IT Solutions Advice and Guidance

1. Choosing an IT Supplier

1.1 Some useful guidelines

Choosing an IT supplier is a minefield but there are measures you can take to help ensure that your expectations are met and your investment protected. This guide gives you help in asking the right questions when talking to potential IT Suppliers. 
 

Who do they partner with?

It is often said that a man is judged by the company he keeps.  This nugget of wisdom stands true in the world of IT.  Often the value of partnership is rubbished by suppliers who do not have strong partnerships in place. 

Membership of these partner programs often gives the supplier access to additional technical support resources and best practice guidelines.  It may also mean that the supplier gets product updates and information in advance of public release enabling the supplier to be better prepared when it recommends solutions.  

In many cases partner programs require staff to have passed technical and sales exams before membership is approved.

Perform a credit check

Credit checking a supplier is as important as credit checking a customer.  UK Credit Ratings can be measured in two ways, Credit Rating and Suggested Credit Limit.

A credit rating is scored from 0-100 (with 100 being the best).  This figure reflects the behavior of the company in paying bills.

The Suggested Credit Limit is the amount of financial exposure recommended per month.  This may be a good way to assess how much you are willing to spend with that supplier.  Would you spend £10,000 with a company that has a recommended credit limit of £2,000 with their suppliers?

A credit check will also reveal if the supplier has any CCJ’s issued against it and enable you to check if they are part of a group. 

What is the size and turnover of the business?

This is another piece of information that will be revealed by a Credit Check (unless the company is too small to publish these figures).  

 
 
 

How long have they been in business?

IT companies have a habit of appearing and disappearing overnight, you will often see a company go though a “management buyout” or sudden name change. These are often a sign of underlying financial problems. This information is available when you perform a Credit Check.

What support options are available?

OK, so your supplier has delivered your new kit but can they support it and what does that support cost?

You may want a fixed price contract or to “pay-as-you-go”.  Either way it pays to look at your choices up front.

It is advisable to check that your supplier has dedicated help desk staff because nothing is more frustrating than being cut off from an engineer who is helping you on his mobile phone as he drives through a tunnel.

Ask for staff qualifications

Even if the supplier you are considering has all of the accreditations and partnerships you would expect to see they still may not be sending out staff who are qualified to do your specific job.  

Ask who is going to be project managing the work you are having done, look for industry or vendor certifications such as Microsoft Certified Systems Engineer, Microsoft Certified Systems Administrator and Microsoft Certified Professional.

Check if the supplier has Professional Indemnity insurance

What happens if your solution does not meet expectations or you the advice you are given is unsuitable.

 

Talk to local business organisations such as Chambers of Commerce and Business Link

These organisations can often provide valuable insight into your potential suppliers and can often offer advice on many IT related issues.

Talk to reference sites

If your supplier is experienced and confident in what it does talking to a range of reference sites will not be a problem. Just ask

Ask for a demonstration 

Your supplier may talk the talk, but can they walk the walk.  Asking for a demonstration will sort the men from the boys.

Make sure they are not contracting out your work

Many businesses claim to offer a full service but in reality they contract out elements of what they do, whilst this is not usually a problem, you may find difficulties if there is a problem with the work undertaken.

Check out their own IT systems, do they practice what they preach? If not, why not?

If it is so good your supplier will use it themselves! Although sometimes technical limitations or requirements may mean this is not the case.

Ask to see any case studies 

Case Studies can give you an idea of the real life solutions provided by your potential supplier.  It is even better is these are endorsed by the vendor of the products involved.

 

 

2. Email Archiving and Compliance

2.1 Protecting You and Your Business

Over the past years, email has become a primary channel of business communication. It provides organisations with a fast medium of conveying business correspondence such as purchase orders, quotations and sales transactions, in virtually any geographical area with the least physical effort possible. A study conducted by market researcher Gartner Group revealed that organisations conduct almost 97% of their communications via emails. Furthermore in a recent survey, Osterman Research found that email is now accepted as written confirmation of approvals or orders in 79% of organisations.

 

What is email archiving?

Email archiving enables companies to securely store all email communications into one or more indexed databases and to allow emails to be retrieved quickly and easily on demand.

You can provide users with easy, centralised access to historical emails and with the ability to quickly retrieve emails through a simple Restore process. 

This technology is increasingly integral to a PC network in order to meet the regulatory email storage requirements of UK and European Laws.

What legislation do I need to know about?

Every year brings more changes to an already complicated regulatory framework. It is possible to define three major categories: 

  • Industry Regulation driven through compliance against regulatory authorities in key vertical markets such as finance, health and public sector.
  • Legislation as a result of government imposed acts affecting all organisations.
  • Best Practice relating to the implementation of general email management policies and guidelines designed to protect the employer and employee.

It is important to note that there is little explicit legislation that relates to e-mail, however a common understanding within the context of law, and illustrated by many court cases, is that an e-mail is a document and as such is covered by many and varied regulations.

Of the 70+ acts/regulations that might affect your business, those that are key are: -

  • Data Protection Act 1998
  • UK Companies Act 1985
  • Freedom of Information Act 2000

 
 
 

What does this mean to me?

A core element to the Data Protection Act is the way in which it insists companies have to disclose information it might have on an individual. This key type of disclosure is called a “Subject Access Request”. 

Anyone can issue a SAR against any company by simply writing a letter in a format available from Data Protection Act website, sending a cheque for £10, delivered via registered mail to the company. The company receiving the SAR legally has to give up all data requested, within 40 days. Failure to comply breaks the law, seriously affecting the company’s ability to defend itself against any legal actions.

Currently, the most common use of Subject Access Requests is by employees, or ex-employees making claims of unfair dismissal, sexual / racial discrimination, harassment, or constructive dismissal. Just imagine the difficulty in trying to find relevant emails between different parties that are stored in numerous locations or more often just deleted.

The reality is that for legal compliance, data held in emails should be stored in a secure archive, with quick retrieval and with all events surrounding any email, audited.

What’s meant by “Legal Discovery”?

Legal discovery tends to be based on a request to produce all documents relating to a particular person, department or subject. 

When you stop to analyse this, the term “all documents” means that it may comprise of Word, Excel, PowerPoint & PDF documents, Emails, Instant Messages and even VOIP phone calls. 

Even the smallest of companies often has tens of thousands of emails that need to be searchable.

 

But these email messages are not in one place. In the simplest of scenarios; they will be stored across different backup tapes with no indexing system to identify their content.  They could be in Web-Based email systems, old Outlook or Outlook Express files or saved to a local archive file.

The next question is what do you index anyway? If you are indexing to satisfy legal discovery requests, what could those requests be about? Anything your business is involved in. So the indexing has to be complete. Every person, every object, every transaction, every location, every policy.... every single thing your business emails deal with has to be indexed so that all the emails dealing with, for example, maintenance work being undertaken in the company car park, can be located and retrieved in case a solicitor issues a legal discovery notice on you about that topic. 

What do I need to do?

To protect you and your business you need to ensure that you have a full email archiving solution and procedure in place.

How can you help?

AXIS First can offer a range of email archiving solutions to help meet your legislative or regulatory requirements.

Can my users get to archived email?

Yes, this is done securely via a web-browser interface.