INTRODUCTION

This eBook aims to speak to two disparate audiences - financial managers and junior IT technical workers. Weve found that information technology (IT) people report to the financial side of the business, and yet, financial managers are not given the tools to manage IT staff. IT personnel, in turn, do not have the vocabulary to articulate to financial managers how to build a robust technical IT infrastructure. We are making this resource to address this problem for both parties. This is an independent resource for financial managers to understand what is being presented to them, and concepts and explanations for IT staff to improve their design/build plans along with the arguments needed to win approvals. In the coming days and weeks, well post blogs, videos, whiteboards, and chats in which well discuss a host of topics that we have seen asked by customers over the past twenty years. We hope youll find this resource useful and that youll engage with us.

IT-Building-blocks

IT BEST PRACTICES

To begin, we need to make a range of topics available for our audience to learn about. This eBook was inspired by customers who have asked us questions like, “Why would I want a storage array (SAN)?, or, Ive heard of VLANs but when do you need them and how do they work?, and, “Why would I pay $5,000 for a switch when I see that Staples sells them for less than a thousand? These questions need to be answered for both financial managers and IT people alike.

One of the reasons we need to cover such a wide range of topics is because in the US, there are no standards for networking that would be an IT equivalent for Generally Accepted Accounting Principles (GAAP). Schools that offer IT training unfortunately tend to cobble together curriculum, teaching outdated programming languages which are wholly unnecessary for managing IT infrastructure. They add to it various IT basics like what an operating system is and often drag the new student into lengthy descriptions and examinations of technologies that are no longer the primary solution. Alternatively, virtually every technology vendor offers training and certification on the nuances and idiosyncrasies of their products, but not on the principles of the underlying technology. This is unfortunate for both business and aspiring IT professionals alike.

IT-best-practices

Download your PDF copy of this eBook by completing the form to the right. 

building-blocks-of-robust-it-systems-cover

 

STANDARDS USED IN IT

In the absence of standards for technology professionals, there are at least standards established and well documented for aspects of technology that overlap more established professions. The clearest example of this is where IT overlaps with electrical standards. It is the Institute of Electrical and Electronics Engineers (IEEE) and Telecommunications Industries Association/Electronic Industries Association (TIA/EIA) that have established the specifications for network cabling and wireless networks. Heard of Cat5 or Cat6 cabling? TIA/EIA standard. Heard of 802.11? Wifi standards from IEEE. These standards are brilliant in that its plain how to comply with the standard, a positive contrast from the muddied networking standards of IT training. That is, if a network is not in compliance with the standard, the IT professional has a clear, documented standard to point to and reference. Among other topics, we will be sure to speak to these standards, common mistakes, and non-compliant installations that cause issues in our supporting materials.

These technology standards are clearly varied and inconsistent. Financial managers and IT professionals alike will improve their understanding and resulting decision-making if we can establish a common language. This language has three layers. It begins with describing the technology, much like a home builder describes the process of building. We describe the raw physical hardware first. For networking, that physical description is comprised of the networking cabling, the device it connects to, and the switch at the other end. Next, we describe a “data link” layer, which includes the blinking lights that show that we have an electrically powered connection. The third layer is the basic set of protocols for communicating on a network. These three layers, as well as four additional (which well get to later), comprise the Open Systems Interface (OSI) Model that the whole industry has agreed to use to describe IT conceptually. The benefit of breaking down the enormous topic of information technology is that if youre developing a product at “layer 4”, you rely on standards for layers 3 and 5 to communicate with for input and outputs. This point is intentionally vague because this can manifest very differently, but ultimately the OSI Model is the best template we have to describe IT.

standards-used-in-IT

OSI MODEL

Have you called upon helpdesk to check problems, or been a part of a helpdesk? Checked for power (OSI level 1)?  Checked for a link light where the network cable connects to the PC (OSI level 2)?  Checked to see if you have an IP address (OSI level 3)?  Checked to see if you can ping the Internet (OSI level 4)?  Confirmed you can login with your credentials (OSI level 5)?  Made sure your desktop to came up correctly (OSI level 6)?  And finally, tried to get into Outlook for your email (OSI level 7)? 

OSI-model-1

 

WHAT’S IN AN IP ADDRESS

Fundamentally, however, we can’t get anywhere understanding networks if we don’t know TCP/IP (Transmission Control Protocol/Internet Protocol). The infamous IP address is so ubiquitous that it’s referred to often in popular culture. An IP address is a number that has a similar design and purpose to a phone number. While phone numbers are designed to breakdown localities into smaller groups — like with area codes, for instance — IP addresses also allow communication between others in varying geographical diversities, but electronically. An IP address is comprised of four octets — so named because each grouping is comprised of eight binary digits. A quick visualization of that is that the IP address 255.255.255.255 written in binary is 11111111.11111111.11111111.11111111. Each one eight ones or zeros.

Virtually every networked device in the world has an IP address. For public-facing devices, those IP addresses are unique — while Google has quite a few IP addresses they use, only Google has 172.217.10.14. But the services available on various IP addresses depend on what the owners of those devices are offering. Services is the name the IT industry has given to the enormous array of program types developed for public and private use. Still, you already know a lot more of these service names than you think — HTTP (Web), SMTP (Email), FTP (File Transfer), SNTP (Time), and there are thousands more. Each service is assigned a port number. HTTP(Web) is port 80 by default.

This is relevant to you because without a firewall, the whole world would have access to your corporate or even residential network. Firewalls, by default, block all traffic, but then configurations are made to open specific ports. My counsel to you, Financial Managers, is that you should know what ports are open. The list of open ports should be short, well documented, and intelligible to non-technical staff. A physical security weakness at your office is less risky in many cases than a weakness in firewall configuration because mischief is easier in the digital world.

Another thing that’s relevant for anyone wanting a robust IT system is cabling. After all, a strong network starts at the bottom of the OSI model — the physical layer — which means if you have poorly installed network cables, you’ll suffer for it as surely as you would a poorly installed foundation of a building. Poorly installed cabling isn’t just a matter of opinion — either the cabling is up to TIA/EIA standards, or it’s not. In over 20 years of working with small and mid-size businesses, some customers have actually had good cabling, but the maintenance staff never installed it. Other times, the cabling just isn’t compliant. We’ll post pictures of cabling that is compliant, and pictures that are not, because this difference matters every single time. Sometimes installing cabling incorrectly can be cheaper or easier at the beginning, but doing cabling according to TIA/EIA standards is always ultimately cheaper. With substandard cabling, the transmissions either fail or more commonly fail periodically, which then results in retransmissions. This can lead to slower traffic and excessive transmissions that interrupt other traffic. Almost every time, the troubleshooting and repair work is more costly than installing cabling right the first time or even doing it twice.

whats-in-an-IP-address-1

UPFRONT COST VS. TOTAL COST OF OWNERSHIP

If this article prevents even one business from using a Netgear switch for its corporate network, this will have been a success. Financial managers, this is directed at you. It doesn’t matter that Netgear offers the cheapest fabricated metal box with electronics and puts the name switch on it; they do not offer a business-class product. In fact, they use the bare minimum amount of memory. The result is much higher failure rates, poor customer service if you need it, and processing and traffic flow that a hamster on his wheel could outpace. Deciding what switch within the business-class line of switches will be the subject of a separate blog, but knowing that businesses need business-class switching is accomplishing a lot.

Capturing all the critical building blocks of a well-built and well-maintained network is a tall order. Still, the next point has to be about having the right staffing. Commonly, a helpdesk person is the one who supports many smaller networks. This is usually not a good idea. Would you hire an A/P clerk, an employee who may well not even understand accounting principles, to do month-end close? The problem is that the roles are very distinct, and helpdesk people do not have network support best practices ingrained in them, at least not by default. If your company can’t afford to have a full-time network administrator to complement the helpdesk activities, you’ll get better results by hiring the right person outside the team.

upfront-costs

BACKUPS ARE KING

Backup is incredibly essential, but truthfully, it can be tedious. It’s important, though, to never forget about backup, because it could still make or break your business. To be blunt, my best “war” stories are about the successes I’ve had rescuing businesses from the brink of disaster. I have revived a failed hard drive by swapping the backplane on it with a spare that I found, found emergency equipment after a storm wiped out a customer server room, revived a drive array that a customer dropped on the floor, and assembled a team of six engineers in three hours to help a business who wasn’t even a customer recover from a ransomware attack. I can’t lie, those are fun and highly satisfying. But in almost every case, I could have made the situation at least 80% better with a solid backup solution implemented ahead of time.

Some common elements of solid backup solutions are:

  1. Don’t do your backups in house - the primary reason backups are unreliable is because IT staff are busy, and let’s be honest, backups are annoying to do every day.
  2. Always have more than one backup - you need one on-premise and one off-premise.
  3. Carefully consider what you need for recovery times and points - if your business would suffer mightily by having an outage of eight-plus hours, then you need hardware as part of your backup solution. If even an hour or two of downtime is too much, you need to step up your infrastructure. And finally, if your requirements are less than a minute, well, the technology exists to accommodate that specification, but it will cost millions.

backups-are-king

IT INFRASTRUCTURE CONSIDERATIONS

Sadly, another area where businesses make a comical mess of their network infrastructure is with wifi. It really comes down to this: don’t go cheap. Entry-level wifi devices — what you get from Staples or free from Verizon, Comcast, or other Internet service providers — are designed with only the cheapest of components, resulting in having a maximum of 5 devices connecting (newer standards are up to 10). Many can relate to these devices bogging down.

Let’s explain “bog down.” It means that the processing capacities and strength of the signal are such that with one connection, you’ll get 100% of the devices capabilities, a second connection cuts the performance in half for both connections, and so forth. These devices are not smart enough to simply refuse additional connections, so then all connections are equally poor. As a point of comparison, business-class wireless devices are rated for at least 50 connections. These days, five devices means your smartphone, tablet, laptop, TV, and Alexa — and this doesn’t even include the rest of your family or office. Rebooting a “bogged down” wireless access point throws all connections off so you can start the rush for bandwidth by your devices all over again. Business-class wifi, on the other hand, has a whole range of other features that are critical in today’s world — the ability to walk around a building and move from one access point to another to maintain the best signal throughput required for Zoom meetings, and even fancier features like geo-locating inventory.

IT-infrastructure-considerations

Download your PDF copy of this eBook by completing the form to the right. 

building-blocks-of-robust-it-systems-cover

 

CONCLUSION - IT SECURITY

This eBook could go on and on about classic decisions that businesses need to make relating to IT. In this last paragraph, we’ll cover the topic of security. Time and time again, we find two things. First, that financial managers think this isn’t their responsibility because it’s not their expertise. Second, the attitude that “we don’t need security, we’re not Ft. Knox”. To be clear, both of these security positions are straight-up dangerous in all cases. Financial Managers, you must know what your exposure is. Get an outside security audit, engage in the conversation, and understand what is being reported to you, please. Next, security is not a topic that is isolated to protecting your business from mythical hackers from trying to steal your trade secrets (although it doesn’t exclude those possibilities). It’s running the full range, from accidental file loss to ransomware attackers. Things like corporate espionage and internal bad actors are rare, but you have to safeguard against them anyway because it’s part of the whole security plan. And finally, security also means that you have anti-virus software, a backup that you can rely on in the form you need, and a disaster recovery plan that might be principally focused on natural disaster preparedness.

Let your IT be as stable and sound as plumbing and let your business thrive as a result. To learn how CNS Partners helps business create IT systems that are stable and high-performing download our eBook — CNS Partners Expert Guide to High-Performing and Robust IT Systems.

Expert Guide to High-Performing IT Systems