Viewing archives for Technology

Cyber Security is a leadership challenge

These days nearly half of all firms face some kind of Cyber Security attack. The usual response is to insist that it’s the IT team’s problem. In our experience, however, it’s the Board’s responsibility. This short video explains how you can quickly educate yourself about Cyber Security and how Freeman Clarke can help.

Visit our Cyber Security  knowledge centre which includes more content related to this topic.

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How to get Cyber Security on the Board agenda

Cybercrime is a clear and present danger to mid-market companies. Here’s how to get your executive team to make it a priority

You can listen to the other audios in this series here.

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

Business after COVID-19: What will be the new normal?

The COVID-19 pandemic is a historic world event. It is already causing widespread societal and economic change.

Even if lockdowns are relaxed over the coming weeks, we will have to face COVID-19 for many more months.  And new ways to live and work will have become entirely normalised by the time this pandemic is history.

It’s reasonable to ask ourselves what these changes may be and what they will mean to our businesses.

Visit our COVID-19 knowledge centre, which include more content related to this topic.

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How Tech can help your Food & Beverage business grow

The Food & Beverage sector is experiencing a major surge. The best performers are seeing strong demand and solid cash flows – and a real opportunity to scale up significantly in the coming months.

This can be a permanent change. If they do it right, Food & Beverage companies will see a consistent increase in market profile, profits, and company value.

But it won’t stick unless they get their IT right. If your Food & Beverage company is to grow and thrive, you need to improve IT, systems and digital strategies.

In our experience, there are 5 areas to focus on:

  1. Streamline processes.
    Often this means simply ensuring that existing ERP systems are fully exploited:
    a. Reduce time wasted on manual processes like rekeying and tinkering in Excel
    b. Rollout unused or underused features (you may already have paid for!)
    c. Retrain staff to ensure tech is properly used and processes followed
  2. Reduce product wastage – especially for perishables.
    But maintain quality and quick response to retail demand by:
    a. Improving demand forecasting and business intelligence
    b. Enabling intelligent trend analysis
    c. Efficiently controlling inventory, production, and warehousing processes
    d. Utilising AI and machine-learning where practical
  3. Take an agile approach to online direct-to-customer sales.
    Focus on flexibility and foresight:
    a. Look for simple, low-cost entry points, perhaps based on Amazon as well as your own website, with minimal capital outlay
    b. When cost-effective, integrate to ERP system to minimise rekeying and to provide accurate stock availability
    c. Create a roadmap for warehousing and delivery options as the online business grows
  4. Optimise promotions and ramp up marketing.
    Improve promotion ROI and establish brand with:
    a. Wider use of marketing tools like social media and an email database
    b. Better analysis tools to optimise planning, execution and analysis of promotions (investments in retail price reductions)
    c. Improved integration and sharing between tech and marketing
    d. Well-implemented CRM and data-driven marketing systems
  5. Seize new opportunities.
    Keep testing new products and new markets!
    a. Combine new and existing data to identify capacity and market demands
    b. Combine costs and sales forecasts to model ROI

Our Principals are often asked to help scale up companies in the food and beverage sector, they’ve got the commercial and tech experience to help your company grow. If you’d like to know more about what we do, or even if you just have questions about Food & Beverage and IT, get in touch!

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How do I prepare my business for the coronavirus?

As the CEO of a growing business, you likely spend most of your time thinking about your products, customers, and staff, as well as how to keep growth on track.

But soon enough, you may have a new priority –  how to keep your business running when threatened by coronavirus.

We certainly don’t believe that the end of the world is nigh. But we do see a real possibility of disruption due to illness or quarantine. You may have employees looking after sick relatives, or their children’s schools closed to reduce the risk of infection.

(For up-to-date coronavirus information and guidelines, see this link from the Department of Health.)

The good news is that there is a relatively simple way to prepare your business for disruption – home-working, meaning providing your employees with the flexibility and equipment they need to work remotely. Preparing your business and staff for remote work provides a robust means to handle health scares, as well as most other disaster scenarios like power failures, bad weather, strikes, or transport disruptions.

As an example, a long-standing Freeman Clarke client provides a 24/7 business-critical service. They can’t afford an outage, so they have spent a lot of time and money preparing for emergencies, including ensuring they could continue to deliver their service uninterrupted with everyone working from home. They’ve tested it and it works.

Emergencies aside, enabling your staff to work remotely is a great way to attract and retain the best talent. Many businesses employ ‘knowledge workers’ who can function effectively from home or the coffee shop with management, processes, and facilities set up accordingly.

Planning for remote work in the event of coronavirus goes beyond prudence. It’s a step in the right direction for your business.

How to get started

The good news is that even if you’re considering this scenario for the first time, it’s not too late. Our advice is to gather the senior management team and ask two questions:

  1. Which members of your team are critical to the ongoing survival of the business? Also: who can cover a colleague’s job in case they’re not available?
  2. What processes are absolutely critical to running the business? These processes might include taking payments, getting product to your customers, answering customer calls, and so on.

You can then plan out how these critical people and processes could continue to work remotely.
The first focus should be on the people. Ensure all critical team members are properly equipped to work from anywhere. That mean at the very least a mobile phone, a laptop, and probably a VPN (virtual private network).

Then sort out the simple details, like ensuring that everyone has their colleagues’ mobile numbers.

Finally, all your people should be confident with using voice (or video) conferencing so they can organise themselves without needing to be in the same place.

The next task is to review the highlighted critical processes and discuss whether they would work if you and your team were out of the office.

Don’t assume that everything has been digitised! Ask your critical staff to look over what’s currently only in paper files, notebooks, or Post-it notes. All this must be available to them online. Fortunately, these days the tech is inexpensive or even free, products like Trello, Teams, and even Whatsapp can be effective ways to support remote work, including exchanging documents.

Don’t forget documentation such as customer contact details need storing somewhere accessible, as do the tools people use, such as bank number pads for accessing bank accounts.

Cloud-based services excel in these circumstances because all you need is an internet connection. System such as Office365 and online accounting systems such as Xero make planning for a disaster far easier. If your business has a lot of its processes based on servers in the office, this is a great opportunity to kick off a project to migrate to the cloud. Aside from protecting you from emergencies, it will ultimately be cheaper, more secure, and more flexible.

Don’t wait for disaster

You’ll need to invest time and money to make all this happen. Consider it insurance against disaster and an opportunity to make your business better.

We recommend that you immediately organise a senior management team to focus on the questions above. Don’t leave the room until you’ve agreed on the necessary actions, the owners and timescales for completion, and the follow-up. Consider having this meeting by video to get the ball rolling!

Visit our COVID-19 knowledge centre, which include more content related to this topic.

Freeman Clarke regularly helps businesses plan for emergency and growth. If you’d like to talk to us about how to make your technology more robust, feel free to get in touch. We’re always up for a chat.

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

Bitcoin, Blockchain – the Next Big Thing?

Blockchain is yet another new tech that promises to change the business world and, not surprisingly, it’s easy to be cynical about this. But we have to admit that the business world has, many times, been changed by new tech that was initially dismissed by cynics!

So what is Bitcoin? What is Blockchain and why is it important to business? Watch our short video to understand the reality, the potential and the barriers.

Or read this briefing to see how you can position your business to take advantage?

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use technology to beat their competition. Contact Us and we’ll be in touch for an informal conversation. 

 

The Scale Up Phenomenon October 2019

At one of our recent joint events, Ivan McKeever explained 8 Key Drivers that can significantly impact your company’s value both negatively and positively. The event involved meeting and networking with other local business leaders to gain insights and expand perspectives.

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use technology to beat their competition. Contact Us and we’ll be in touch for an informal conversation. 

How to Stop Worrying About Cyber Security and Compliance: Part II

This article is the second in our two-part report designed to provide busy CEOs with a template for mitigating the stresses and risks of cyber security and compliance. Here is part I if you missed it.

Previously we discussed why businesses often procrastinate when it comes to cyber security and regulatory compliance. Now it’s time to enumerate how you can mitigate the risks and sleep better at night.

  1. Make a Risks-and-Issues Analysis

Every substantial business should maintain a list of risks and issues, with some analysis of the mitigation options. The board should review this document at least annually, and each risk or issue must be owned by an executive with the expertise and time to manage it.

A certain level of risk is of course inevitable. But you need to know what you have, what’s valuable and what’s vulnerable. Documenting the risks, and having an open discussion about them, will drive sensible decisions about how to mitigate risk and take action when and if the worst happens.

Even better, it avoids sweeping issues under the carpet. Instead, you can confront the real business risks, identify a proportionate response, and ensure you are looking after the things that matter.

Proper backup plans, disaster recovery and crisis management plans will flow from these discussions.

  1. Sort Out Your Cyber Insurance

It’s prudent to consider cyber insurance. But not all cyber insurance is created equal. You need to carefully select an appropriate policy and provider.

The first thing to watch out for is if the provider takes the time to understand your risks and requirements. If they don’t, then they’re simply looking to sell you a policy, and you should walk away.

Next, check the exclusions on the policy. Make sure a member of your board understands the coverage – most importantly, if it covers ransomware payments, recovery costs, and loss-of-business. Remember that cyber insurance may not give you back money that’s stolen from you, that generally requires criminal insurance.

Also, you should learn how claims work with the insurer. If you have to make a claim, will the insurer specify who runs the recovery programme? If so, how quickly can this third party mobilise? If the insurer does not stipulate a third party, don’t wait for an incident to evaluate potential suppliers – identify the best one now.

Ensure that your IT is compliant with the policy. The insurer may impose requirements on your IT, and these requirements may be obscure and complicated. Often the CFO signs the insurance policy without communicating the requirements to the IT team. And the IT team may need to document how they meet the requirements so that the insurer can audit if necessary, otherwise your policy may be invalid!

Finally, are your suppliers’ contracts clear about their liability? And are they appropriately insured?

  1. Get Behavioural and Awareness Training

The weakest security link in any business is often the people. Some of your staff may struggle to understand the issues or to know what secure behaviours really are. You need to clarify your expectations.

Unfortunately, lots of companies have security protocols that no-one reads. Or perhaps people circumvent the rules with the tacit approval of their managers, who are busy and under pressure to deliver results. For example, if managers are writing passwords on Post-its, or accessing email from insecure home computers, then their subordinates will do the same.

Instead you’ll want to foster a culture of security. For example, is your finance manager empowered to challenge an email that looks like it’s from you calling for an “emergency payment?” How are suppliers’ bank details verified? Is your IT staff empowered to call out poor security practices from senior managers?

We recommend awareness training, which is relatively inexpensive – a few hundred or thousand pounds. A small price to pay compared to the expense of getting hacked!

  1. Get Cyber Essentials Plus

For most businesses there is a simple route to getting basic security right – certification from the government-sponsored scheme, Cyber Essentials Plus.

Specifically, this scheme identifies the basic technical measures to ensure your equipment is properly looked after, your network properly setup, and access properly controlled.

Most importantly, Cyber Essentials Plus requires all these things to be independently checked. Don’t ask your existing IT supplier to do it, get an independent assessor!

The total cost of this certification should be just a few thousand pounds and take a few weeks from start to finish.

We advocate that every mid-market business attains Cyber Essentials Plus. It certainly isn’t the whole answer, but it’s a big step forward for a lot of companies.

  1. Do a Penetration Test

A penetration test is when a third party looks for weaknesses in your website. Most companies can have a full, detailed penetration test for just a few thousand pounds.

This is essential if your website includes custom software or any kind of ecommerce services! Poor technical practices can result in custom software being full of holes. The OWASP top 10 is a list of the standard vulnerabilities that almost all hackers focus on – ensure your penetration test includes checks against this list.

Typically, penetration test findings are divided into high, medium and low priority. Address all high- and medium-priority issues immediately. Address low-priority issues on a case-by-case basis.

  1. Comply with GDPR

The General Data Protection Regulations came into force in Spring 2018 with much fanfare. Since then it’s all gone a bit quiet, and a lot of people are hoping it will go away entirely! But the rules are in force, with high penalties for breach.

The good news is that for the most part, the compliance measures are sensible and worthwhile. And most businesses can organise an expert assessment of their GDPR compliance for a few thousand pounds.

The recommendations can be complicated, and GDPR compliance can be a long process. So you’ll need to plan the work as a series of projects. Someone at board-level needs to have ownership of it, preferably someone both commercial and sensible in their approach.

GDPR compliance can be daunting. But you will make useful steps towards well-managed and well-organised back office systems. Consider it a useful tool quite apart from the legal requirements. In the end, your company will run more efficiently and make better use of its data, which is a valuable asset.

  1. Comply with ISO27001

ISO27001 is a more serious information security and management standard. Some companies have this standard imposed on them by corporate or government customers.

Either way, if your business is complex or has specific security requirements then ISO27001 provides you with a means to foster a culture of security. For example, if you manage sensitive data or valuable IP; if you want to demonstrate your credentials to demanding corporate clients; or if you plan for your business to offer important IT services, then ISO27001 gives you a means to embed security into every aspect of your business operations.

This is another standard that requires external assessment. Although it may only cost a few thousand pounds, implementing the necessary changes can be complicated and invasive. But that’s why companies brag about their ISO27001 accreditation — it’s a demanding standard and it means something.

Remember: Secure Companies Are More Efficient and Reliable

Let’s emphasize that the above steps are sensible. They will make your business more secure, so that you can your customers can sleep soundly. And in the event of a problem – because there are always problems – you will have mitigated the damage, and your business will recover more quickly, and you can avoid criticisms or accusations of negligence.

One final point: well-maintained systems and security practices will make your business far more effective, profitable and reliable.

You may like to visit our Knowledge Centre which includes all content related to this topic.

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

How to Stop Worrying About Cyber Security and Compliance: Part I

This article is the first in our two-part report designed to provide busy CEOs with a template for mitigating the stresses and risks of cyber security and compliance.

It is not an exaggeration to say that most days we hear from companies who have been hacked. Their reputations are damaged, they’ve lost money, and they’re not sure what to do next.

Freeman Clarke CIOs, CTOs and IT Directors have deep experience in helping clients navigate these dangerous waters. But the uncertainty can begin much earlier: we’ve also seen how even the threat of a cyber attack makes many CEOs of mid-market companies feel exposed and uncertain.

Another stress is the related issue of compliance: many companies are at risk of huge contractual penalties from their customers in the event of a data breach or the like. And the law is tighter than ever, with big government fines making headlines.

For business in heavily regulated industries, security standards and good practice are part of the corporate culture. But for most businesses in ordinary markets, the situation is far more ambiguous.

These are complex issues. And a CEO’s time is short. It can be difficult to find a simple, affordable strategy for security and compliance. There is often no-one in the boardroom with the necessary technical knowledge, experience, and sensible attitude to lead the approach.

That’s why we’ve prepared this two-part report: to provide busy CEOs with a template for mitigating the stresses and risks of cyber security and compliance.

Why it’s hard to get started

In our experience the underlying issue is that mid-market companies lack the expertise to feel confident. The IT team understands the technical issues; business teams understand the commercial issues. But there may not be someone at the executive level with a firm grasp of all sides of the problem.

Meanwhile, external advisors are typically selling expensive products like AI-based intrusion detection, data loss prevention software, or advanced malware protection. But they’re often more concerned with making a sale than helping your company.

Often the starting points should be relatively inexpensive training sessions that will cultivate a culture of compliance in your staff. At the same time, there are simple steps to reduce threats and to minimise impact in the event of a breach.

The ideas are straightforward, but their execution can be complicated. Boards need to accept that secure practices might not be as convenient or simple as the status quo. But keeping your business secure is worth the investment of effort and, when done well, the positive impact enormously outweighs the negative.

But, above all, given the real risks and regulatory environment, there is no longer any alternative to taking action!

The basics of security and compliance

You may have heard that there’s no such thing as being truly secure. Well, that’s true — when it comes to cyber security, there is no finish line. But there are a set of basic, practical steps that every business should put in place.

Consultants, product vendors, and the media would have you believe that it’s much more complicated. But based on our years of experience with hundreds of mid-market companies, nearly every single hack or breach were a result of basic errors — mistakes due to carelessness, lack of training or lack of expertise.

Yes, sophisticated attacks do happen. But they’re very rare. And even when sophisticated attacks have occurred, basic measures have allowed our clients to recover quickly with limited damage.

Our follow-up article provides a clear roadmap to help you rest easier when it comes to security and compliance. In the meantime, for more straightforward advice about cyber security, see our article on the 13 Strategic Steps to Cyber-Security for Non-Technical Board Members.

And here is part II of cyber security and compliance.

Visit our Knowledge Centre which includes all content related to this topic.

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.

Technology Strategy and Vision

Companies that have a clear business strategy need a systems and digital strategy to match. Each function of an ambitious business needs a clear direction and someone to own it.

Your technology should focus on your customers, growth, efficiency, risk, security and value.

One of our experienced, competent and confident IT leaders can join your senior team to understand your business strategy and turn this into an IT vision and strategy.

For more information on this topic, click here to visit our Technology Roadmap for Growth Knowledge Centre.

Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use technology to beat their competition. Contact Us and we’ll be in touch for an informal conversation. 

Subscribe to our Business Insights

Plain English board-level briefings focused on technology strategies to deliver competitive advantage and business success.

* Please enter an email address
newnewsletterrecipient

You can unsubscribe at any time.

Thank you.

You’ll now receive regular expert business insights.

Call us on 0203 020 1864 with any questions.

Graeme Freeman
Co-Founder and Director

Subscribe to our Business Insights

Plain English board-level briefings focused on technology strategies to deliver competitive advantage and business success.

* Please enter an email address
newnewsletterrecipient

You can unsubscribe at any time.

Thank you.

You’ll now receive regular expert business insights.

Call us on 0203 020 1864 with any questions.