource Planning Emotional Footprint Report provides a comprehensive evaluation of popular products in the Enterprise Resource Planning market. This buyer’s guide is designed to help prospective purchasers make better decisions by leveraging the experiences of real users. Learn more about this report and download it here.

Test the Solution

Given that most ERPs do most basic business processes equally well, the important functionality differentiators are at the fringes – those functions and needs that pertain to your industry and your specific business. But the best way to see what this means is to get in the weeds.

Separate out and review the systems that have a solution for your industry. There are a number of software selection services and websites available that can help you whittle your list of candidate systems down from hundreds to a manageable handful. Your goal at this stage is to identify your “short list” of no more than 3 to 5 candidate systems that fit your needs. You should be able to do that in your review of the systems targeted at your industry.

After cutting down your list, begin to explore product demos. Discuss with your vendor and potential partner the things you want to see in a demo including the most important functions so that anyone who might use a product can see it in real time. You’re in control here, so ensure that before the demonstrator leaves, they show you everything you need to see.

Seek out a Partner

If you’ve made it this far, there’s one more decision to make—who’s going to help you get up and running. Though many ERP vendors offer internal implementation teams, these are rarely the top-tier partners for your business.

The implementation partner industry is built on personalization, local service, and customer focus. As they have dedicated teams to implement and support customers, these partners often make it easier to implement, configure, and tailor your solution than the internal vendor resources. For example, companies like Acumatica rely exclusively on a partner network to do this work, focusing the internal teams on innovation and giving you the focus that you can only get from a local partner.

The Right Partner Helps You Go Further: Just Call CCS

When companies move from accounting software to ERP, they are making a big decision that will impact the next decade of operations. The right partner can build, configure, and deliver the solution you need now and in the future, and if you’re looking for a local partner with the skills and expertise to make your ERP journey a reality, look no further than CCS Technology.

We were founded on the principle that technology should make it easier to run your business, and have spent our time in this industry ensuring our clients realize this.

We invite you to learn more about your journey from entry level to the cloud by reading Seven Signs You Need ERP Software5 Benefits of ERP for Accounting and Financial Management, and How to Improve Efficiency with a New ERP Solution. Read to learn even more? Contact us for a free consultation.

Avoiding an Implementation Plot Twist: Beware the ERP Predator

Whether you have kids or just enjoy movies from Disney and Pixar (don’t lie), you’ve probably seen a trend in their story writing over the last decade, the twist villain. The twist villain (surprise antagonist) trope exists when a character is expected to aid the heroes, only to show their true face later in the movie. From Charles Muntz in the movie Up to Hans in Frozen or Lotso in Toy Story 3, these characters were made to subvert expectations.

A well-executed twist villain delivers an exciting surprise for viewers. A poorly executed one was either far-too-obvious, weakly written, or both.

“That’s great and all,” you may be telling yourself, “but what does this have to do with IT services or ERP implementations?” A lot more than you think. ERP implementations are already risky, stress-filled, and costly enough when everything goes smoothly. But now, imagine that the company you trusted to improve your business starts to hit you with surprises, predatory practices, and traps that you weren’t prepared for.

Analyst Report Asks: Partner or Predator?

While this is great for a movie villain, it’s not so great when your ERP vendor or partner—companies you intend to work with for the better part of a decade—flip the script. If your goal is to avoid surprises, you need to be able to tell who’s looking out for your best interests before you even reach Act I.

Luckily, a recent report from Techventive, Inc. set out to show you some of the best and worst practices that potential technology partners may practice so that you can enjoy a plot twist-free ERP project.

Cultural Fit: An Often-Overlooked Factor in ERP Decisions

When you’re looking at ERP, you have a lot of questions to ask. Does the software do what it’s supposed to? Is it easy to learn? Does the vendor put a lot of effort into improving the software? Is it going to help us remain compliant? You might even look at the history and financial stability of the company to know whether they will be around.

Unfortunately, many overlook how a company acts towards its customers, developers, and channel, leaving decision makers blindsided and projects in limbo.

The Face of a Predator

Like the twist villain, the true face never shows until later in the story. In Toy Story 3, Lotso was simply a soft and soft-spoken bear who managed the toys at the daycare—until the truth was revealed that he had a dictatorial rule over the toys. Much like his backstory, your vendor may appear friendly, but deeply rooted in the company culture is a dark truth.

Techventive notes that you should look at the following four areas and ask whether the following are true:

  • Pricing Problems: Is the vendor reluctant to discuss prices until late in the buying cycle? Are the prices only available after signing a non-disclosure agreement? Have customers reported that these prices change frequently—either in the form of insane discounts during the first year, price increases that exceed business growth, or pricing that never seems to come down even if it should?
  • Usage Audit Aggressiveness: Does your vendor aggressively audit its customers’ usage? Many do—and it’s not to protect themselves. In fact, one of the largest vendors has a separate sales unit whose only goal is to push additional products when they see infractions.
  • Contract Confusion: Contracts are essential to the purchase, but not every contract is created equal. Too often, a predatory vendors true colors shine when it’s time to sign—and you’re presented with a hundred-plus page contract rife with ambiguous terms and the right to change their end through unilateral updates.
  • A Legacy of Litigation: Contract lawyers know everything in their contract and put it there for a reason. If a vendor is writing a 100-page contract that is going to change constantly, it exists because of precedent and power. Many clauses were likely added after these companies were sued for their own failures and are used to ensure the same thing doesn’t happen again.

Looking at each of the above factors, how many of these are you going to see during the early phases of your selection process? One? You can look up court filings—if the lawsuit didn’t end up getting settled or dismissed in arbitration. The rest only come up after you’ve put hundreds of hours and thousands of dollars into the selection process.

How to Avoid Becoming Prey

The thing about predators? Their priority is their next meal. These are the kind of companies who want a short-term relationship with your company—but a long-term one with your checkbook. Partners, on the other hand, work hard to prove themselves to you day in and day out.

Whether it’s something as simple as providing transparent pricing in the early stages, writing a service-level agreement that puts customers in control, or has actively built a customer-focused culture, these companies talk the talk and walk the walk.

Acumatica and CCS: Your Partners for the Long Road Ahead

Surprises are great in movies. Conflict is a necessary plot driver, and you pay to see a hero triumph over adversity.

But these are the last things you need in an ERP implementation project. Surprises turn into missed deadlines, cost overruns, and poor performance. Conflict often results in legally binding decisions, and the implementation process itself already gives you enough adversity. An ERP decision is already an exciting time for your firm—you don’t need it to be any more intense than it already is.

If you’re seeking a vendor who walks the walk—and a channel partner who’s committed to delivering on their promises, look no further than Acumatica and CCS Technology Group. When you partner with Acumatica, you know what you’re going to get—it’s enshrined in their Customer Bill of Rights.

When you entrust CCS Technology Group to get you there, you can expect IT support that’s responsive, effective and convenient. After all, technology should make it easier to run your business. We believe in only making promises we can keep, building trust in every interaction, and consistently evolving to better serve you. It’s these core principles that have gotten us here, and these core principles that will help us last for decades to come.

We invite you to download the entire Partner or Predator report here, read about how Acumatica makes good on their promises by reading their Customer Bill of Rights, and get to know about other firms who have made the move.

Contact us to learn more or see a demo of Acumatica.

Two Numbers to Keep in Mind When You Think About Information Security

Any business that still thinks it doesn’t need to invest in information security needs to take a moment and consider two numbers:

  • When a test placed a new server online, it took only 52 seconds before hackers attacked it.
  • The average cost of a data breach in the United States is $8.19 million.

Can you afford to lose more than eight million dollars in under a minute? No matter what your business is, it’s at risk, and protecting networks, data, servers, and other corporate IT resources need to be a priority.

Developing an effective information security strategy is complicated. To get started, focus on critical categories:

1. Credentials

Credentials are the keys to the kingdom, so keeping them safe is priority one. This is both a technological and a human factors problem. You can use technology to require strong passwords, to implement two-factor authentication, to limit privileged access, and to leverage role based accessed controls, among other methods, to ensure that credentials are assigned, protected, and verified. Users need ongoing training in safe computing, to ensure they know how to create and protect passwords, use mobile devices safely, and avoid falling for phishing emails.

2. Data

While some hackers are intent on destruction, most are after data. Make sure data is protected both at rest and in transit through strong encryption. In addition, protect your data from ransomware by implementing a reliable backup and recovery process. You can also consider using tools such as data loss prevention software and cloud access security brokers to stop data from sneaking outside your corporate network.

3. Servers

Servers are most often vulnerable because they’re using out of date software that hasn’t been patched. For security reasons, it’s important to use supported software and to apply all vendor patches as soon as possible after they’re released.

4. Network

The network is where intruders find the front door to your systems. Firewalls and other tools help keep hackers out. Other tools, like data loss prevention software, help keep important data in. Your internal network design is also an important security measure; proper segmentation and use of internal firewalls can keep intruders who make it inside your perimeter from accessing the most sensitive data.

5. Cloud

More and more company IT resources reside outside the corporate walls and in the cloud. Keeping data in the cloud secure requires action by the cloud provider and also by the data owner. Improper cloud configurations can accidentally make data publicly accessible. Consider using a cloud access security broker as an additional control over access to data in the cloud.

Don’t Get Caught Playing Catch-Up With Your IT Security

CCS Technology Group offers information security services to help businesses reduce the potential risks and costs of a data breach. Contact us to learn how we can help you protect your data.