Software Asset Management

 

We have previously highlighted the benefits of contracting with a Virtual Chief Information Officer (VCIO). This is most beneficial for middle-sized corporations that employ and oversee the basic implementation and maintenance of their networks (both hardware and software) but would be served better by an outside partner who can provide up-to-date, cutting-edge guidance in a rapidly evolving technical world. There are many companies, however, that lack the capital and expertise to manage solid technical implementation and maintenance of their software. For these companies, working with a Managed Services Provider (MSP) in the area of Software Asset Management (SAM) can be the perfect fit.

While working with a VCIO allows companies to establish a level of peace and security regarding the big decisions that impact their technological footprints, partnering with an MSP that provides SAM assistance removes the burden and anxiety of trying to stay on top of software needs – an aspect of your business that is fluid and changes rapidly. This benefit (increased peace and security) is widely recognized and is the main reason for the growth of such services. However, there are a few less well-known advantages that are specific to software management. Understanding these issues can make all the difference when you are deciding how to structure this important partnership.

These issues are best considered as responses to basic questions:

Are we as cost-effective as possible in the implementation of software?

Ironically, the first thing to disappear when implementing new software is usually cost-effectiveness. As the number of software programs within your business multiplies, the difficulties associated with understanding and managing such an expansion likewise increases. Many small companies, especially, rely on salespeople when they make their software purchasing decisions, but  many large institutions do, too. While salespeople have an obvious incentive to understand your software programs and how you run your network(s), their bottom line is in making a sale. The bigger the sale, the better. Thus, they have no incentive to be completely open about all of the options – and they certainly will not peruse and provide you with other options, even if those options meet your exact needs. This is particularly true when individual component pieces are being sold to specific departments.

If one of your departments, such as a training department, for instance,) still subscribes to a legacy software program that is largely outdated, you are most likely going to look for a replacement when that program’s licence is about to expire. If HR is using a different software program that is relatively new and is on a different payment time frame, it is easier to replace the training department program only, rather than see if there is a program that can work for both departments. Expand this situation across the spectrum of your organization and you have a difficult labyrinth to decipher and analyze in terms of cost-effectiveness. Finally, systematizing subscription or other payment structures as much as possible can have a huge benefit.

Are we configured properly to take advantage of new technologies and systems?

If your human infrastructure is not cutting-edge in SAM, working with an MSP is a necessity. More and more technology is compatible with the cloud, IoT, wireless devices, etc. These areas were not considered when many older, common software programs were developed. Much of the need to manage software assets properly is a result of this new frontier and the necessity of upgrading software systems. Given the complexity of these new technologies and the relative inexperience of most business owners (and even IT managers in small to medium-sized companies), there is a critical need for software decisions to include outside input.

Are we capable of properly training our employees in the best use of new software?

This question might be seen as an element of the last one, but it needs to be addressed directly and as a distinct issue. Put simply, if you must contract your training after you purchase software, it is best to do so with a partner who has helped you choose the software in the first place.

As technology fundamentally changes how we do business, serve customers, and address security threats, organizations must reevaluate whether their current IT strategies are meeting their needs. The ITeam is committed to helping Calgary- and Alberta-based businesses develop proactive, cost-effective IT strategies that minimize risk and maximize efficiency. Contact us to learn more.

Email Encryption Systems for Canadian Data Residency Requirements

The History

Email encryption, worrying about where data was stored, was not a concern when every company kept paper files in locked cabinets. Canada has been regulating the management of personal information privacy for almost 35 years, ever since the Government of Canada enacted the Privacy Act in 1983. This Act applied to departments within the Government of Canada as well as each provincial government system. Twenty years later, in order to address the privacy issues that accompanied the development of online commerce, the 1983 requirements were broadened to include private sector organizations that electronically maintain personal information. These new parameters were established in 2004 under the Personal Information Protection and Electronic Documents Act (PIPEDA).

PIPEDA originally applied only to the federally regulated private sector. For example: Banks, airlines, and telecommunications companies were required to follow the guidelines, but businesses, such as retailers, were not subject to its conditions.  More recently, PIPEDA was amended to include provincially regulated organizations, such as many businesses within the retail sector, service industries, manufacturing, and more. However, the requirements do not apply to personal employee information; rather, they apply strictly to personal consumer information.

On June 18, 2015, the Canadian Parliament passed the Digital Privacy Act (DPA), thereby amending PIPEDA. There are numerous additional requirements within the DPA, but we place an emphasis on the stipulation that Canadian citizens’ digital information stored within the Canadian border can only be distributed by means of email encryption systems.

The Issue

In an earlier day, even that of advanced computer storage and information housing, the handling and storing of digital information would not have been a major issue. Information was housed almost universally on computers and networks located in the areas where organizations were headquartered or in regional or local offices. However, advancement of wireless technology, cloud storage (with its tendency to blur data residency lines and fuel fears of hacking) broke down the previous technological barriers and created a critical need for careful, intentional, and proactive implementation of compliance protocols in line with PIPEDA and DPA regulations.

The Solution 

The ITeam can provide email encryption and storage compliance by using Microsoft’s Office 365 and Azure Rights Management (Azure RMS). Azure RMS includes a strong email encryption system and is now available through local datacenter regions in Toronto and Québec City. Furthermore, Office 365 has the capability of providing in-country data residency. Thus, The ITeam can offer a combination of Office 365 and Azure RMS that meets the encryption and data residency requirements of the DPA. 

Key Questions & Answers

The following is a brief Q&A regarding some of the central issues involved in DPA cloud compliance:

Does any encrypted document ever reside on US or foreign soil?

No. If you use a Canadian billing address for your data, the Microsoft Office 365 will be hosted automatically in a Canadian datacenter.

Does all information remain in Canada?

Yes. Microsoft hosts data based on geographic location, so all information remains in Canada. More specifically, as described above, the data is stored regionally in Toronto and Québec City.

What are the most important elements of encryption?

Regulated information is encrypted both while it is “at rest” and while it is being transmitted between a datacenter and a user. The level and type of encryption used to protect files and emails can be customized by end users and administrators. This allows maximum data security and management flexibility.

How is in-country datacenter integrity ensured?

Azure Rights Management uses separate security worlds for its data centers in North America, EMEA (Europe, Middle East, and Africa), and Asia, so security keys can be used only in the region of residency.

Is data ownership and control compromised in any way?

No. Both Microsoft Office 365 and Azure Rights Management leave data ownership and control in the hands of the individual organization. Neither data ownership nor data control are ever compromised.

Microsoft Azure provides organizations with a reliable, scalable, and secure infrastructure environment, allowing organizations to improve customer experience, drive innovation, and manage costs. With the availability of Canada-based data cloud services and storage, it is worth considering shifting your organization to the cloud and evaluating solutions like Microsoft Azure.

The ITeam is a Microsoft Certified Partner committed to helping Calgary- and Alberta-based businesses develop proactive IT strategies that keep them competitive. Contact us to learn more.

Emerging Cybersecurity Technologies

IT security as we know it is experiencing a revolution. The vast number of legacy systems are replaced by storage and transmission systems that are more complex, mobile, wireless, and even hardware independent. Cloud solutions, the Internet of Things, and other systems that cater to the new wireless generation require a new, nimble approach to security.

Three of the newest next-generation technologies that are poised to change the nature of cybersecurity offer a glimpse into the changes that are altering the security landscape in ways that would not have been imaginable only a few years ago.

Combinations of intrusion detection and encryption technologies with Security Assertion Markup Language (SAML)

The biggest issue with cloud-based applications, particularly in regards to BYOD, is that these technologies reside and transmit outside the parameters of traditional firewalls and security systems. In order to address this issue, some companies are using SAML (a data authentication and authorization format) with intrusion detection and encryption software to manage their data flow.

 

Early Warning Systems

Early warning systems are still in their infancy, but they are being created to decrease hacking in an innovative way. These systems are based on algorithms that attempt to identify sites and servers that will be hacked in the future. This view is not focused exclusively on infrastructure weaknesses; rather, it includes an analysis of common traits shared by systems most frequently hacked. For example, a site that is known to contain a large amount of sensitive financial data would be a more likely hacking target than another site that contains only generic business information. Such systems are not designed to protect all sites, or even sites with specific types of security, which is a departure from classic cybersecurity approaches.

 

Virtual Dispersive Networking (VDN)

There has been a rise in man-in-the-middle cyber-attacks, through which hackers alter or insert messages into communication flows. Virtual Dispersive Networking – or VDN – mimics a traditional approach used by the military. Radio frequencies are randomly changed, and communications are divided into pieces (or streams). Receiving radios are programmed to reassemble these pieces into their original form. With VDN, either the internet itself or a particular network becomes the communication-assembling platform.

 

Peace of Mind in a New Technological Frontier

These new technologies are only a sampling of the work being done to meet emerging threats with comprehensive security solutions. As with any industry, change can be frightening (especially when sensitive data is part of the equation), but if your company is aware of the new developments, you can begin implementing some of these security technologies into your existing IT infrastructure and enjoy some peace of mind.

The ITeam Named One of Ingram Micro’s Fastest-Growing Cloud Growth Partners in Canada

Ingram Micro Inc., the world’s largest technology distributor, has nominated The ITeam for a 2017 Canadian Cloud Partner of the Year Award in the category of Fastest Growth Cloud Partner. Winners will be announced at this year’s Cloud Summit in Phoenix, Arizona on April 19.

“The ITeam is proud to be an Ingram Micro partner and pleased to be recognized for our growth in Canada,” said James Wagner, President of The ITeam Ltd.

As the shift to cloud computing has enabled businesses to be more nimble and capable of meeting customers’ needs, The ITeam has worked to provide the necessary support, security strategies, and partnership required to make the shifts easier. Leveraging Ingram Micro Canada’s cloud products has allowed The ITeam to deliver cost-effective, comprehensive, customized solutions to clients. These efforts have allowed the firm to be recognized for “thought-leadership, innovation, and commitment to embracing a new technology landscape.” The ITeam extends congratulations to the other nominees in the fastest-growth category, CTECH Consulting Group Inc. and Optimus Tech Solutions.

As technology continues to change, organizations must move quickly to remain competitive. Organizations like The ITeam recognize the necessity of providing cost-effective, secure, reliable access to the increased volume of mission-critical applications that rely on cloud services to thrive.

“The ITeam offers comprehensive managed services, virtual CIO services, and flat-rate offerings that are customized to meet our clients’ needs, regardless of their industry and customer base,” said Wagner. “Partnering with Ingram Micro is a smart choice for us to be able to better serve our clients.”

 

About The ITeam

A true Calgary-based company known for delivering quality IT results for over 20 years, The ITeam believes in more than building a business; we believe in building client relationships. The ITeam can provide your company with IT services, utilizing IT industry standards and developing a customized approach to solving your IT business integration hiccups. Our team of employees has an extensive background and a history of providing successful technology implementations; we are further committed to demonstrating superior service with our ongoing support. You will work with the highest qualified people to keep your company running smoothly.

 

About Ingram Micro Inc.

Ingram Micro Inc. is the world’s largest wholesale technology distributor and a global leader in IT supply-chain and mobile device lifecycle services. As a vital link in the technology value chain, Ingram Micro Inc. creates sales and profitability opportunities for vendors and resellers through unique marketing programs, outsourced logistics and mobile solutions, technical support, financial services, and product aggregation and distribution. Ingram Micro Inc. is the only global broad-based IT distributor, serving approximately 170 countries on six continents with the world’s most comprehensive portfolio of IT products and services. Visit IngramMicro.com.

Expand Your Capability and Expertise with a VCIO

Technical support in today’s world is radically different than it was even a decade ago. Employing a CIO and staffing an internal IT department is much more complicated and expensive than it was in the past. But partnering with an organization that can provide the IT support you need and the expertise you must have to navigate today’s security and infrastructure issues is a solid way to ensure excellent cybersecurity and technical management that was impossible only a few years ago.

The Virtual Chief Information Officer: A Solution for Organizations of Every Size

Even independent entrepreneurs typically have an online presence, and their technical needs go beyond simple website maintenance. The range and complexity of IT issues can tax even large corporations with the need for extensive capital reserves; their impact on smaller organizations (even mid-sized or relatively large ones), however, can be devastating.

Partnering with a Managed Services Provider (MSP) can give you access to a dependable IT department and the expertise of a CIO without the exorbitant costs. And a Virtual Chief Information Officer (VCIO) can do more than save you money; soft benefits include your peace of mind and the ability to focus attention on business growth and development. As well, you will no longer need to provide immediate and constant supervision over equipment and processes, nor will you have to constantly address issues that may arise during off hours.

Partnering with External Experts Is Nothing New

Partnering with a Managed Services Provider is more cost-effective in many cases than employing an internal IT department and CIO. It’s no different than an organization contracting for human resources and legal counsel rather than having their own HR and legal departments. Companies of all sizes can put their financial resources to better use and partner with experts to provide specific services that are scalable and customizable to each organization’s unique needs.

Combat Threats with a VCIO at Your Side

Having a partner who can help you navigate the complexities of today’s IT world has become one of necessity rather than luxury, particularly as cybersecurity has become such a difficult and expensive business requirement. Spamming, phishing, hacking, ransomware, and data breaches of all kinds have rapidly and exponentially increased over the last few years, and combatting such constant and sophisticated threats has become an unavoidable imperative. Companies that specialize in protection against these types of attacks are becoming indispensable to standard business performance, while the expertise and ability to provide solid defenses is far less prevalent than the threats.

As technology fundamentally changes how we do business, serve customers, and address security threats, organizations must reevaluate whether their current IT strategy is meeting their needs. The ITeam is committed to helping Calgary- and Alberta-based businesses develop proactive, cost-effective IT strategies that minimize risk and maximize efficiency. Contact us to learn more.