Thinking Tech

Employees steal from businesses every day. I don't know why I thought of this issue. I guess that I've been working with a few clients that seem to have some exposure to Fraud. So here goes.

A Certified Fraud Examiner (CFE) is trained to detect, prevent, and determine the extent of fraud. I'm not a CFE, so anything I may write here is based on my experience as a CPA, not on additional training or expertise on fraud. If you think you have an issue with fraud, I can find someone to refer you to, but I'm not the guy.

During my career, I've known many CPAs. One of the favorite issues for discussion is the fraud they've seen. Here are some of the best/worst:

• The company had three groups of people who could sign checks. The bookkeeper would produce a check to a "short-name" company (VISA, for example), then get the President to sign. This check would go with the bill. Another check would be signed by the Vice-President. This one would have "VISA" erased and the bookkeeper's name inserted. The expenses were hidden in a variety of accounts. Best I could tell from my CPA friend, she got about half-a-million before they caught her.
• The secretary who just wrote checks from the operating account in her name and buried them on the financial statement. No telling how much she got.
• The accountant who stole the cash from "counter" sales and the coke money.
• The bookkeeper who doubled her own salary and approved personal loans from her 401(k)
• The company manager who came in on the weekend, did work with company materials and machinery, and sold it at a fraction of what it cost the company to produce
• The foreman in the building products business who set aside a certain amount of each received shipment as "rejected" to be returned. This was placed at a special location during the workweek. The foreman then had the (completely different) weekend crew move the "rejected" product to a special warehouse. By the time they caught him, he had stolen enough to build a house for himself, a garage for his father-in-law, and he had started on a new house for his sister-in-law.

Well, you get my drift. All of these were small businesses. None could afford the loss. All got taken for several thousand dollars, some for several hundred thousand. And, perhaps most important, none of these companies were stupid or negligent. They were all duped. And so were there accountants. Sometimes for many years. Here are some of the common ways people steal:

• Setting up dummy vendors (really themselves or accomplices) and paying invoices to them.
• Taking kickbacks from vendors to continue approving artificially high prices
• Lapping. Lapping is taking cash (or check) and covering the cash stolen with later cash. It works like this: Customers A & B pay $200 which is stolen. Customer C pays $250. $200 of Customer C's payment is applied to A & B, $50 is stolen. This continues until the person is caught. Obviously, the person doing this has to keep good notes, can't very well go on vacation, and has to keep stealing more and more to cover earlier theft.
• Stealing cash which isn't accounted for. My auditing professor said that the easiest theft is from churches. There are no invoices, so there is no way to know how much cash "should" have been collected. Poor recordkeeping in situations like scrap sales allow this.
• Selling product off the back dock.
• Stealing product for personal use.

I'm sure there are many more ways people steal, but this will give you and idea. How do you prevent it? Based on my experience, here are a few suggestions:

• Control cash, credit cards, and inventory tightly. Make sure that even highly trusted management employees are not trusted with these items. Many businesses don't control inventory tightly because they believe it will impact customer service. If theft puts them out of business, that's more likely to impact customer service.


• Have a process for approving expenditures and bids that assures that the prices being paid for products and services are in-line with market prices. This will avoid many kickbacks.


• Require vacations, and move employees to cover the function of vacationing employees while they are gone.


• Consider fraud like a cheating spouse. If you suspect it, there's probably a good reason for it; check it out.


• Ask yourself this question about each employee: On a scale of 1 to 10, how much do I trust this employee. Choosing 1 means I wouldn't trust them to close the door on their way out. Choosing 10 means, "I'd give them my entire fortune in cash and expect them to give it back to me even if I were lost at sea for 10 years." If you rank any employee 8 or above, you probably trust them enough for them to have opportunity and means to steal.


• Look for motivation to steal in employees. An employee with constant financial trouble has a motive to steal. Fraud seminars teach that it takes (a) opportunity, (b) motivation, and (c) means [method] to steal. If an employee has any two of the three, watch out!

As small businesspeople, we're incredibly busy. It's easy to just trust people to do what they are supposed to do, but if we ignore the signs that someone might be stealing, we're asking for trouble.

I don't know how I got along without my Treo. BlackBerry users seem to be just as taken with their little fruits. Recently, though, eWeek reported a serios security flaw in the BlackBerry server product that might be installed behind an internet gateway in the corporate environment. Most individual BlackBerry users won't be affected, but if you are check out the eWeek article.

Researchers Warn of Serious BlackBerry Vulnerability

There's been a debate for years about whether there was such a thing as "pure" management. That is, is it possible to take a freshly minted degree in "management" and go "manage" somebody without knowing how to do their jobs. I used to think it was a crazy idea. Of COURSE, you needed to know how people do their jobs in order to manage. Now I'm a bit older...and a bit wiser (might be)...and I think it may not be necessary to know the details, but it sure helps to know some of the basics. The quote below is from the article above,

The other faction believes that IT is just another production function and that line management and general management skills are more important. They want a focus on financial management, budgeting and cost management, on human resources development skills and on the processes by which IT organizations align their portfolios with the needs of the business. For them the content ratio was reversed: 80% (or more) "general" management skills, 20% (or less) IT specifics. They expected the graduates to be able to take many different paths to the CIO role and to be less information technology managers than managers who from time to time manage IT.

Seems that IT managers want to have a "general idea" of what's happening in their functional area. I have a problem with that.

John Parkinson: Why Business Schools Aren't Turning Out Good CIO Candidates

The clients we work with that cause themselves the most trouble are those that know enough to get themselves in trouble. They know some buzz words. They have some idea of how the technology works, but because they have no theoretical foundation, they cannot evaluate alternatives, cannot assess new technologies for strategic potential, and cannot tell when vendors are blowing smoke or when they actually have a viable product.

Let me put it even more strongly: I completed all of the Computer Science classes offered at the time I was an undergraduate, spent the next 10 years studing programming technologies, wrote several articles, taught courses, etc. To suggest that it's possible to "shortcut" this or to get it in 15 hours of a 45 hour MBA or Master's degree is pure lunacy...better yet, it's just plain laziness. If you REALLY want to be a CIO, you'll have to pay the price. And that means that you'll have to develop some technical competence.

Sorry. Ain't no such thing as a free lunch.

When many companies bought Software Assurance three years ago, they thought they would get the new version of Microsoft Office and Microsoft Windows, called Vista. Now it's obvious that these two products probably won't ship before some of these customer's agreements expire. Not that Microsoft intended it this way, but as schedules have slipped for delivery of the products, people debated whether Microsoft would make it good for these customers.

Gartner (a major IT industry research firm) now says the answer is "No go."

Windows Vista - What's Next

You've probably heard about the recent security hole in Microsoft Windows that generated a stir of warnings about another PC Armageddon. One security researcher infected a machine and watched it to find out what the Mocbot was doing. His conclusion:

"The entire scheme of mass infection is simply to facilitate the sending of spam. The proxy Trojan is also a bot of sorts; reporting in to a master controller to report its IP address and the socks port for use in the spam operation," Stewart said.

Botnet Eavesdropping: Inside the Mocbot (MS06-040) Attack

SPAM! But the point is this: If they can get to your machine to send SPAM, there's very little they can't get to your machine for.

Be careful out there!

Since 2005 when WalMart required its top 100 vendors to RFID (Radio Frequency Identification) tag product shipments, RFID has been a big news item. Most of the news hasn't necessarily been good. Early RFID results were poor: tags couldn't be read, information decayed on the tags quickly, equipment was sluggish or didn't work at all, and so on. Forklift drivers skewered their share of RFID readers in warehouses.

Gen II RFID is looking better. Read rates are up. Cost is decreasing. Many suppliers and customers are insisting on the new technology.

Keep watch. This rapidly evolving technology may soon replace standard barcode.

Gen II tags: No surprises here - 8/23/2006 - Modern Materials Handling

There was the day when "Blackberry" meant "Email." Then they day when "Blackberry" meant "Phone." Now comes the Blackberry Pearl which means "Phone, Email, Pictures, and Play Music."

Take a look! You might become a convert.

RIM BlackBerry Pearl

Some of the bad battery packs made by Sony for Dell may have been shipped during service calls, not with the original notebooks, Dell notes. This means 100,000 more batteries are being recalled.

UPDATE: Dell, Toshiba Recall More Notebook Batteries - Technology News by TechWeb

The Federal Trade Commission has a page that covers the concepts and tactics of pretexting. Pretexting is used in identity theft. The page also includes suggestions to help you protect yourself.

Good read.

Federal Trade Commission

I entered the business world as a CPA, working for a local Memphis, TN CPA firm. I worked there for 5 years, starting out as a CPA on the general staff doing tax returns, audits, etc. I learned a lot about what I didn't know--like how to run a 10-key adding machine. Then the firm started giving me work to do for clients that needed computer systems work.

Then five years later, I started Data Guidance Group. We were very clear about what we did: computer technology for business. We offered expertise related to selecting, implementing, and using computer systems in business. And we still do.

As I read this blog--my blog--I realize that some days I need to think a bit more about the average businessperson and how they use technology. For most businesses, technology is a cost center. Not that it should be that way...it just is.

I've spent the most of my career trying to help businesses see the applications of technology that would produce the best return on investment for them, and trying to help technologists focus on business, not on the technology.

In working on this blog, I'm well aware that the folk that I could potentially benefit the most (at the top of organizations) may be the last people who will read it. That's a terrible thing, but it's more about how I write for the blog than whether they read it. I take the general approach that if I write it, you will come. So give me some feedback...is this stuff useful? What would you like more of?

And so...expect more of a focus on business applications...we may have to slip in an occasional tech piece, but business will be the focus.

This isn't another article about virus protection and anti-spyware. You know you should have those in place, and most careful businesses do.

I just have one question: Where is your backup from last night, and if your building burned, do you have a way to recover the data you use on a daily basis? If not, you might want to do some disaster planning.

Take it from me, standing outside your building and watching smoke pouring from the windows on the floor your office is on (happened to me in 1998), or the floor above (happened last year) makes you ask this question. But the stress induced by the answer is much less if you actually have a good answer to the question. In both cases, DGG was in good shape. Are you?

My co-workers--and some of my clients--are tired of this story. So of course, I'll tell it once again. It has to do with the Gladys principle. Gladys was my first boss, at the ripe old age of 15. I worked in a Concession Stand at a local "Mini-Golf" business. The business is long gone, as I would assume Gladys is, but the story still works.

Here's the crux: If Gladys gave me 100 things to do, and I did 99 of them perfectly, the one I left out was

• The most important one (and it didn't matter which of the 100 it was), and


• The first thing she noticed

The assumption is that if the current software is 10 years old, or only cost $100, or was put in by their next door neighbor's dog's owner's friend, ANY new software will have all these features and then some.

Here's a good example: In businesses that move from QuickBooks to something else, the most common question I get is, "How do I change the invoice once it's been printed (or posted, etc.)? In QuickBooks, I could do that."

Yep. That's right. You can change invoices even after they've been printed...even, for that matter, after they've already been paid. And accountants all over the world are turning over in their leather chairs and pulling their hair out over this. "What about the audit trail?" they ask.

And the accountants are right. For most businesses, it would be a disaster if the employees could go back and change things after they have been finalized. Invoices sent to customers wouldn't agree with invoices in the computer system. So "better" accounting software makes you issue a credit or debit memo (another transaction) to change the amount of the invoice. It's been business practice for years, but...for the small business it's somewhat annoying.

From their perspective, they lose a feature. But wait, didn't they change software to get features they didn't have. Yep. If you looked at the list of things they needed from software, this one wasn't there. Because it was one of the 99...they only listed the "ones" they didn't have.

It's why Needs Analysis is critical to the selection of a business software product. It's the place to start.

Hmmm...not sure what Microsoft is thinking. FREE is not a word I would usually associated with Microsoft and software. But there it is right on the ideawins.com site:

License: FREE. No strings attached.

No strings attached? Really?

This is a product designed for the very small business. Microsoft's press release states that it will come with pre-built integration to some of the online services like eBay and equifax. This will allow users to connect transactions online directly into their accounting software. And...of course...when and if you outgrow this software, Microsoft has other offerings you might want to look at.

We're reviewing this software now, and will let you know what we think. Thanks to Rick in our office for bringing this to everyone's attention.

Easy to use free accounting software from Microsoft

At year end, there are a few things you might want to think about. You'll be closing out your books. You need to evaluate the operations you'll need to do in order to get your software and hardware ready for the new year. Here are a few things (not an inclusive list, by any means):

• Review closing procedures or contact your support provider to make sure they will be available
• Review updates like tax tables, Accounts Payable 1099s, W-2s, etc., that may need to be done by year end or shortly after.
• Contact your CPA or accountant to find out if they can review your financial records before year end to make any corrections
• Make sure bank accounts are reconciled and up to date
• Review physical inventory procedures and begin to make plans for taking a physical inventory
• Review backups to make sure they are working
• Consider archiving backups at year end
• Review your hardware to make sure it is adequate for the year ahead.
• Think about any reports that need to be printed at year end

I'll look over this later and think of 10 more items...but they'll have to go in another post.

Here's an easy to use tool that might be just the solution you need for your quote and order tracking. Originally designed for the IT industry, QuoteWorks is a way to store product lists and quickly produce documents that you need. Quotes. Invoices. Purchase Orders.

So if you're still typing quotes, you might check into QuoteWerks. It's pretty inexpensive, and ties in with a number of popular contact management products.

You can also download a demo if you're into getting your hands dirty. There's a video demo on the same page if you're softwareGermaPhobic.

Take a look. Might be the solution you're looking for.

QuoteWerks sales quoting software tool that integrates with ACT, GoldMine, Outlook, salesforce.com, MS CRM, TeleMagic, SalesLogix, Maximizer, QuickBooks, Peachtree, Ingram Micro, SYNNEX, and Tech Data

I don't think I've mentioned SANS on this blog. I should. SANS stands for SysAdmin, Audit, Network, Security Institute. The publish a variety of newsletters on security threats and protecting a business from them.

In addition, they provide a variety of educational opportunities for system administrators and security officers.

Another great security resource is CERT (Computer Emergency Response Team) at Carnegie Mellon University.

It's hard to keep up-to-date on all the risks, but if you have sensitive data or a connection to the Internet, you need to be informed of the risks.

Don't know if you caught the NBC report on retail thieves. There's a new breed that is using hand signals, cell phones, and--most interesting of all--fake bar code. The "Lego bandit" stole $600,000 worth of Legos over 3 years. The method? He faked bar-codes and applied them over the real bar-code. This made $100 sets of Legos ring up for $19.99 or so.

Tricky...

NBC report on combating expert thieves

I've been pointing out for several years that any wireless device could be a potential security risk. Take the venerable Palm, for example. The infrared connection that's available to transfer information is a potential risk.

Forget about the potential for hacking or tricky programming techniques (those are a possiblity, of course), but forget about them. Suppose this: you're at lunch with a salesperson. You need to take a Bio break, and you leave your Palm on the table. While you're gone, the salesperson grabs your Palm and starts a transfer. By the time you're back, they've got your entire contact list.

So it's not too surprising that Blackberry is vulnerable. So, too, is Treo, and all the other devices. All it takes is for someone to get the idea that the data that's available on a device is worth getting. They'll figure out a way.

Security Watch - Exploits and Attacks - Cracking the BlackBerry with a $100 Key

I'm not sure that anti-virus will die quietly, but Gartner is saying it's dead. There are some real issues here that you should stay aware of. Businesses will need to make sure that they keep track of the emerging market in anti-virus and security.

The concept is good...security needs to be integrated across the enterprise. How this will play out in actual products is another question entirely.

Security Watch - Virus and Spyware - Anti-Virus is Dead, d-e-a-d, Dead!

Here's an interesting thought. Did you know that the date daylight savings time changes will change in 2007 for the first time since 1966? And have you thought about the fact that your computer (if you turned on the feature to automatically update the time) will need an update to do this correctly? It will.

Oh well, so twice a year, the time will be wrong. At least it's better than the clock on my mantle...it's exactly right only twice a day.

Daylight Saving Time - When do we change our clocks?

You may have read that Microsoft launched Windows Vista, Office 2007, and Exchange 2007 simultaneously last week. Microsoft also has about 30 more products that will launch during 2007, including version 5.0 of Dynamics NAV (had to backspace and change that from Navision...old habits die hard.), and several of their other upgrades to Dynamics products.

All of this is a good thing, I think. Office 2007 has a great new look, the first substantial makeover in the history of the product. I've been using it for about 3 months now, and have forced it on unsuspecting users of my home office computer (my family). All of them have adapted well--in fact, they haven't mentioned it at all, not one complaint (and--believe me--that's unusual). I think end users will like it equally well.

But all of this isn't the issue...I have MS Office 2007 because it comes FREE with one of several subscriptions I get with my Partner Program membership (which, believe me, isn't free at all). So, as long as I've got it, might as well use it.

What about your business? Should you spend the (probably substantial for any business) dollars to upgrade? Should you do it now? Should you wait? How should you decide anyway.

I'm an old business strategy guy. I believe in things like ROI and internal rate of return (IRR). So my answer is pretty simple.

Bottom line.

Not bottom line "colon" as in "Bottom line:" followed by an explanation of what for me is the Bottom line. The bottom line--as in the bottom line on the income statement--is the BOTTOM LINE.

If upgrading to the new version of Office and Exchange and Vista makes you money, your business should upgrade. If not, you shouldn't.

Bottom line.

My take on the new products? I imagine DGG will be upgrading as soon as all of our software is fully compatible with the new releases, and as soon as we can move data to the new release. For MOST clients, at least the Office upgrades will be significant if they are heavy users of the products. Outlook has some significant productivity enhancements as do Word, Excel, and Powerpoint.

But of course, you'll have to evaluate for yourself. Might be a good time to get started. And--by the way--this isn't just a job for the IT staff. Administrative Assistants, Controllers, Bookkeepers and Accountants also need to be involved.

And that...dear readers...is the bottom line.

Suppose you've been reading this blog and others, and you've decided to upgrade your information on security vulnerabilities. So you subscribe to a few of the newsletters from SANS, check out the CERT newsletters and site on a regular basis, and in general are flooded with information that you never knew existed. "How could there be so many security issues in the software I use on a daily basis?" you ask. But there are.

So you read an article like this one from the 12/4/06 (yesterday's) @RISK newsletter from SANS:

Description: The AcroPDF ActiveX control, included with Adobe Reader and Adobe Acrobat contains multiple vulnerabilities in its "setPageMode()", "setLayoutMode()", "setNamedDest()", and "LoadFile()" methods. A web page that instantiates this control and calls one of these methods could exploit these vulnerabilities and execute arbitrary code with the privileges of the current user. Users can mitigate the impact of this vulnerability by disabling the affected ActiveX control via Microsoft's "kill bit" mechanism for CLSID "{CA8A9780-280D-11CF-A24D-444553540000}".

Status: Adobe confirmed, no updates available.

Council Site Actions: All responding council sites are waiting on
additional information from the vendor. Almost all sites rely on the
automatic update feature for their clients.

Now what do you do?

Really, there's not a lot TO do. You've got two basic choices (since the vendor hasn't released a fix): (a) Stop using the software, or (b) Wait for a fix. The important thing is that you now know that you need to be more careful when opening PDF file attachments to email or PDFs someone sends you, or PDRs from a web site.

Generally, the rules haven't changed: Don't open email or visit web sites that you aren't sure about.

I once had an otherwise pretty intelligent guy tell me: "I get lots of unsolicited emails. Resumes. Job applications. Papers. If I didn't open them, I couldn't do my job!" Ok. I accept that. Just don't ask me to connect your computer to my network.

Microsoft reported today that a zero day exploit in most of the commonly used versions of Word could cause problems. The answer: don't open Word documents--whether or not you know the person who is sending them to you.

Yeah, right Microsoft! Read all about it below.

Microsoft Issues Word Zero-Day Attack Alert

The most stressful thing that I had to do when I was in public accounting was go into the office. It wasn't because there were other CPAs there, either. It was because of phone messages. It never failed that I got stuck in the office and was late for appointments because I was trying to return calls. And I hate to be late. People who know me may find that hard to believe...but it's true.

The best thing to happen in those days was the advent of the Motorola "brick" phone. With it, I could hit the office, get messages (or even call to get messages), and be on the way to an appointment. Reduced my stress immediately. Great addition to my life.

I feel the same way about the email on my Treo. Unlinked me from the office or home computer. Allows me to read newsletters when I can. Great addition.

Some executives are torn...is this good or is this bad? Guess you'll have to decide for yourself.

Executives Torn Whether Tech Gadgets Help, Hurt Work-Life Balance, Survey Says - News by InformationWeek

This info is from Zebra, so of course it's mostly marketing spin, but there is some good information about RFID and a whitepaper with a case study. Thought you might find it interesting.

Z*Mail November 2006

Given that one of the major reasons businesses will be motivated to move to Vista is the security it promises, the availability of a serious, verified, hack within 15 days of its official launch would be a bad thing. If you read the messages posted against this article, at least a couple of people think it's a bad joke from the Free Software Foundation.

I'm not sure...but time will tell. As for me, I'm still taking the "wait and see attitude..." And I still haven't gotten around to loading the release copy at home.

Hackers Selling Vista Zero-Day Exploit

For years, the standards in anti-virus have been Symantec (Norton) Antivirus and McAfee. McAfee has lost a bit of its appeal in the last few years as Norton several years ago beat McAfee to market with a corporate product that worked quite well.

But the market may be changing. More and more tech savvy installations are moving to Trend Micro's antivirus and Kaskersky Labs. Microsoft is also entering the market. 2007 may be the year to re-think the brand of anti-virus you use.

Kaspersky Lab's Secret Sauce Uses 'Woodpeckers'

For the new year, I'd like to propose several questions that I've been thinking about for Data Guidance Group. Most of the issues here may seem to be technology issues, but they really aren't. They're business issues. So here are some business questions I've been asking myself and our clients over the past few months. What are your answers?

• What are you doing to communicate better with your customers or clients? Do you have any technology in place to help you?
• How do you measure how well your business is doing? Do you have regular reports from the computer system? Are you reviewing details, or do the reports give you a management-level view?
• What about forward looking reports? Most businesses have financial statements, but they are history. What about the future? How are you keeping track of how well you'll do next month, quarter or year?
• How are you managing your sales force? What data do you collect? How do you use it?
• How are you managing the operations of your business? Reports? Summary or detailed?
• What are your plans to upgrade technology of all kinds in your business? Phone system? Email? Cell phones? Web site? Computers? Software?
• Are their any pieces of the software you have that you think you could or should use that you are not? Why not? What would you have to do to implement those this year?

Ok, that's a few. We'll consider each of these in future posts. Hopefully, you'll get something out of them.

Email is now subject to legal discovery. And if someone asks for it, you need to be prepared to produce it. Few businesses are sure what the rules mean. Vendors of archiving systems are rubbing their hands together in anticipation of the revenues. The one thing I can tell you is that it doesn't make things simpler.

Hopefully, we'll find a way to avoid printing out and filing all those emails.

New Data-Archiving Rules Good News For VARs - CRN

I got a call from a company with serious software issues in the last week. They called about a year ago and wanted to buy some software that we work with.

I listened to the description of why they wanted to buy it, then told him that it was the wrong software for his company. It just wouldn't work.

He showed me the brochures and the web site. I showed him the software. I was right, of course, it wouldn't work. But I was only right once it got to be his idea...I'm used to that...after all, I'm a consultant.

Meanwhile a highly-placed executive at his company fell in love with some software from a small software company. "Would I look at it?" they asked.

"Sure," said I, "right after we finish the needs analysis and talk to all of your operational units."

They didn't hire me. I was sad for at least 10 seconds.

They called at the end of last year. They had decided to buy the software the executive wanted. "Could I help them design some training?"

"Sure. Let me tell you how we do it," I said.

"Let me tell you how we have planned it," they said.

They didn't hire me. I was sad for at least 10 seconds again.

This week they called. The software purchase was a disaster. They had voted with a 75% majority in the management group to give it 2 more months and then give up. And the IT Director (who called) wanted to know if I knew someone they could hire in the Finance department with software implementation experience. That was what they needed, they had decided.

I wasn't sad. Not even for 10 seconds. Nope, I told them, I don't recommend employees anymore. They have head hunters for that.

Question: What went wrong here?

(My answer deleted...what's yours?)

I know Microsoft wonders why IT folk won't jump on the Vista bandwagon. Why we won't beat the drum and dance to the music.

Here's the thing: I would, but....

The last month of the year and the first are upgrade months for us. There are tax upgrades, software upgrades, antivirus upgrades, etc. I don't know why they are clustered at the end and beginning of the year for us, they just are. Probably has to do with the fact that we do a lot of ERP (accounting) software support and the IRS releases new tax rules about then.

Every December and January we load new updates for clients...and every December and January, there's a new list of hot fixes, bugs, quickly rolled out versions, etc. from vendors who didn't quite get all the bugs out. I know why it happens, but it makes for a couple of rough months for me.

And that's why I--for one--won't be banging the drum for Vista for a while...I don't want to get caught in the fallout of new drivers, quickly updated software, incompatibilities, etc.

Don't get me wrong, I'll update my computer as soon as all the software I use is compatible...and I'll load Office 2007 and tell all my friends how much I like it.

But today I'm tired of software that breaks just because you upgrade it.

So...software vendors...tell me again why I should encourage my clients to upgrade? Why was that again? I must have missed something...

In the few years since Linux was supposed to take over all the desktops in the world like Alexander the Great, there have been few takeovers. Many volleys have been fired across the decks from Linux advocates to Microsoft and back to Linux and back to Microsoft. Both groups claim lower total cost of ownership. Both groups claim technical superiority.

One truth has remained the same: Microsoft has the revenue stream to support and develop the product. Linux advocates have evidently realized that the lack of consistent support for the product is a problem. Thus the Linux Foundation. I notice, though, that Linus Torvalds the inventor of Linux isn't saying anything about quitting his day job.

Group Formed to Support Linux as Rival to Windows - New York Times

Joe Wilcox at eWeek said it. I've always thought it, but it's tough to get through to software vendors. Microsoft isn't the only company that wants to move the newest version off store shelves. But doing so at the expense of user confidence backfires.

Wilcox writes,

Product marketing often is much more about perception than reality. Negative perceptions, once they set in, are tough to shake. For companies with multiple, closely associated brands, negative perception of one product can affect another. Based on dissatisfied reader feedback about Internet Explorer 7, negative perceptions about the browser reflect poorly on Windows Vista.

So software vendors came up with another idea.

"We'll create a market channel where the end user doesn't talk directly to us. That'll insulate us from the bad reputation."

So Data Guidance Group clients call us when they have a problem with IE7 or Vista or ACCPAC or a dozen other products. And that's what we're here for...to help with product problems. What our clients don't realize is that the product problems frustrate us at least as much as they do them. After all, clients probably deal with product problems two or three times a year...we deal with them daily.

Is software perfect?

Not on your life.

Can we usually make it work for our clients?

Yep.

But have patience with us...we're imperfect human intellects dealing with the products of other imperfect human intellects.

To put it succinctly: we're doing the best we can!

Should you upgrade to Vista? Eventually (as I've written elsewhere) you won't have much choice. For now, have a few really nice dinners with your significant other and save the Vista investment for another day....or week....maybe month...

Microsoft Watch - Web Services & Browser - Will IE 7 Perception Problems Hurt Vista?

There are several blogs that talk about legal issues in blogging. Most of them focus on things like copyright or trademark infringement. A few mention issues like libel and slander. I never intend to say anything bad enough about anyone to get in trouble for that kind of thing.

But here's a new one: a blogger subpoenaed for what some commenters on his blog said about each other. Guess when we said this was social media, we meant that it was like every other media. If we insult one another in print, in paintings, in email, and in letters, why not on blogs?

Here's the link: http://www.shoemoney.com/2007/01/27/shoemoney-you-just-got-served/

Ok, I know Bosworth is talking about Asynchronous JavaScript (AJAX), a programming technology which makes web sites perform more like programs running on the computer than web sites (which can be a bit clunky for applications like accounting and word processing without it). And AJAX deserves (and gets) a lot of press in technical articles.

What I found interesting was this quote:

Bosworth said he has been building software for about 30 years and "not all of it works" all the time. "The reason, on reflection, turned out to largely depend on physics and human psychology," he said. And "a lot of it had to do with Tom Cruise," Bosworth said, citing the actor's line in the movie "Top Gun" where Cruise says, "I feel the need, the need for speed."

Yep. He's right. Not all of it works.

For the technical among thee, here's the link to the article.

Google's Bosworth: Why AJAX Failed (Then Succeeded)

Here we are a grand total of almost a week after the Consumer Launch of Vista and two months after the Business Launch. I finally have the release version of Vista on my home computer (after testing with Beta 1 and Beta 2). The jury still seems to be out: is it a good idea to upgrade or not? Take a look at the slide show below and you decide.

Reasons to Run to—and from—Vista - Reasons to Run to--and from--Vista Slide 3

Yet another software security problem has been reported. As of the time it was reported, there was no fix from the manufacturer. The software manufacturer in this case turns out to be Microsoft.

Don't get the impression that just because Microsoft problems are reported often that Microsoft is the only company with problems. All software is the product of imperfect human intellect, and is...therefore...imperfect. Microsoft just gets the bulk of the press because they sell a lot of software. So when a defect like this finds its way into a Microsoft product, it affects a lot of people.

Here's a quote from the eWeek article:

Zero-day refers to a flaw for which there is an exploit but no available fix. The Excel vulnerability is Microsoft's fifth zero-day exploit since December, and part of an increasingly troubling trend.

The zero-day flaw affects Office versions 2000, XP, 2003 and 2004 for the Mac, but not 2007 or Works 2004, 2005 or 2006.

An attacker could exploit the flaw either by enticing a user to click on a file hosted on a Web site or an attachment sent via e-mail. Either exploit would require some end-user interaction.

New Zero-Day Threat Excels

Congress has bee trying to figure out IT for years now. This new bill is an attempt to address the issue on several fronts. It includes provisions to punish offenders who hack into computers, to require reporting of computer breaches, and to protect consumers from data fraud. How effective it is remains to be seen, and the unintended consequences haven't yet been analyzed.

This is something all businesses should be aware of, particularly if business computers are connected to the Internet.

Data breach bills resurface in Congress | Tech News on ZDNet

A lot of fear has been generated by stories of hackers, spyware, and security breaches. But the reality for most companies is that the biggest danger of data loss or theft comes through the door every day using a key...current employees.

Here's a story about theft from DuPont pulished by InformationWeek. A key quote:

The best way to guard against insider breaches is for companies to monitor database and network access for unusual activity and set thresholds that represent acceptable use for different users. If an employee starts downloading thousands of documents, and this is unusual for the job designation, this should automatically trip red flags to an administrator or manager.

Is it time to review your security practices? I know I probably need to review ours.

Massive Insider Breach At DuPont - News by InformationWeek

I don't care for email greeting cards. Even from folk I know and trust. Problem is, I'm not sure where they've been. Kinda like putting money in your mouth.

If your computer is acting funny since Valentine's day, and you opened an email greeting card, you may have the love bug. Not related to Cupid or candy, this little beastie can be nasty. So don't send me any email greeting cards. I won't open them. But do take a look at the love bug virus if you think you might have it.

The Love Bug: Valentine's Day Virus Strikes - Security, Worm, SophosLabs, Secure Computing - CRN

I first raised this issue in December of last year. Turns out that there may be more to it than I initially thought. It's such a big deal that now--a couple of weeks before it cuts loose--Microsoft is talking about it at all their partner briefings. It's the Daylight savings change...DST moves back 3 weeks from its normal place (March 11 this year rather than the first part of April). Also, we'll fall back a week later in the Fall.

Turns out this affects a lot of products. For Microsoft's list, check out http://www.microsoft.com/dst2007

Best of luck. Call us if we can help.

I'm not really surprised at this one. When Google (equals lots of cash) acquired YouTube (equals business model depending on advertising driven by content owned by other folks [so says Viacom]) I thought, "Big lawsuit coming here..." I see from searching the blog that I didn't write about it, though.

Oh, well. I've missed major trends before. Here's the MSN entry into the analysis game over the suit. It's all over the email newsletter horizon today.

What do I think? I think that if--as the articles suggest--YouTube has been negotiating with these companies, there might be something there. After all, if you're using my comments on this blog on your blog and selling ads, you're basically stealing my property to sell your ads.

Not that anyone would want to read what I'm writing...

If YouTube is correct (and to a degree, I think they are), and they can't be responsible for policing all the content on YouTube because there's too much of it and they can't really tell without knowing every possible copyrighted piece out there (some amateurs are producing pretty professional stuff), then YouTube may have a point.

Viacom says that YouTube prevents porn from being shown on the site, so why not copyrighted material?

YouTube says...

Well, as you can see, it's one for the courts to work out.

I've been inconsistent on this blog for the last few weeks...because I've been working on an audio blog. There's some overlap. This blog usually gives more details and more tidbits. We're working on keeping the podcast to 30 minutes or so.

Check it out and leave a comment.

I know it's not possible to get all the bugs out of software. When you can make money infecting other folks computers with nastyware, there's bound to be a big market for it. You can hear more about crimeware and the market for exploited PCs at CEO TechCast, our podcast. The specific show is Number 3.

Be sure to patch your PC this week.
Security Watch - Exploits and Attacks - ANI Zero Day Takes New Turns to the Uber-Nasty

Tomorrow Microsoft will release the patch for the new nastyware. Be sure to load it.

Security Watch - Patches - Microsoft Jumps Schedule to Patch ANI

Microsoft released the patch that's being called the ANI patch (ANI stands for animated cursor). Animated cursors are like the cute little hourglass that spins when you're waiting for something to download.

Apparently, it affected all of the Microsoft operating systems, and at a deep level. Take a look at Mike Reavy's post regarding the investigation that resulted in the patch released on Tuesday.

You should realize that this issue isn't just related to Internet Explorer. It affects other things running on the Microsoft operating system. FireFox, for example is evidently still vulnerable according to an article in eWeek.

And--apparently--there's still potential fallout of the issue. Bottom line: this is serious enough and widespread enough that you need to do the Windows Update. If you need help, post a comment and I'll post a link to instructions.

Microsoft Watch - Security - ANI Patch: The Day After

I know from my business law course that you can't just say anything about anybody without repercussions. There are slander and libel laws, though I can never keep up with which one is in print and which one is verbal.

Turns out that there are a number of other important laws that every blogger needs to know about. The Aviva Directory posted the "12 Important U.S. Laws Every Blogger Needs to Know." The link below takes you directly to it.

Blog Law ｻ 12 Important U.S. Laws Every Blogger Needs to Know

I taught a class on disaster recovery a couple of years ago. It was interesting to see how few of the people who attended the class had actually thought about disaster recovery from a systems standpoint.

Having a good backup isn't the end of disaster recovery, though it's a start. And computer systems aren't the only thing that has to be recovered from a disaster, but they are more and more important in business.

As the article below from CIO Insight notes, it's not good enough to have a plan, you actually have to test it and then re-test it. I'm doing more and more work on our disaster recovery planning here at DGG. How about you?

Some things you might think about:

• How much does your insurance policy really cover? I found out recently that hardware and software is covered by our policy, but not data. Also, our business continuity policy used to cover only events that occurred on our business premises. So if the building was destroyed, that was covered. If a tornado tore out the infrastructure that supplies the electricity to the building, that wouldn't have been covered.
• Are you backing up all the data you need? We've tended to insist on full backups with systems we setup, but we've seen systems where files were backed up selectively (so they took up less space on the backup media). That's OK as long as you're sure the files you backup are the ones you need.
• What would you do if your building was destroyed along with all its contents? Do you have an off-site backup? Where?
• What would you do in the event of "the big one" that destroys most of the city you live in. Here in Memphis, for example, we worry about an earthquake, since we sit on a fault line
• Do you need redundant data centers? That is, do you need a computer somewhere else that has the ability to continue to operate your company in the event of a total failure in your location?

These are some really basic questions, but think a bit about them. You may be frightened by what you learn.

Survey: Many Backup/Recovery Systems Going Untested

Ok, so you may have guessed that I'm on a Linux tear. That is, I'm doing a lot of thinking and research about Linux. Thus far, I know I can install it much easier today than 2-3 years ago. I know that some stuff still isn't ready for prime time (like support of Wireless Networking, which is the only thing that won't work on the laptop I've installed it on to play with), and some things are still developing (like ERP software for Linux).

All of this aside, I'm also learning a lot of terminology, most of which consists in trying to learn how to pronounce words. For example, I've learned that ET-see is the way you pronounce the file system directory /etc. This is where all the configuration stuff is.

The biggest battle, though is pronouncing the names of the "distributions" of Linux. Names like Debian (DEE-bee-un) and ubuntu (ooh-BOON-too). Red Hat I can handle. SUSE (SOO-SUH), and others.

The concept of a "distribution" is a bit dense for some people. You may be asking, "Isn't Linux LINUX?" Well, no, and--well--yes. The core of Linux (the kernel) is pretty much the same. But it's the things that are packaged with that kernel (like the Accessories in Windows...you know, the little calculator and WordPad, etc.) that are different. Some distributions are designed to be small and minimalist. Some distributions are designed to have "everything" (like Debian).

And some distributions--like Red Hat--have been around for a while and have options for support contracts. Other distributions are by some gal (or guy) in her (or his) garage...

All in all, they are a lot alike, and today's Linux can be installed by a novice (the installation program will ask you questions that you don't understand and don't have a clue what the best answer is, but if you just pick one, you'll probably wind up with something that works.) On my laptop--purchased for price not for features without checking the hardware compatibility list--Debian installed first time, without issues.

Now comes the hard part...

The State of Ubuntu 7.04 Is Strong

Open source software isn't exactly the same as FREE software but from the perspective of most business users, they look darn close to the same. The new version of the GPL (see the previous article) seems to take a pretty hard swipe at anyone who wants to license patented technology and use it in their release of software.

One of the big users may be anyone that would have benefitted from the Microsoft-Novell deal.

It's interesting that Microsoft has JUST published the claim that 200+ of its patents are infringed by open-source code. GPLv3 means--apparently--that Microsoft wouldn't be able to press patent claims against anyone using software distributed under the Microsoft-Novell deal. And that--apparently--applies even if the person or company in question didn't get the software through "approved" channels....like Novell or Microsoft.

I'm not a lawyer, but to me as a business person, this looks like it might be bad from a lot of perspectives. I think I understand why the Free Software Foundation (FSF) included these provisions in the GPLv3 license, but it seems there would be a way to allow the partnership between Microsoft and Novell.

All of this comes, I think, from the fact that a lot of the open-source community is somewhat "counter-cultural" at least from the perspective of the big company like Microsoft. You can see this--for example--in the Linux release of the browser FireFox. Evidently, there are some intellectual property rights surrounding part of the FireFox name or logo, so the Linux version is IceWeasel. Clever, I guess. But intended to poke a bit of fun at intellectual property rights which many open-source fans see as "foolish" or "exploitative."

At this point, I think FSF is happy that this throws a monkey wrench into Microsoft and Novell's plans...after all, they may represent the "evil empire."

Microsoft Would Lose Patent Rights Under New Linux License Terms -- Microsoft -- InformationWeek

The newest version of the GNU (or General) Public License, GPLv3 has been generating controversy for months. At issue have been a number of issues of license compatibility (that is, what if my software is under GPLv2 and yours is GPLv3?). The inital drafts concerned many in the user community, particularly since there were circumstances in which all software would have to be the same version of GPL in order to (legally) be deployed together. Those issues--says the Free Software Foundation--have been fixed.

The bigger issue for Microsoft and Novell is a provision in GPLv3 that states (basically) that if you distribute software under GPLv3, you can't press patent claims against anyone who uses the software--no matter how they got it. Read the exact language in the eWeek article.

The key question here: Does this kill the Microsoft-Novell deal? Most think it does...

FSF Releases the Final Draft of GPLv3

I've written before about GPL v3. It seems that the list of folks that are opposed to this release of GPL now includes Linus Torvalds, the creator of Linux. The critical provisions to Torvalds seem like the ones that are bothering everyone. Here's the quote from an InformationWeek article:

Key changes from GPLv2 include a ban on deals under which open source distributors agree to patent protection arrangements with commercial software developers. GPLv3 also adds a prohibition on including open source software in consumer appliances that don't allow user modifications.

The Free Software Foundation says such arrangements and features violate the spirit of open source software, which is meant to be used and shared freely. The two provisions are squarely aimed at Microsoft and digital video recorder manufacturer Tivo.

Linux Creator Torvalds Questions New Open Source License

The article in eWeek with the title above really doesn't answer the question that is asked. It really answers the question, "Is open source dying in the public sector?" In California and Massachusetts, the state experiments that intend to use open source are evidently going badly. As one quote from the article says,

Sources close to the situation tell me that former state CIO Peter Quinn's resignation happened at least in part because of delaying tactics by vendors who publicly support open source but do their best to scuttle it behind the scenes.

I don't think the article supports the idea that open source might be in jeapordy in the larger market.

Is Open Source Dying?

At one time, when a new version of a product came out--whoever the manufacturer: Microsoft, Sage, etc.--we waited from 90 to 180 days to see what patches, service packs, upgrades, etc. would be released. Inevitably, there would be changes. Today, it's not so easy to do that. Products release major updates or fixes that have features needed or fixes required. Many businesses have been delaying the implementation of Vista for just this reason. Now it looks like it will be late this year or next before we see SP1 for Vista.

The search changes would allow users to select a default search provider and offer new links to the default provider.

Certainly, Microsoft and its customers would benefit from the search changes coming before there are massive Vista deployments. But the changes would be a reason for some businesses to further delay Vista deployments.

Julie Giera, a Forrester Research vice president, said that she believes many businesses would further delay deployments because of the search changes.

Microsoft Watch - Vista - Uh-Oh! No Vista SP1 This Year?

We sold Works for a while, to several customers. I hope that surprises you, because Works was always just a program for folks that really didn't need a spreadsheet or word processor to say they had one.

The reason DGG got involved with Works was that there was a temporary loophole in which Microsoft Office sold for $500, Works sold for $50, and the upgrade from Works to Office was $200. So for $250 you could have a fully functional version of Office (legal, too), rather than $500.

Microsoft eventually figured it out. Smart folks, those at Microsoft.

Seems Microsoft is still trying to sell Works for about $50. But if you're like me, you'll go with OpenOffice.org's version of a word processor and spreadsheet. That product is FREE.

One of the eWeek editors was on a rant today when Microsoft announced that they are now going to give Works away for free in some foreign countries. The software will be ad-supported (Ah, more popups!). eWeek wrote:

With all these interesting apps available, my assumption was that Microsoft would take the hint and allow Works to slowly fade away, to be dug up by curious 6-year-olds who wanted to check out what was on Grandpa's computer or by sociologists studying the phenomenon of dumbed-down software. But I was underestimating Microsoft's tendency to try to keep its properties in the public consciousness.

If you'd like to read the full version of Barbara Kransoff's blog entry, it's here.

Microsoft Works Home

Early on, I had been following the RFID saga at Wal-Mart with some interest. I advised our mid-sized and small clients to take a "wait and see" attitude toward it. Now that things have shaken out a bit, it's interesting to look for updates on Wal-Mart's progress on Google.

Bottom line here is that in the past few months, there are many case studies on effective applications of RFID. There are also many case-studies (like Wal-Mart) where goals have been missed and missed again.

If you're thinking about RFID, make sure you've done your homework on ROI (return on investment) for the technology in your specific application. Spend some extra time in proof-of-concept as well.

RFID Gazette: Wal-Mart

Here's another article on the progress Wal-Mart is making toward implementing RFID. Note the continued emphasis from the last blog post on the application of the technology at RETAIL stores as opposed to DCs where the initial push was aimed.

Has the DC implementation gone belly up? You decide.

Wal-Mart Embraces RFID's Green Potential - RFID Journal

The survey house / think tank Gartner believes Unix is about to be replaced by Linux. I think it probably already has been replaced, with a few bastions of support left in companies that just don't want to upgrade. Gartner's point, here, though is that the applications specifically developed for Unix will wane after 2009. That makes sense. Most people don't make tires for Model A's anymore.

Linux is stable and mature enough (and similar enough to Unix) that it makes perfect sense to move from Unix boxes to Linux boxes.

Gartner: No New Unix Apps to Emerge After 2009

I'm not sure whether this is something particular to the computer store industry or whether I should see this as a trend in all industries. Will storefronts close as business goes to the internet? I don't think the CompUSA closing is about this. I think it's about a store that failed to compete within its market. BestBuy and Circuit City simply outflanked it. And the attempt to move into services outsourcing seems to have been unprofiable as well. That business segment is for sale also.

CompUSA to Close All 103 Stores

Amid the spin about the number of shipped copies of this and the successful launch of that, it's hard to tell whether anyone is really running Vista. There are software compatibilty issues and rumors. Some are true, some are not.

I've heard reports that various products don't run on Vista. I've been able to find (at this point) upgrades for all the products I use for Vista. And I'm typing this on a laptop with Vista now.

What concerns me more is the chatter I hear in various places among tech types about Vista. Most is negative. The hosts on TWiT (This Week in Tech) have been uniformly critical of Vista. Most people believe that if Apple hadn't bungled the Leopard release, Microsoft might have been in trouble.

All of that written, I think Vista is quite different. Like Office 2007, there are things I really like. And there are things that I'm having trouble finding. It takes me longer to dig into the innards when I need to. Just like it took me longer to dig into the innards of Windows 3.1 when I migrated from DOS to Windows years ago. In my mind, it's all about change.

I like the fact that Vista asks me if I really meant to launch a program. I don't mind being asked, "Do you really want to do this??" I learned years ago in accounting packages that while this type of question is irritating, once in a while it saves a tremendous amount of time. Hitting the delete key when you don't mean to can cost a lot of time; having to answer "Yes" occasionaly vs. retyping hours and hours worth of data is a good investment. Even though 90% of the time the "Yes" is just an irritant.

There are other good things about Vista. I'll think of them later.

Microsoft Says Vista SP1 Won't Resolve Compatibility Issues -- Windows Vista SP1 -- InformationWeek

Most businesspeople struggle with time management. It's a common problem. Books have been written about scheduling your day and eliminating email interruptions. One of the biggest interruptions is the Outlook Email Notification. It's the little popup you get letting you know that you have yet another email message.

Here's a video we recorded about how to turn it off. Let us know how you like it and if you used it.

I've always liked Seth Godin. He writes well, and thinks outside the box. Plus he writes little books that are easy and quick to read.

His idea of quitting, or changing strategy is interesting. If you're politically minded, he has advice for Hillary (seems like no one calls her Senator Clinton: a cute bit of branding, that).

He also talks about a vendor that they walked away from. The vendor behaved (from his description) very professionally. He thinks that's a good thing. Like some of the girls I knew in highschool, though, I don't mind a little fighting over my business. Far too many vendors give up far too early. I'm not talking about the aggressive stuff; just a bit of attention to let us know that the vendor cares about our business.

Seth, don't you wish that your vendor had fought a bit over you?? I would have.

Seth's Blog: Sunk costs, quitting and the value of your brand

At Data Guidance Group, we're business consultants. We're problem solvers.

We also happen to know how to make technology work.

We really try to help you find the best solution to your business issues, when you let us.

But sometimes we are treated like welders or burger-flippers, not consultants. Those are the days that our clients say, "Just make the software do it the way we have always done it." Or, "Send me the file and I'll make it work." Or when a CIO tells us, "Just send me a brochure and I'll figure it out." Or when someone posts a comment on the blog that says, "Send me everything you have about x."

It's more complex than that most of the time.

So here are some suggestions to save you money and frustration:

• Tell us what you are trying to accomplish in the very beginning, not how you want to accomplish it.
• If there is a specific budget, let us know. We often have many solutions to choose from, and we can tell you if there is a solution that will work for less money. Often the less expensive the solution, the more work it takes on your end (that is, the less "automated" it is). Over the years, we've come to expect that clients want the most automated solution possible. If that isn't the case (either because of budget or something else), then tell us.
• If you want us to tell you what our thought process is, be sure to ask. We will often consider many solutions and present only one. It's not that we are advocating just one, it's that clients have told us in the past, "you're the consultant; make a recommendation." When we present more than one alternative, our clients ask us to narrow it down, so we do.
• If you need help, ask early. Don't mess it up first. It will cost you more in the long run.
• We won't run down the competition, but you do need to evaluate the qualifications of the people who work on your system. Seems like most everyone these days thinks they are a computer technician. That's fine. If you want to risk your business data with an off-duty something or other, go right ahead!
• Experience is valuable, despite what your teenager may think. Yes, technology changes, but experience helps evaluate the danger and the possible benefit of each action. In my book and in my business, I trust (successful) experience over training every time.
• Make sure your consultant understands your business.

Here's an interesting blog post comparing Peachtree to QuickBooks a friend of mine, Brian Tankersley, recently Tweeted about.

I don't disagree with anything David Chermak wrote. The problem is that the article is from the perspective of an accountant, not a businessperson. Some of the other items are just "par for the course" in any stable accounting package.

The items listed for comparison are interesting: prepayments, payroll accounting, depreciation, tax minimization and compliance, and useful, sensible reporting. My trouble with this list is that it doesn't address the key issues that businesses generally start to look for software to solve.

Here is a list of some things that small and mid-sized businesses need: cost control, costing (of jobs or manufacturing), inventory, order tracking, shipping, purchase controls, quotes, payroll checks, lot and serial number tracking, service billing, and recurring invoicing. The blog post below seems to focus more on what Accountants need from software than what businesses need from software. Accounting records should be the byproduct of a system that makes a business money by collecting and reporting the data the business needs.

QuickBooks Vs. Peachtree ｫ Abacus

In many cases, clients ask us to provide "technical" services. Most of the time we understand the business purpose behind these requests. Sometimes we suspect it.

We're most successful (as are our clients) when they tell us what they are trying to accomplish before they decide the specific technologies to use to accomplish it. That is, clients are most successful when they use us as advisors rather than technicians.

There are risks here for you--our clients--I know. The main risk is that we might recommend something that you really don't need. Unfortunately, that's kind of like the reputation used car dealers have. Not all used car dealers are dishonest. But enough are to give the industry a bad reputation.

In reality, though, most of us in the technology industry understand quite well that all software and all hardware isn't for every business. We consider your individual needs--to the degree you allow us to--and recommend the best solution.

So what's the problem?

Often, you may not know enough to ask the right questions. You may have an efficiency problem, but think it's a personnel problem. A well-trained and informed technology firm will help you distinguish between these. They will advise you of the limitations of your personnel; note, though, that you do have to listen carefully.

I've tried for years to say tactfully to clients, "You know, you might want to consider some additional accounting training for John or Janie." Another way to say this is, "Janie seems to be having a problem understanding how to reconcile the bank account. I was a bit surprised at that." Both of these statements actually mean: "We're having to do additional training on job functions that doesn't have anything at all to do with the software or technology."

My experience is that this kind of message just doesn't get through.

Here's a different way to think about it. Business is increasingly complex; the recession has forced almost all businesses to do more with fewer employees. As we come out of the recession, many clients want to remain lean. This means that existing employees will have to do more; thier jobs will be less specialized. Bluntly, they need more expertise and more ability to think to function. You may have to train existing employees more (or again). You may even find that some employees can't operate in this environment.

'Nuff said?

A member of the AICPA Group on LinkedIn posted a question about keeping paper records vs. the paperless office. In case you aren't on the AICPA group on LinkedIn, here's my reply:

I think the issue is not only that the offices are paperless, but that most small and mid-sized businesses don't think about disaster recovery. With paper records, a fire can wipe them out, but fires are relatively infrequent. A computer--being a machine--will fail eventually.

I used to ask business owners, "Do you know where your backup from last night is?" Most got this panicked look in their eyes. A friend of mine called me to look at the IT situation at a largish insurance agency in town. I asked this question. The owner said, "Don't know, let's go see." We walked down to the IT department (in the basement, one employee). I asked him where the backup was. He pointed to a tape sticking out of a tape drive. I asked him where the backup from the previous night was, he said, "Don't have one. I know I'm supposed to change the tape, but I forget."

As I walked out of the IT department, I said to the owner, "Did you see that stack of 10 or 12 tapes in shrink wrap sitting on top of the computer where the backup was?"

The owner answered, "Yes."

I said, "They're doing you a lot of good!"

He wasn't happy.

Paperless is a disaster in cases like this. Backup. Disaster recovery. Often the last thought of business owners, but critically important.

Without going point by point through the issues raised in this article, I think there are some considerations that may be left out:

Cloudy Forecast for Information Technology

While Drake is surely correct that technology developments are similar to the historical development of electricity, he misses the fact that it was many years after the development of electricity before the technology found its most productive uses. There are some current developments in IT (discussed on this blog, by InformationWeek's GlobalCIO Initiative, and others) that suggest that business has been more concerned with efficiency and productivty than information and strategy. Strategic applications of IT have escaped all but the most forward-thinking companies.

Drake's statement, "However, with advances in computing the reverse is true, and jobs are being eliminated as companies streamline their operations." Is true, but omits the issue raised by MegaTrends and MegaTrends 2000 that with the retirement of the Baby Boomer generation in the next few decades, the workforce MUST shrink, or find a new source of labor. Immigration can provide some of this labor, but developing countries in the midst of their own industrial revolution will find that they need this labor at home. Simply put, our economy to date has been based on the idea that the workforce will grow, but current birthrates simply cannot support growth in the number of employees.

Here's the issue in a nutshell: New technology has driven much of the growth in the IT sector over the last few decades; the recession has created new demands that businesses drive technology innovation with strategy.

IT will change, but strategic IT applications will be SLOW (in Internet time) to migrate into the cloud. Business need to think strategic, not technology.