The Ten Second Test That Will Save Your Organisation Thousands

As we go about helping organisations we see a lot of virtualisation being used to save money on server hardware. But we are also seeing plenty of virtualisation used in ways that is going to eventually cost more than it saves. In short we are seeing some organisations suffer the midrange explosion that we warned about in our previous blog post.

That is - the idea of "free" servers is sometimes leading to the deployment of servers for roles of dubious value.

"If the server is free what's the harm?" I hear some readers ask. The problem is it's not what the server costs to buy that matters, it's what it costs to own. Further, as you add more and more computer systems complexity can have an amplifying effect on the cost of ownership of systems deployed.

When an organisation has to pay for "tin" upfront this acts as a natural restraint on over provisioning. When servers seem to be free sometimes this restraint is absent.

So, here is the 10 second test that will save your organisation thousands. Before you add a new virtual server for any ongoing production role to your design or architecture ask yourself this question - "If I had to pay for the tin would I still design it this way?"

If the answer to that question is not a solid yes then you need to re-think your approach.

Why We Use NAS Rather Than Tapes

If you took a look at our last blog entry you might wondering what we use for backups if we don't use tape.

That's easy - we use Network Attached Storage (NAS for short).

Compared to tapes NAS have three major advantages:

1. They can keep up. Tapes are so slow that many in the industry now do what is called "Disk to Disk to Tape", where the backup is first done to another set of high speed disks, which can then slowly and ponderously stream that data to a tape drive. Getting rid of the "to Tape" bit is the next logical step.
2. Less External Dependencies. A NAS unit is a complete system that you can attach to your network and start pulling files off. A tape needs a tape drive, a semi functioning computer, driver software, backup software, and they all need to be accessible before you can start pulling off files.
3. Unlike tapes, which are a bit of an out sider from a mainstream technology perspective, NAS units use normal everday Hard Drives. So as the capacity of normal every day hard drives increase, the capacity of NAS units keeps pace. Tapes on the other hand are always playing catchup, and are usually around an order of magnitude behind in terms of cost effective storage.

Now if you are seeking a long term archive then tape is still your best bet, but that is not what most businesses are after in our experience, particularly once retention of data in programs like MYOB/QuickBooks etc is explained. Even then, NAS, which is powered up once every couple of years is probably just as good. Tape has the benefit that it can be just left to sit on the shelf for 10 years. Now, where did I leave that tape driver software...

5 Common Mistakes Business Make About Backup and Recovery

We are going to be talking about backups over the next few weeks - we are going to be talking about backups quite a lot. More precisely we are going to be talking not only about backups, but the other less frequent but oh so important bit - recovery.

The problem with the way most businesses approach backup is that they might take some backups (might) but they have never given a whole lot of thought to the other side of the equation - recovery. And there are some sobering stats here - probably the most sobering I have come across is this one:

"93% of businesses that loss access to their critical data for 10 days or more file for bankruptcy within 1 year. 50% of them file for bankruptcy immediatelly" - US National Archives and Records Administration.

So it's not only if you can get access to your information again, it's how quickly you can do it. And that is where things start to get interesting.

To get us started on our month of DR (Disaster Recovery) here are 5 common mistakes that businesses make about backup that means when push comes to shove they can't recover:

1. As long as I have my data I'm okay

Wrong.

Access to your data is contingent on a number of other pieces of infrastructure being in place. Sometimes this is a simple as a computer with say Microsoft Office installed in which case provided you can find a computer you are probably okay. But sometimes it relies on an application server, which has had 100 patches applied to it, which no one exactly remembers, and there was some bizarre tweak that someone had to give it to make it work etc.

Can you get access to the data again - probably. Will you get access to the data again before you are out of business? Much harder to know.

2. An Online Backup Over The Internet Is Our Best Option

Usually Wrong.

Online backup solutions are targeted at home users, and small businesses. They provide handy interfaces to help you see which files you are backing up, history etc. The problem is they are driven by people who, due to their limited IT knowledge, don't actually understand which critical parts of the system need to be backed up. For example, if you are using Exchange server only the system adminstrator has the access they need to the mail store.

If your whole server packed it in exactly how long will it take your online backup company to get you a copy of your data - a day, two days, a week? Have you ever asked? Have you ever tested their ability to deliver?

Also, as 1 above just backing up your data isn't really enough.

3. We Use Tapes

Wrong.

There are so many issues with tapes it is hard to know where to start:

• You need a tape drive (seems obvious right). But what if your previous tape drive was damaged (say by a power surge) so you can't move it across to the new server you just bought. Can you still buy the type of tape drive that you had previously keeping in mind it's probably three or four years down the track? This is what we call in the industry a "depedency".
• Tapes aren't growing in capacity fast enough to keep up with modern hard drives. Time and again we see new customers which have been sold a tape drive which can't backup a tenth the capacity of their server hard disks.
• Tape drives can subtly alter the length of tapes over time so that tapes will only work with that particular tape drive. Even if you can find a replacement tape drive your tapes may not work.
• Tapes need to have the basic operating system up and going to support the correct drivers. So if you are rebuilding from scratch you need to build a basic server, then install the tape drive and software, then restore (hopefully) and then reconfigure the server.

4. If a Part Fails In Our Server We Will Be Able to Get a Replacement Part

Wrong.

The scenario is like this - components in the computer industry tend to turn over on 12-24 month timeframes. After that the big PC/server manufacturers (HP, Dell, etc) will continue to carry spares for "warranty" customers. However, chances are they wont "sell" you one of their components - they need to hold an inventory to cover the customers which did pay for warranty.

Normally parts fail after at least a couple of years in service, meaning chances are you can't buy a replacement anymore. So if you don't have a warranty you probably can't get a like for like replacement. If you can't get like for like replacement then there is an awfully good chance that you will have to rebuild the system, or at least use a time consuming process to make the new part work with the old system.

Now this isn't true for some parts, like the power supply, or a non-integrated network card. These can often be easily replaced. But for the big components - like the RAID controller, Main Board and Hard Drives, it usually is.

5. If Our Server Crashes It Will Only Take a Day or Two to replace it

Wrong.

Yes you can go to Harvey Norman and buy a PC this afternoon. Servers are a different type of beast entirely. Because there are less of them sold they haven't reached the point where they are a standard item that retailers carry.

If you are lucky, and your business is small enough you may be able to limp along on a PC for a few days, although depending on your restoration strategy it could take days to get it correctly installed.

We will be discussing some of strategies we think you should pursue over the next few blog posts. Stay tuned.

Upgrade to Windows7

Have you heard about Windows7? It is entirely likely that the new Microsoft Operating System (OS) has flown in under your radar, as its release has been kept pretty low key compared to its predecessors. Windows Vista, which was the previous instalment of Windows, was not widely used (or liked) by the IT profession. It had several flaws, quite a few security holes and massive performance issues. It seems that Windows7 is following Microsoft’s long established trend of releasing an OS that is not quite right and then a few years later releasing a “new” OS, that is a remake or upgrade of the previous one with the bugs ironed out. Windows7 is looking to be an OS that “works”.

One thing that really surprised us is that Windows7 actually has lower hardware requirements than its predecessor. This if the first time this has ever happened with Microsoft Operating System. So it is possible to use the software on lower specification machines.

As per MS’s normal mode of operation once Windows7 is released the end of life for Windows XP support will probably be quickly announced. It has not been possible to purchase any version of Windows XP retail for quite some time now and the general consensus of the IT community has been to avoid using Vista in business environments. This means that Windows7 is where we will have to go for future system upgrades.

So far the outlook is good for upgrading to Windows7. There have been relatively few complaints about the OS. It uses much less resources and therefore runs faster on the same hardware (sorry to labour the point – but this is remarkable). The UAC, or user access control (the annoying fade to black windows) that Vista used has been toned down so that it is much less obtrusive. The networking support, while still not as good as it could be, is no longer painful to use.

The biggest test will be when it comes to using the OS in a business environment. How it behaves with other machines on a large network, not the mention how it interacts with servers is yet to be seen, but currently several GLIT members are trialling the OS with some of our work machines to test it in a work environment. We realise that it is inevitable that Windows7 will have to be rolled out to business clients, so we will be testing the new OS as much as possible before we have to roll it out to a working environment. But so far, things are looking promising.

Virtual Servers – Can They Save You Real Money?

If you have even a passing interest in IT then you have no doubt by now heard about virtual servers and virtualisation, which is a technique where a number of “virtual” computers all run on the one physical system. And although you might do this on your desktop, it is mainly taking hold in the back office where a number of servers are “virtualised” and run on one piece of server hardware.

Conceptually this isn’t a new idea – we have been doing this sort of thing since mainframe days. But virtualisation for Windows and Linux systems is now becoming big business for lots of reasons. The central argument around virtualisation is a cost reduction one. This comes through in a number of ways:

• Reduction in server hardware prices – If one piece of server hardware can do the job of 10 servers you have saved yourself the cost 9 pieces of hardware.
• Savings on Environmentals – One server, even if it is running a full tilt (computers use more electricity and produce more heat when busy) will use less energy than 10 servers, and will produce less heat (so less air conditioning etc).
• Disaster Recovery Planning – Virtualisation offers some savings if you need a standby site for DR – it’s kind of complex so if you want more details ask us for an explanation.
• There may also be savings in the systems management process as virtualisation (and the tools that come with it) make certain tasks more time effective for IT staff.

That’s the good news. If virtualisation is done correctly and appropriately it can save you money. If it is done where it isn’t appropriate, is poorly executed, or if you are just unlucky it can actually cost a lot more than it saves. Picking when it is appropriate is important, and it isn’t necessarily something the person trying to sell you virtualisation will tell you. This isn’t just us saying this – a number of big shops around town have either partially, or fully rolled back virtualisation projects dues to unexpected difficulties.

So, lets consider some of the things that influence whether or not virtualisation is a good fit.

No Free Lunch

Virtualisation tends to be a good solution for situations where your servers don’t do very much. So if you have 10 web servers that sit around largely idle then using virtualisation to collapse them onto one piece of “tin” (that’s a term we use for a physical server in case you hear it in conversation) might be a good solution.

But if you have 3 database servers that are flogged within an inch of their life then you are going to have to buy a much more powerful piece of hardware if you wanted to try and collapse them. This is going to affect your Return On Investment (ROI) position.

This can lead to a shop being exposed to the laws of diminishing returns in terms of buying hardware. To break that down simply a $5,000 server won’t be twice as fast as a $2,500 desktop (although it will probably be a good bit more reliable), and a $10,000 server won’t be twice as fast as the $5,000 server. So, if you have ten $5,000 servers, which are running at full tilt, you will probably have to spend a lot more than $50,000 to achieve equivalent performance in a single piece of hardware.

However, servers are not normally run that hard, and it is this fact that tends to make virtualisation economically viable. Normally you have ten $5,000 servers, each of which run at somewhere around 10-20% of capacity. You can replace those ten servers with one $20,000 server, which isn’t as powerful, but is powerful enough.

So, virtualisation is a better prospect for servers that are lightly loaded than for systems which are heavily loaded.

Understanding the Cost Model

Saving money on hardware sounds great, but is that really where most of your costs are? To get a sense on this it’s important to understand the Total Cost of Ownership (TCO) of a server over its lifetime.

TCO is made up of the following things grouped by scale of cost:

High:

• Support (wages or fees for the people that make the server work make sure that backups work etc)
• Downtime (wages of those people that can’t work when the server is not up)
• High-end Business Specific Software.

Medium:

• Business Specific Software (CRMs, etc).

Low:

• Commodity Software (Windows etc)
• Environmentals (Electricity, Air Conditioning, Rack Space).*
• Hardware.*

We’ve put an “*” next to the costs that virtualisation will reduce. Notice anything? Now there are arguments that virtualisation can reduce support costs and downtime. There are also arguments that say it can increase both of these. Which is true? It depends on context, and to some extent on whether or not the person appraising it is trying to sell virtualisation or not.

In the worst case we have seen organsations switch substantially to virtualisation, when they paid their outsourcer a fixed fee per server per month for support. The outsourcer didn’t reduce their server support charges significantly (they argued that supporting a virtualised server was no cheaper), and the outsourcer pocketed substantial money from the “move to virtualisation” project. Worse – the virtualised servers performed worse than the previous hardware based servers. In some circumstances the customer actually needed more virtual servers than they had physical ones previously. The result of this was that the support charges of their virtualised environment was more than the support charges on the real “tin” they had before, and the hardware savings were not enough to make up for the difference.

Complexity

Virtualised environments tend to be more complex than ones with normal servers, for a number of reasons.

1. Often more complex, higher end hardware is required. Dedicate Storage Area Networks (SAN) are an obvious example here
2. Server management now has another dimension to it – which “real” server do the virtual servers exist on – this might seem trivial but we have seen it cause problems
3. Another skill set is required to support the virtualisation product.

These are the foreseeable complexity impacts from virtualisation. However, the unforseen ones are in many ways worse.

Virtualisation tends to reduce the tolerances within your environments. Some examples include high dependency on having the exact firmware revisions and drivers for particular hardware, never being able to extract the IO performance you should get, network latency blowing out when there is seemingly no explanation etc. Now, you don’t need to know what these mean particularly to assist your decision making, but you need to be aware that some of simplification that virtualisation may give you will be traded off against some fairly high end esoteric problems which will require time and effort to resolve, and may in some extreme cases not have economically viable fixes.

Mid-Range Explosion

There is another potential drawback to virtualisation with respect to costs, and not one that necessarily is immediately apparent. It starts with a phrase during the sales presentation something along the lines of “so when you need a new server you just click, drag, click, and there is a new server, and it cost you next to nothing”.

Now that seems well and good, but as we have already discussed most of the cost of owning a server comes in the support phase. So saving you some deployment costs is great, saving you some hardware costs is great, but if it leads to an uncontrolled proliferation of servers (and we’ve seen this too) the “ease” with which new servers can be deployed actually starts to hurt a business.

This is a bit of “with great power comes great responsibility” type thing. If an organisation has a mature outlook, and doesn’t create servers willy nilly, still exercises effective change control, etc etc then this ability to commission servers quickly can be a great boon. If, however, they don’t exercise effective control, servers are run up on a whim, there is no disciplined management of systems then virtualisation can become an enabler to many poor practices, and before the organisation knows it the farm of 20 servers that it had is now 50 and increasing.

So...

We are not trying to say don’t use virtualisation. Virtualisation can be a fantastic thing that does give real savings. But it is very easy to be seduced by some of the amazing features that virtualisation offer, without considering the downsides, or more importantly exactly how virtualisation is going to improve the efficiency of your organisation.

Also, at its core, virtualisation is about saving money on IT, not saving money with IT. That’s fine – in hard times everyone needs to tighten their belts, but it does perhaps reflect an industry looking inwards at its own problems and coming up with a neat gadget to suit its own needs, rather than outwards figuring out how to make other parts of the business more efficient.

So make sure you take some advice, independent of the virtualisation sales people, about where it is a good fit for your organisation.

Thin Clients

From time to time you may have heard IT people talking about “thin clients” and wondered what they were talking about.

Firstly - no – chances are they aren’t doing a sideline in diet pills. Secondly, explaining the difference between a thin client and a thick client may be a little tricky. Rather than trying to explain the technical difference we thought we might try and explain the impact of each approach on an organisation.

To try and see the difference between a thin client and thick client imagine you needed to get a group of people from one place to another. If it was only a handful of people they might all have company motor cars, or they might share a company motor car. This works for small groups, but as the numbers start to get larger it becomes less and less practical (there isn’t enough parking at the destination, everyone needs to submit their fuel claims, a couple of people’s cars don’t work properly and need to be repaired before they can go, and some people also get lost on the way).

This is somewhat analogous to a “thick client” solution. Everyone has the utility and flexibility to go wherever they need to with only minor constraints (you need to travel on a road, follow the company vehicle use policy etc). The downside for the organisation is it needs to pay to maintain a whole fleet of cars, and substantial effort is spent keeping vehicles running properly.

Now consider an alternate approach. If everyone is going to approximately the same place every day (ie using the same applications) then maybe the organisation is better of with a bus. To move a large group of people there is less administration, parking problems, vehicle maintenance etc, and only the driver needs to know where the bus is going (so you only need to buy 1 GPS instead of 50).

The bus is more like a “thin client” or terminal solution. The people onboard have less freedom and flexibility, but provided they were all going that way anyway this may not be a big deal. Like the bus, a terminal solution requires certain equipment (a terminal server), which can be a substantial capital outlay relative to a few motor cars, but at some point, provided all staff are served well enough by the bus, it will be cheaper to run than the fleet of cars. The graph below illustrates this concept in terms of cost.

As you can see the terminal based approach has a higher set up cost but as the number of stations increases it is more cost effective. Now don’t worry about the exact numbers in this diagram – there are a whole lot of factors that influence this, but understanding this basic relationship is an important part of understanding the value of a terminal based approach.

The value proposition is as follows: If your requirements suit it, then the terminal server solution can deliver productive, reliable computing at a lower cost per station than using thick clients for all staff.

However, going back to our “bus” model can also help us see situations which terminal servers are not well suited to:

• Everyone is going to a different place – If everyone needs to run completely different applications then the terminal server may not be the right approach
• Everyone needs to attach different equipment – the bus can only have so many trailers attached to it. If everyone needs to use a PDA, or special data logger, or other peripheral then the bus may not be the right approach.
• Some Requirement’s Don’t Socialise Well – Just like the bus there is limited space and capacity on the terminal server before applications can start to seriously interfere with others ability to use the service. These “anti-social” requirements are probably better suited to stand alone thick clients.

You can also mix and match terminal and thick client deployments. For example, if 80% of you staff have “basic” needs you can have them use a thin client. The users with additional requirements can use a thick client for all the special tools they need, and use a software thin client to access the normal “corporate desktop” – they use the bus for the same things as everyone else, and only use their thick client for special jobs.

As you may have already surmised an important part of operating a successful terminal server installation is discipline. The organisation needs to be disciplined enough to protect the reliability of the terminal server by not letting unnecessary software be installed, and having the time and patience to set up user access so that staff can’t accidentally damage the server. This is one of the reasons that organisations with a mature outlook at Information Technology are the ones most likely to gain benefit from an investment in a terminal type approach.

While we have spoken quite a bit about restrictions it is important not to oversell these for a terminal solution. Staff that only need to use word, excel, email and a web based database or two can operate quite successfully on terminal solutions and never even know that they don’t have their own computer.

There are however, odd things that can catch you by surprise. A typical example is displaying video. As you probably know video is a rapid sequence of still pictures that our eyes interpret as motion. Due to the nature of the technology terminal solutions usually can’t send this stream of pictures fast enough to make a cohesive video – to fool our eyes into thinking it is watching real motion. Now that probably seems all right, until you realise that you were planning on rolling out video based training to your staff. New techniques may (and are) change this in the future, but it is an example of where the normal utility of a PC is not necessarily available for a thin client.

Another interesting issue that emerges with thin clients is printing. One advantage of thin clients is that they often work very well over skinny network connections. However, while the staff member’s experience when working on a document is good, due to the vagaries of drivers, printing can be a completely different issue. That innocent ten page document can blow out into hundreds of megabytes of information which takes minutes and minutes to download and print.

So before you make a decision to go to thin clients you should have a really clear idea of what your staff are going to be doing with their computer access. If you can’t be sure on their requirements, but you still think thin clients is the way to go you need to be mindful of the risks that such an approach entails. You may find a need down the track that thin clients can’t meet, and you will end up with some thick clients. However, if you have a clear understanding of what you will be using thin clients for, the opportunity to save some money can be substantial.

National Broadband Initiative

(Note: This is a reprint from our May 2009 Newsletter)

So, private industry cannot deliver the broadband network, and thus the Government has decided to go it alone and build a fibre to the home/business network by 2018. Putting aside the question of whether or not this is a good idea, what is fibre to the home/business likely to mean?

Fibre to the home/business, with its substantial increase in bandwidth, is probably going to give us “convergence”, which is a term to describe the process where once distinct streams of media and communications collapse into one single delivery mechanism. Huh? Things you once saw as separate, like the television and the telephone are going to start converging into the same delivery mechanism – the Internet.

If it were to happen as the futurists would see it, by say 2020 a lot of people aren't going to have a fixed line phone service anymore (that trend is actually already starting with “unbundled local loop” services available for those that want an ADSL service, but not a traditional copper phone line). We will still probably have something in our house that looks and acts like a phone, but it will work purely with the Internet. Likewise for television, we may see “cable” channels distributed over the Internet using a subscription model (no doubt with the obligatory amount of piracy going on as well).

In terms of business, high quality point to point video conferencing will become a reality that everyone can take advantage of, and this ability to video conference combined with redirecting office calls using your Voice Over IP (VOIP) phone, and get high speed access to the office network from just about anywhere is likely to hasten the adoption of telecommuting. Many more businesses, particularly in knowledge industries, will probably move to the model of having a larger proportion of their work force offsite, as a way of providing a better work/home balance, reducing the carbon impact of businesses (by removing employee commutes, and power hungry building environmentals) and reducing the substantial costs of commercial premises. Finally, customers having access to such large amounts of bandwidth will also make new types of services, for example video consults, a viable reality.

Many of these ideas aren't new – VOIP has been with us for some time, Skype has brought video conferencing to the masses, and larger enterprises (like the big 5 accounting firms and others) have been doing hot desking (where employees don't have a permanent desk – they log into a desk for the day) for many years with mixed results. However, the commodity-like nature and accessibility of these new services will likely have some substantial impacts on the way we work.

Before some of these benefits can be realised there are a number of technical, and even a few human issues that need to be resolved.

In terms of the technical issues the shift can perhaps be summed up by considering two areas: reliability and security.

Many Small Medium Enterprises (SME) do not have infrastructure that is sufficiently well engineered to provide the sort of reliability required for these new services. Issues such as Quality-of-Service (essential for good VOIP and Video Conferencing) capable networking equipment, communications systems that can survive mundane issues like power outages without dropping service (how do you dial triple 0 if all your phones fail when the power goes out), well provisioned equipment capable of dealing with increased load, adequate disaster recovery processes to get the business back in action in the event of a failure, and access to the necessary skills in a timely manner.

In terms of security SMEs are even less well prepared. While most understand the need for anti-virus software, and a few understand the importance of devices such as firewalls, in a more connected world most have little or no experience in the important discipline of risk management (at least as it pertains to IT Security). This will leave the overly cautious unable to capitalise on opportunities, while the overly optimistic lay their organisations open to damage, and their customers' information, open to disclosure.

Another interesting challenge is coming to terms with how to ensure that staff have the necessary amount of human contact to keep them happy and working efficiently. While some of the new technologies replace face to face contact (like video conferencing) all technologies tend to contextualise communications, with most interactions becoming more formal – that is you have a conference to discuss a proposal, find a way past an issue, but those informal water cooler chats might disappear. Depending on an organisation's culture, the boss may not think this is a bad thing..., but in all seriousness, it is often these informal discussions that provide the greatest insights, innovations and changes for organisations.

There is one final issue to touch on – the cost of downloads. As you may know, most ISPs provide a “free” allowance of data, and when that volume is exceeded they either throttle the connection, or charge an additional fee for extra data used. The genesis of this is in the old model of how Australia paid for the under sea cable that connected Australia to the Internet via the United States. The owner of this infrastructure levied a tariff on data coming to Australia crossing this infrastructure, which ISPs passed onto customers.

While some ISPs have “unmetered sites”, where your bandwidth does not count against your allowance (such as Internode with the ABC website), many have fairly course-grained models where they just charge for anything that doesn't originate on their own network.

For the National Broadband Initiative to provide the best economic benefit all ISPs will need to change these billing arrangements so that domestic traffic is free, or at least substantially cheaper than overseas data – otherwise things like high quality video conferencing will come with monthly Internet bills that will probably rival 1980s style STD phone call charges pretty quickly.

It is often said, when talking about how technology will impact society that “we always over estimate the impact in the short term, and under estimate the impact in the long term”. Nevertheless, we hope you find these thoughts useful in considering how the National Broadband Initiative might affect your organisation.

Should I Turn Off My Computer To Save The Planet?

(Note: This is a reprint from our March 2008 Newsletter - Home Customers - This advice was mainly aimed at Corporate Customers but you may still find it interesting)

In the past we have always advised customers that it is best to leave PCs on, for a number of reasons:

• Hardware (particularly hard drives and power supplies) are less likely to fail,
• It allows computers to download their updates overnight without slowing down the Internet link during the day,
• Virus scanners and security software will be kept up to date over night, so it is up to date and ready to protect the organisation when staff start work,
• Having the PCs powered on means staff don't have to wait for the machine to boot before they login – this probably saves you about 3 minutes per station per day.

With many more customers being conscious of green house gas emissions and energy usage, it is time to re-examine this advice.

Let us start by considering the energy usage of the PC. A normal PC consumes around 140 watts when it is fully loaded, 60 watts when it is idle, and 35 watts when it is in full power saving mode. More powerful computers consume more power, but that's about right for an office PC.

Monitors are also part of the story. We are going to assume a 17” flat screen monitor, which will draw about 60 watts, although it needs to be noted that power consumption for flat screens tends to go up quickly as the size does. When they are in power save mode the power consumption of most monitors barely registers – probably less than a watt. Close enough to call it zero.

So during a 9 hour work day, assuming 50% idle and 50% full load a PC will consume 900 watt hours, with a 17” monitor contributing another 540 watt hours, for a total of 1.44 kilowatt hours. If we accept (and there are a few figures around) 600 grams of CO2 per kilowatt hour then 864 grams of CO2 is produced each work day. If the PC is left on the rest of the day (so another 15 hours) then another 525 watt hours, or 0.53 kilowatt hours, is used, producing another 318 grams of CO2 Looking at it over a week, allowing two days for the weekend we produce 4.3 kgs of CO2 if we turn off at the end of each day, versus 6.9 kgs of CO2 if left on all the time.

So, there is certainly more pollution being caused by leaving the machines on. However, all the reasons we like the machines to stay on are all still valid as well. For example, if you have 10 staff waiting for computers to power up and boot each morning you probably spend $30 or more while staff wait.

What to do?

As we see it there are three options:

1. Do Nothing: Continue the current practice - not exactly environmentally friendly.
2. Turn the Computers Off Every Night: You have an increased risk of hardware failure and you will spend more money on labour as staff wait for PCs to boot. However you will get a small (very very modest)saving on your power bill and a slight reduction in green house emissions. A lighter version of this is just turning the PCs off over the weekend.
3. Purchase Green Power To Run Your PCs: If you believe CO2 emissions are an issue, then we think this last option, buying green power, is the best choice.

While it might seem a little counterintuitive we think this approach has a lot of benefits:

• It is inexpensive (about 10c a day per day per computer). This is less than the cost of having your staff wait for computers to start every day
• Means you can leave your PCs on with all the benefits that come from that.
• Is more effective at combating green house emissions than simply turning off computers – it eliminates rather than just reducing the contribution of your computers
• Encourages investment in green energy, leading to cheaper green energy in the future

Do you want to know more about buying green power? You can visit ACTEWAGL's green choice site as a starter.

Disaster Recovery

(Note: This is a reprint from our July 2008 Newsletter)

In our last edition, we covered the topic of catastrophic failure. It can happen, does happen, and probably will happen – to you. The longer you rely on IT infrastructure the more exposed you become to a failure occurring. It may be minor, but in many cases, a failure of an essentially cheap piece of equipment can stop a business in its tracks entirely, often for days.

So assuming it will happen eventually, and there's no way to stop it, how do you recover from such an event? We'll use an analogy which most people will be familiar with to illustrate first. Car accidents. If you haven't been in one, you've seen one, or know someone who has, and generally understand the process. We often see clients say the equivalent of “I've just been in a car crash, should I put my seatbelt on now?”

Obviously the time to put the seatbelt on was before you started driving, and the same goes for disaster recovery. Preparedness is everything.

The two fields information technology primarily services in small business are information processing, and communications infrastructure. Information processing is your word processing, spreadsheets or databases. Communications infrastructure is your e-mail, VOIP telephony, office networks and so on. We'll tackle information processing failure first. Regardless of the exact nature of the failure, we have one thing working on our side. Essentially, and I'm drawing a fairly long bow here, all computers are exactly the same. At an abstract level at least, they're all the same. That's how I know that if I install Word on 50 desktops in an office, they will all operate in the exact same manner. I can save my word document, send it via e-mail across the world and back, and a computer in America, or Taiwan or Antarctica will be able to read that document in exactly the same manner. So the actual computer becomes almost disposable, and should be viewed as such. The key component here is the information itself (the Word document), and the application processing it (Microsoft Word, or Open Office if you're that way inclined). As long as the information is safe, we can get you up and running again relatively quickly. This means backups. And like wearing a seatbelt every time you drive, backups require consistent, disciplined application if they are to be of any real value. There are a range of backup solutions available to choose from depending on how risk averse you are and how much data you need to back up, but they all have one thing in common. You need to plan them, put them in practice, and importantly, review their effectiveness. This means doing what we call a “trial restore” where a file or selection of files are restored from the backup to ensure they were recorded properly.

This is essential, because like any other device, there is always the chance that whether your backup device is tape or CD or DVD or an external hard drive or network copy, it could itself be malfunctioning. Obviously, the worst time to discover this is when something else has failed. If you effectively back up your data and retain a copy of that backup which can be loaded onto another computer, the failure of a single computer becomes an annoyance more than a disaster.

Now that you have a regular backup scheme in place, and periodically confirm that it's working, how do you actually recover from a failure? Do you need to repair the fault first? Not necessarily. If you have more than one computer in your organisation, chances are you can limp along by restoring the data and applications to another PC and using it. You may end up with staff sharing that computer which is frustrating, but it will get you up and running again quickly. If you need to replace a failed component, in most cases you can do so in around 12-24hrs. The caveat here is that only applies if the component which failed is still in production. The internal organs of PCs which users are most often blissfully unfamiliar with aren't exactly Lego bricks.

While you can swap them around from time to time the way they plug together changes and manufacturers stop making the older versions. If you have server which is five or six years old, which is not uncommon, not only is it nearing the end of its useful life and likely to fail, the chances that you'll be able to find replacement components to match are rapidly diminishing. This rules out the option of ducking down to the local computer hardware store, grabbing a new hard drive or whatever failed, and getting up and running quickly. You may find that a whole new server will be required. Read that again, whole new server. As we've mentioned numerous times in the past, this is an unfortunate but unavoidable aspect of IT. You need to be prepared to replace hardware periodically. It is obviously by far preferable to go about this in a planned and orderly manner, rather than a rushed panic due to a failed component bringing your business to a halt.

Communications infrastructure failures can be more frustrating, especially when multiple service providers are involved. For example, the failure of an Internet connection may be rats gnawing through cables in your roof cavity, fallen tree branches taking down your phone line and associated ADSL connection, a failure at your ISP, a failure at the phone exchange or any combination of the above. Once again, the concept of a backup comes to the fore, but in a slightly different manner. We're now talking about “redundant architecture”. Redundnant, because you don't really need it, until your main infrastructure fails. We'll use an internet connection as an example. Typically a small business will have a server connected to an ADSL service by a router. The kind of hardware you can buy at the local department store. If the router fails, and you don't have one in the cupboard, you'll be off air for as long as it takes to drive to the shops and buy a new one, then reconfigure it. What if the phone line fails? You can have a second line with a backup ADSL service waiting at the ready, but chances are better than good that a stray tree branch won't discriminate between lines. Also, if both lines are with the same service provider and the ISP fails, you've now got effectively double the useless bandwidth. Not an improvement. Similar arguments exist for many redundant schemes. Your most effective option, and one we've employed freqeuntly is a service with as little in common with your regular service as possible. As an example, when a client's wired broadband service fails (ADSL/TransACT or similar), we can deploy a wireless service using a different provider altogether. This helps overcome failures on a local level. In the past we've been able to allow a client to keep operating for several days while their ISP attempted to diagnose and repair a fault. We did this by loaning them a wireless router which connected to the Internet via the same kind of network mobile phones use, but optimised for data transmission instead of voice calls. It meant their e-mail was disrupted for a matter of hours, instead of the week or so it took to get their normal service restored.

There are however bona fide show stoppers. The classic example is “What if the building burns down?” While this rarely happens, it is often presented as the worst possible senario. We get asked how quickly we can get everyone back working. The tuth of the matter is, that even with the most regimented backups, your IT needs will be far from the fore in terms of urgency. If your building has literally burnt down, you'll need a new fleet of computers. And desks. And chairs. And phones. And a building. It's also true that once you have these things, if you have followed your backup procedures properly, it will be a relatively routine procedure to get the new equipment loaded with your old data and productive again. By comparison, finding new premises, furniture, hardware etc. will be a much bigger challenge.

So to summarise, disaster recovery has more to do with prevention and preparedness than reaction. In the case of information processing, having a backup of your applications and their data is absolutely vital. We cannot stress how important this is. In the case of communications infrastructure, having a distinct fallback service is vital. If you are to rely on these backups, they must be tested periodically to ensure they actually work as expected.

Saving Money With IT

(Note: This is a reprint from our June 2008 Newsletter)

When it comes to saving money with IT there are two major schools of thought. The first says “Save money by spending less on IT”. The second says “Save Money by spending on IT to make something else cheaper”. There is something to take from each point of view but in the long term, for most organisations, only one approach will work.

One of the main reasons businesses spend on IT because it saves us money on something more expensive. Normally this is labour.

Technology makes us more efficient – it has a cost, but at the end of the production cycle the cost of producing a unit of “output”, whether that be a cubic metre of concrete, a printed circuit board, or insurance policy, is less than it was before we “invested” in IT. Often it is necessary to make a lot of units of output before the technology investment is paid. We sometimes call this concept “Return on Investment” – a point where the cost of investing in technology is recouped through the savings on the units of output.

As we go about our work it often surprises us how people see the value proposition of IT. Even though everyone knows the old business axiom “time is money” we do see people making business decisions more from an employee perspective rather than a business operator. What do we mean?

An employee typically works to the understanding that they have a relatively fixed amount of income. Within this constraint the only income maximisation strategy they have is to minimise expenses. Because they don't pay for their time they may see sacrificing their own time to save money as a reasonable trade off (and it is within the constraints of their model).

A business operator is going to look at the problem differently. For starters they don't accept that their income is fixed. If they can produce more units of output, then theoretically they can generate more income. Secondly they are going to put a realistic cost against labour. They are only going to be interested in sacrificing time to save money if the time being sacrificed costs less than the money being saved.

Now – we know that most business operators understand that in theory. How do we apply it to practice?

Here are five suggestions:

Invest to Save Time

In terms of technology a lot of the general tools your business might need to help it save time are already there. Spreadsheets and word processors are old hat, emails been with us for some time, Instant Messaging and Video Conferencing are becoming commonplace. What we are seeing emerge much more strongly now is business specific applications, and improvements to business specific applications.

Consider how your business works and look at how automation might improve it. As we said – much of the general purpose stuff is now done, but there is no doubt that there is now a lot of activity in the SME space with business examining and improving their own business specific practices through investing in IT.

Be Careful of Investing In Gimmicks

t is very easy to confuse investing for efficiency with investing in gimmicks. For example, when you move 1,000,000 pieces of cargo each day having a PDA with each driver so that items can be checked out as they are delivered is an obvious labour saving and accuracy improving device. When you have three waiters using PDAs to take coffee orders it's a really marginal proposition – yes you save the walk back to the kitchen, but unlike scanning a barcode (for the courier driver) taping in a coffee order takes a few clicks, and exceptions are a nightmare.

There's nothing wrong with gimmicks, but recognise them for what they are – marketing tools not business efficiency improvements.

Understand How You Will Realise Your Return On Investment

Whether it is by saving someone half an hour of wasted time every day with a new computer system, or allowing your business to serve twice as many customers with the same amount of staff have a sense of how you are going to realise a return on investment when you spend on technology.

Having this sense of when you break even will also help you sort the chaff from the wheat with respect to gimmicks. If you can't construct a model where the investment pays for itself in 3 years or less chances are you aren't looking at a good efficiency improvement.

Get Some Advice

Speak to some technical people you can trust before you make a purchasing decision about a complex business specific IT system.

How will the proposed system integrate with your other software? What will be the ongoing cost of owning and maintaining the system? How does the vendor's maintenance cycle fit in with your other software vendors? What is the reputation of the software outside what their sales people have told you? All of these are questions which you should seek some trusted technical input on before making a decision.

Stay On Target

Make a decision and stick with it long enough to give it a chance to work. New systems take time to bed in, for people to adjust their habits and for the system to boost productivity. Often you wont see a benefit in the first six months. However you should see a benefit within 18 months.

Don't chop and change too soon – stick to your guns and give your decision a chance to shine through.

Good Design

(Note: This is a reprint from our December 2004 newsletter - this advice remains relevant today)

Ever wondered why Canberra’s traffic system works so well? Even at peak time you can travel from one end of the city to the other in 40 minutes.

And when you consider that Canberra has a severe case of low-density urban sprawl, it's an even more impressive feat.

If you asked the average cynical Australian why Canberra's traffic system works so well they would probably suggest that it's something to do with the fact that, as in all things Governmental, the streets are paved with gold. So this enhances electricity flow and makes the lights work better.

In truth, the reason Canberra’s traffic system works so well because it was part of a purpose-built system. A road system designed and built around the requirement of accommodating motor cars and not horses and buggies.

This means that, from inception, the planners designed for what would eventually become a moderately large city. The recent duplication of William Hovell Drive (the road that you take to Belconnen from Parkes Way) is an example of this.

Here, good planning meant that, when traffic flow along this road reached its capacity, the land required to improve the system was already zoned and available and no properties had been allowed to be built and thus none needed to be destroyed to allow the work to proceed. And when the land had been zoned for duplication, enough had been put aside to accommodate extra lanes on these motorways should they become congested again.

All this meant that a significant engineering feat was achieved with minimum disruption to the surrounding area, or to other roads and systems already in place. Furthermore, costs were lower because the engineers and workers didn't have to dig tunnels, demolish and remove buildings etc. All they had to do was build the new road.

This all goes to show that one of the greatest values of good design lies in the avoidance of big costs and complexities down the road (no pun intended).

Yet, imagine the same project being carried out in Sydney where buildings would need to be demolished, people relocated etc. Partly because of this, the modern Sydney solution to roading congestion is to underground motorways, and this is such an expensive option that most of these motorways are tollways. Design your system and plan for growth or your business is likely to outgrow its system. Sometimes these problems can be solved relatively easily.

The same principle that good design saves money applies to computers and networks. Design your system and plan for growth or your business is likely to outgrow its system. Sometimes these problems can be solved relatively easily. For example, if a server is not powerful enough to do the job anymore, you can simply replace it with a more powerful server. While this could be expensive, at least it is relatively straightforward.

But sometimes the problems are much more difficult to overcome – your business process is tied to an unusual piece of software for which there is not a lot of technical support. Worse still, the software isn’t able to scale past a handful of users.

In this case, possible replacements would need to be identified, tested, and a replacement selected. New hardware may be required also. You would need to migrate data held in one application into the new system etc. All the while trying to run your business in parallel to this process.

Another important component of design is the funding that is available to allow for future growth. In other words, do we fix the problem now (roll out a dual carriage motorway to a new suburb even though no one lives there yet) or simply make provision for future capacity requirements (just make sure there is enough land to accommodate the dual carriage motorway when it is needed).

An important skill in the art of design is to avoid placing the solution first. In other words, get to know the problem before you settle on the solution.

A pertinent metaphor for computer systems design is a re-arranged old saying. When it comes to system design: “Don’t put the horse before the cart”.

Imagine you asked someone which horse(s) you need to pull a wagon loaded with beer. Without asking you what you need to move, where, how quickly and how far you need to move it (identifying your requirements), the wise consultant tells you that you need a team of six thoroughbreds.

Since you suspect that thoroughbreds aren’t right for the job, you query this. The expert sniffs. “Thoroughbreds", he says haughtily, "are the best horses”.

He is, of course, quite correct. Thoroughbreds are the best horses - for certain purposes. But most of us know that draught horses, or even bullocks would be best for moving a load of this kind (depending on speed, of course).

But let’s imagine the problem is a little more complicated – the beer is needed for the Governor’s Birthday Party. The party is 45 kilometres away, and takes place in two days time. Also, let’s assume that if you don’t fulfill the contract to deliver the beer, you will probably be imprisoned or made to marry the Governor's daughter. Suddenly you have a vastly different problem!

Not being a horsey expert (don't ask us to place your bets for you!) we are not sure of the exact answer to this problem, but lets suggest that you need to break the beer cart into smaller loads pulled by lighter faster horses. Then, to cover 45 kilometres in two days you may also need fresh teams of horses waiting along the way. Thus, the solutions to a systems problem - to get the work done how, when, and where you need it - require you to fully understand the problem before you can come up with a design that gives you the solution.

Unfortunately, there are many in the computer industry like our horse salesman. Without actually listening to what the customer needs are, now and in the future, these individuals will push your towards a prepackaged solution.

So, be warned! If you don't get expert assistance with design you can end up with a speedy but weak thoroughbred when you really need a slow but strong Clydesdale or vice versa.

Admittedly, good design can seem expensive initially but, over time, a good design will more than repay your investment in it. A good design will give your business the flexibility it needs to meet its goals, and save you real MONEY because you will need fewer upgrades and, when an upgrade is needed, it will be a far less painful process.

Does IT Matter?

(Note: This is a reprint from our June 2004 newsletter - the information here is just as relevant as when it was written)

In May 2003, Nicholas Carr published an article in Harvard Business Review titled “IT Doesn’t Matter”, and more recently a book, “Does IT Matter? Information Technology and the Corrosion of Competitive Advantage”.

The main thrust of the article is described on the author’s site:

I examine the evolution of information technology in business and show that it follows a pattern strikingly similar to that of earlier technologies like railroads and electric power. For a brief period, as they are being built into the infrastructure of commerce, these "infrastructural technologies," as I call them, open opportunities for forward-looking companies to gain strong competitive advantages. But as their availability increases and their cost decreases - as they become ubiquitous - they become commodity inputs. From a strategic standpoint, they become invisible; they no longer matter.

However, I would paraphrase the article as: Don’t spend money on IT advantages that will be quickly and cheaply copied by your competitors before you can recover the development costs.

The problem is while it raises some valid issues regarding over capitalization in and cost recovery in IT, other assertions in the paper made people in the industry object to the entire article (and of course, the title doesn’t help).

For example, there is discussion of the practice of renewing all desktop computers in an organisation every 2-3 years when people are using them for the same business functions, with the implication that word processing only uses 5% of a new computer’s processing power. There is some merit in this argument, but it completely ignores the fact that machines degrade over time and that as PC’s have continued to drop in price, maintenance can become more expensive than replacement. It doesn’t mean that replacement is always warranted or desirable, but the decision should not be over simplified.

Paradoxically, considering the article’s title, the author accepts the necessity of IT in the business world; he simply asserts that you cannot maintain a competitive advantage today by implementing cutting edge technology. This is true, but it’s just another way of saying you can’t solve a problem by throwing money at it. In fact, on his web site, the author quotes Cisco Systems CIO, Brad Boston as admitting, "Wal-Mart, Amazon, eBay, and other great companies didn't succeed because their information technology was better than others. Their vision was." However, copying eBay’s technology is unlikely to significantly erode their market share because the brand is too strong. The vision alone could not have raised these companies to their position either, and the most important part of their technology is that they got it right. If Amazon weren’t delivering product in a timely fashion, it wouldn’t matter that it was cheaper than Dymocks.

The picture for small business is a little different. While they are not likely to create new technology, implementation of IT is not homogeneous. Often in fields like brokerage, the edge comes from using IT to make a large business from many small businesses. The paradox being that it’s a race to avoid being left behind once these kind of services have a significant client base.

Whether or not IT can be reduced to a commodity it certainly needs to be considered with the cost/benefit relationship in mind. Indeed, as technology like RAID has entered the consumer market, it becomes hard to justify the risk of the downtime and data loss caused by a single drive failure in a server. On the other hand, while the technology is cheap enough to consider use in workstations, it would be nonsense to implement if they were not due for replacement as the risk of data loss on a well configured workstation (where data is normally saved to the server) should be negligible.

IT does matter – just like having reliable motor vehicles and planes matters for a courier, and having reliable power matters for a factory. Whether or not IT can deliver great competitive advantage anymore is another matter. One thing is for sure; uncontrolled investment in IT can still hurt businesses.

Anti-Virus Defences

(Note: This is a reprint from our August 2003 Newsletter)

Recently Green Light IT had too help a customer clean up after a virus infection, and I was reminded how expensive an exercise this can be for an organization, in terms of money for services from people like Green Light IT and in terms of lost productivity.

Just after this work came the blaster virus, which some customers were properly protected against due to good management, and others have, so far, survived due to good luck. So far no customers have been infected thankfully.

The nature of viruses continue to evolve to the point that good anti-virus protection relies on more than just having current anti-virus products and using them.

Instead we are seeing viruses that need effective “network security” to prevent them.

Of course, although this breed of viruses may seem new, it really isn’t. As I look back through previous stuff we have written I note that in October 2001 we wrote an article about the Nimda virus that made it clear that we can expect virus writers to start using recently announced security exploits as new ways to propagate viruses.

The article is still on the website at: http://www.colmancomm.com/ (this link is no longer valid sorry). It’s the fourth item in the list of “Stuff”. In fact I felt so much of what was written there was still relevant, that I was tempted just to reprint it as this newsletter’s editorial. It might be worth your time to read it, and make sure that your business is at least doing the basics mentioned there. However, I thought I might expand on the nature of these newer viruses, and what you should be doing to protect yourself.

Most businesses these days connect to the Internet in one way or another. What is also clear these days is that most viruses come from the Internet, whether via email, downloading infected files from the web, or even an infected machine trying to directly connect to your network and infect it.

Given that this is the entry point for most viruses it does deserve special attention. So of the three infection vectors I mentioned above (email, web and direct connection) what are three ways to mitigate the risk.

Email:

By and large email has carried the lion’s share of destructive viruses over the last few years. In addition to running desktop anti-virus products, your email should be scanned by another set of anti-virus products, either by you, or a third party. We offer an economical service that does this, but your ISP may also offer it as a standard part of their service. For those of you that host your own email server (i.e. not done by the ISP) you should see to this immediately.

Web:

Web is difficult to protect against because there is no real opportunity for any system to inspect a file until it is fully downloaded on the users computer (although there are some products that try to do it I don’t think any of them are satisfactory for use) (note - fast forward to 2009 - there are options now).

The two strategies that work against this are 1) getting Anti-Virus products on every vulnerable system inside your environment and keeping them up to date (including servers) and 2) educating users about the danger of downloading programs and other executable content from the Internet.

In our experience 1 is far more likely to have success than 2, but if you can do both that is better.

As another step it might be possible, depending on your network configuration, to prevent most users from downloading dangerous files. If these files do need to be downloaded, you can have it done by one person only in the office, who is hopefully a little more judicious than others.

Network:

Network borne viruses, which try to directly connect across the network and infect other machines, are the type that have been increasing in prevalence over the past couple of years. They also seem to be the ones that cause the most trouble these days, including such notorious candidates as Code Red and now Blaster.

It is well and truly past time that you should be operating a firewall on your connection to the Internet. For customers still connecting to the Internet through winproxy setups and the like, and those customers connecting through straight windows dial up, it is time to take some action.

Personal computers, which do not always have the protection of a network firewall, such as home PCs, roving laptops etc, can be protected by installing a good personal firewall product, such as ZoneAlarm from ZoneLabs (note for 2009 - most AV products include firewalls now).

Systems that provide connectivity for a whole network should probably be replaced by a dedicated firewall. Exactly what product best suits depends on your requirements. As all of our customers know, we market the SENSEI Firewall, but there are many other options too depending on the features you are after. Blaster is the wake up call. It is time to reconsider the anti-virus defenses for your business and make sure they are in good nick.

As always, you can contact us for advice and assistance.

When Will I Need To Replace This Thing

(Note: This is a reprint from our August 2003 Newsletter. These days we use some standard policies for the age at which equipment is replaced, but this is useful background as to how these recommendations have been derived over the years)

We are often asked about when we think customers will have to replace aging equipment, so we thought that this month in business in focus we might cover some of the processes we go through when trying to formulate advice to you.

When considering the question of when equipment should be replaced there are three major considerations to make; 1) risk and reward, 2) suitability to the task at hand and 3) future requirements.

Risk and Reward

Risk and Reward is the process of considering what the risk to the business of continuing to operate an ageing piece of equipment is, and when that risk passes the “reward” point of not having to expend money to replace it. Risk is a product of two things; likelihood and impact.

To give you some example of risk considerations consider two pieces of equipment, a 7 year old laser printer, and a 5 year old file server. Assuming that these two pieces of equipment had approximately the same probability of failure based on their age, which is the greater risk to the business?

If the laser printer fails, it can be fixed, or replaced, probably that same day if necessary. There is not a lot of work to commission a new printer. And apart from not being able to print the business can continue to function.

In contrast, a file server could take days to fix or replace. There is the potential for data loss, even if customers are rigorously conducting backups. The server failing may also stop other critical applications. The IT systems of the business could be disabled by the failure of this one piece of equipment.

Obviously the file server is the greater risk because if it fails there will be greater impact on the business, even though the likelihood is the same.

In considering reward we look at how much the system might cost to replace, and the expected life of a new system, to get a feel for what the customer gains by “taking no action” at this time.

For example, a new server to replace an existing and ageing server might be $4000. The new server might have a reasonably expected life of 4 years.

Suitability to the Task at Hand

In this step we consider whether the equipment is actually currently capable of performing it’s current work, and how soon, based on expected growth, may it not be able to due to increasing demands on its performance.

For example, imagine that we have a database server where the hard disks are currently 60% full, and increasing at 5% per month, and the CPU runs at 40% during business hours, and is increasing by 10% per month. Without even considering new requirements just the growth of usage on this box means that action will probably need to be taken within 3 months and definitely within six.

Of course, usually we don’t get to do that kind of analysis on equipment, we are instead told things like “seems to be slow”, “running out of memory”, “constantly rebooting” and we might get a chance to look at how the box is handling the load on the day we look, and then have to, somewhat scientifically, estimate how that usage will grow.

Future Requirements

When customers ask us about when equipment should be replaced we will often ask them what new requirements they are expecting of their equipment in the next 24 months.

Here we are simply trying to get an understanding of whether the equipment can continue doing it’s current role, or whether the business will expect something new of it in that time.

The sorts of issues that tend to show up here are things like software compatibility (software from partners and service providers wont run on ageing equipment/operating systems), radically expanded requirements (a file server becoming a genuine application sever), users needing to speak to special peripherals (GPS units, scanners, USB printers etc) and so on.

Often it is difficult to get a handle on these sorts of future requirements, particularly with the foresight of up to 24 months because businesses often haven’t thought that far into the future about IT requirements, or simply can’t predict that far into the future because of the nature of their industry.

Upgrades

Customers often ask about the option of upgrading as a way of staving off having to replace equipment entirely. Sometimes upgrading is cost effective based on requirements but against this is the truth that buying the components that make a computer (for example) individually is a lot more expensive than buying a new computer, and that the labor to retrofit all these components to an existing system can be a significant cost.

Upgrading sometimes is the only option because of short-term cash flow problems, but quite often it also gives a sense of false economy. For example, spending $1000 to upgrade a system to extend it’s life by 12 months as opposed to spending $4000 to replace it with a system that should last 4 or more years might seem reasonable until you consider that because of its age there is no guarantee that you will not strike other problems, either with capacity, or reliability before that time is out.

And if the upgraded server has a failure on one of the components you didn’t replace, the days labor to fix it, plus the 1 week’s lost productivity while a part for an old system is sourced, plus potentially lost data will make any “savings” seem pretty expensive.

That is not to say that upgrades are never appropriate, they sometimes are the most appropriate choice. The key is to recognize what the risks and benefits of upgrading truly are.

What Does It Mean In The Real World?

Here are some examples of advice we have given recently, based on customer enquiries. You may recognize one, as whilst the names have been changed to protect the innocent, the examples are genuine.

Customer 1 asked Green Light IT about replacement of several PCs used in one of their businesses.

The PCs were all quite old (4 years or so), the operating systems and software quite old (Win 98, Office 97 generation). The machines’ only duties was being basic word processing/spreadsheet terminals as well as accessing a central terminal application. Although there were 4 or 5 machines it was very rare that all of them were in use at any one time.

Advice

Continue using the equipment but be aware that eventually we may not be able to repair it, or the cost of repairing it might be too high to justify, and at that stage, for consistency, consider replacing a chunk of machines at once.

Why

• Although as a whole the systems were critical to operation, none was so critical that the business couldn’t survive the loss of one system. In fact, given the low usage, impact in the event of failure to business operations might be none at all. Risk profile is low.
• The systems were easily coping with their current duties with no expectation of ramp up in load.
• There were no obvious future requirements that necessitate their replacement with more modern equipment.

Customer 2 asked Green Light IT about upgrading their old file server as part of a network refurbishment.

The system is one of the oldest in their office (probably 4 to 5 years old), and as well as acting as a file/print server recently had its role upgraded to include acting as a genuine application and database server. The application that is run on this system, although being quite new, is rapidly becoming critical to the business (replacing their paper based filing system).

The customer and Green Light IT had agreed that the server needed a proper backup system (currently ad hoc to CD) and that the ageing hard disks might be a problem. The upgrade (including backup) would cost about half the cost of a new system.

Advice

Don’t upgrade the system; replace it with a completely new server, incorporating fault tolerant hard disks, backup solution etc.

Why

• With the importance of the new application becoming obvious it is also obvious how important the system that runs that application will be. It is clear from this how important the server will be to the operation of the IT facilities of the business.
• In the event that it failed, the business may not be able to operate without it. Given the cost of upgrading versus a new system it was obvious to us the risk of failure outweighed any cost reward of just upgrading.
• Although the system seemed to be coping with its current load acceptably (based on anecdotal evidence only) there was obviously potential for the system to require more resources in the near future, particularly if the new application continued to grow in usefulness to the business.
• The customer did not have a strong perception of their future requirements. Although there seemed a strong desire to maintain the status quo it was obvious that the business had external pressures on it from business partners which meant that its requirements would change in the next 24 months or so. The success of the new application showed that the business was starting to see the advantages of automation, and that new requirements based on a change in business methodology may be in the near future. Therefore we were concerned that the existing system may not be capable of meeting new requirements.

Customer 3 asked Green Light IT about replacement of desktop computer systems

Customer 3 asked Green Light IT about replacement of desktop computer systems after it was found that some of the older workstations were not coping well with a new version of a critical application.

The two systems in question were starting to get quite old (4-5 years), using old software (win98, Office 97), and had already been rebuilt and upgraded once as part of a refurbishment. The workstations are important to operations, but staff can use other workstations if necessary as usually not all workstations are in use.

The customer advised Green Light IT that replacement of the workstations was budgeted for the next calendar year, but it might be difficult to accommodate in the current year.

Advice

Try upgrading system memory to see if this would allow the workstations to cope with the new version of software (as suggested by the application provider). Provided this solves the problem temporarily continue with planned replacement on schedule.

Why

• Although the machines are ageing, and somewhat at risk, the business could continue to function at some capacity without one or even both of them. Furthermore, the customer already has a plan that will see the machines replaced within 12 months. Therefore, the risk posed by the failure of these systems to be able to do their task is not sufficiently high to justify the expenditure at this time.
• The machines are not coping with their current workload, but there is strong advice that the upgrade may resolve this problem. Furthermore, the upgrade is cost effective with respect to the price of a new system (~$250 per system for upgrade).
• The ability to meet future requirements is not a strong factor because the customer has already identified the need to replace these machines. If the upgrade allows the machines to meet their current workload then future requirements will be dealt with when the machines are replaced.

Open Source Software

(Note: This is a reprint from our June 2003 Newsletter)

By now you have probably heard about Open Source Software, and wondered what it was all about.

We thought we might do a bit of a Q&A session on open source software this newsletter that might explain some things about open source software to you.

Question: So what’s the deal with open source software?

Answer: Well, it’s free, basically.

Question: Your kidding right?

Answer: No, it’s free.

Question: So what’s wrong with it?

Answer: Well, nothing really.

Question: So how come it’s free?

Answer: Because the people that make it are not seeking to make profit from moving units of software.

Question: How can they afford to do that?

Answer: A couple of reasons; 1) unlike creating physical commodities, the incremental cost to create a copy of a piece of software is effectively zero. 2) The development is usually funded either by donation, or by businesses that have a business model that doesn’t involve selling software.

Question: But you get what you pay for right? So I imagine this stuff isn’t much good?

Answer: Actually it’s quite good; in many cases it is equal to or better than the commercial equivalent. As for getting what you pay for, remember that the incremental cost to make a second copy is zero.

Question: So what sorts of free software is there?

Answer: All sorts; operating system software, such as Linux and FreeBSD, free server software including mail servers (Sendmail, Postfix) , file sharing (Samba), databases (MySQL, Postgres) and web servers (Apache). Also, software for the desktop including office suites (Open Office), photo and picture tools (The GIMP), Email clients, encryption and VPN tools and more.

Question: But you couldn’t run a whole business on it could you?

Answer: Maybe, maybe not, it depends on what specialist software you may need, and what platforms it will run on.

Question: So who is responsible for supporting it?

Answer: No one, it does come as is with no warranty. However most open source products are supported strongly by their developers as well as the community of people using the products. You can almost always find help, and usually someone has had exactly the same problem as you before.

Question: So there is no one to sue if something goes wrong?

Answer: True, but do you seriously think you could sue Microsoft if something went wrong with their software.

Question: So it’s free, how else does it help?

Answer: In many cases it is more stable, but heh, isn’t free enough? MS Office Pro is running over $1000 per licence, and you can get open office for nothing.

Question: So if I got this open office thing I could do all the stuff that MS Office does?

Answer: Pretty much. There are sometimes issues opening MS Office files with open office, but you can always ask your correspondent to send it to you in another “standard” format (MS Office is not a standard format, although it is a defacto standard). As for sending stuff to clients, you should be using a PDF format anyway, to prevent clients from trivially changing the content.

Question: So what are the other problems?

Answer: Well, you also want to make sure that you pick the winners in terms of choosing open source software that has been around for a while and should continue to be well supported. This is usually easy enough though, particularly if you consult someone in the know. There can also be issues with compatibility, a bit like Open Office. Once again, consult with those in the know.

Question: Okay, so you save money, it is as reliable or better, with no unmanageable problems. Why isn’t everyone doing this?

Answer: Open Source Software doesn’t have money to run expensive marketing campaigns. Many people are simply not aware that it exists. Add to that a strong misinformation campaign by software vendors (people that make money selling software) and you have a combination of ignorance, and unjustified skepticism.

Hope you enjoyed the Q&A session. If you have more questions than answers at this stage feel free to drop a line to the office.

Disaster Recovery Plan

(This is a reprint from our April 2003 Newsletter - some of the technical approaches here are now out of date, but some of the other issues are still as important as ever)

We all know what Disaster Recovery & Business Continuity Plan is right? It’s the tape drive that lives in the corner, or the set of CDs that has the company’s data on it, or the filing cabinet with hard copies of all the company’s information in there.

Whilst protection of data is critical to your business, it is only part of being able to recover after a disaster. That being said, obviously if you don’t protect your business data with backups you have a long way to go in establishing a BC&DRP.

So, let’s start with data. Any information that is critical to your business should be backed up. Whilst there is a variety of technologies that can help you here the one that will solve your problems most quickly is a simple tape drive. At any time at least one full copy of your business’s data must be stored offsite. In this way if a fire or other disaster destroys your business you should be able to recover your data. However, you have to be able to access the data on the tape, and you have to be able to access it on another tape drive and computer, as you should work on the assumption that the original computer is destroyed. That being said, recovering your data is only part of the story.

So what else needs to be considered? Well, it depends on your business. One of the first things you must understand is how critical IT is to your business. By understanding how critical IT is to your business you can determine your Maximum Allowable Outage (MAO). Essentially this is the maximum time that your business could afford to be without its IT systems. Once you have established your business’s MAO you then need a plan to how you would restore your business’s IT systems within that MAO.

When considering what is necessary to reconstituted your business’s IT systems you need to consider a number of things. Commonly available software can probably be obtained within a day. Common hardware may take a little bit longer.

Unusual hardware or software may take some time to source, and so depending on your MAO you may need to consider carrying spares or keeping backup copies of vital software. Alternatively you can have support agreements in place with the providers of that equipment to ensure that it is replaced within a certain agreed time.

Other things you need to consider is where your business would be based if your normal place of business were destroyed. This is more of a business logistics issue than an IT issue per se, but is presented for consideration by readers.

Other important points to consider is whether you will have access to the technical resources, as in people, that you will need to setup your systems again.

Also, are the systems you will need to replace covered by your insurance? Will you be able to get access to the insurance funds quickly to restore your business? Will your insurance cover the cost of lost business whilst recovering your IT systems? Will the insurance also cover the costs of labor to reconfigure your systems and setup your environment again? These are points you can discuss with your insurance agent.

In short a Disaster Recovery and Business Continuity Plan begins with the protection of data, but then goes on to cover all the significant issues that you may confront in getting your business back online after a disaster. With luck you will never have to put a plan into action. However, if you do a little pre planning it may well save your business.

Does Your Business Have an IT Strategy

(Note - this is from our Feb 2003 Newsletter

(Note: Reprint from our February 2003 Newsletter)

What is the most common IT problem across small businesses? Flakiness of Windows? Significant, but certainly not number one. The way small businesses tend to become locked in with vendors? Well, that is closer to the mark, but still not catching everything.

As you have probably guessed we think the most common problem with IT in small businesses is that there is no strategy. As a general rule small businesses IT systems have simply grown to meet whatever the current demands of the day are.

The problem is that in this environment people often don’t know what their computers do, and usually have even less idea about what they will need from them in the future. And it is because of this that we often see the number one symptom when there is no strategy: Poor procurement decisions. When there is no strategy procurement decisions are missing one of the most important pieces of information needed. That is, what are you going to want this system/ software/hardware to do in the future?

An IT strategy is simply a way of understanding what you will be expecting from your IT systems. Of course this can be difficult because small businesses usually have to react to innovations in the technology market place, but very rarely get to set the agenda. However, this does not make the task of predicting what future capabilities might be available impossible, particularly if you do this through consultation with an IT Systems specialist, such as Green Light IT. An IT Strategy doesn’t have to be complicated; it can often be expressed in few dots points. But they do need to be devised with your business in mind. So forget about where you want to go today. Think about where you want to be tomorrow, because that is what effects the decisions you make today.