I came across a contributed piece by Brian Burch of Hewlett Packard on InformationWeek titled, "Top 10 Misconceptions about SMB Technology Needs." Burch is the director of SMB marketing for HP in the Americas, and while the article is obviously influenced by HP's desire to sell to small and mid-sized businesses, I do believe many of his points accurately depict some of SMB decision-makers' outdated thinking.
I've listed some of what I felt are the most pertinent points below, together with my own analysis of them. If you have the time, I would encourage you to also read the full article here.
'I Don't Need An IT Strategy'
These organizations are usually spotted by their lack of any IT budget and absence of any timeframe to upgrade or gradually phase out old or obsolete hardware. There is often much scrambling to free up funds when critical computer hardware breaks down irreparably, or when a really good salesman waltzes through the door with a new product that addresses a plausible-but not necessary an important-need.
Everyone would agree that it would be outright crazy for any organization not to budget for expenses such as office rental and staff salary. Yet why isn't there a valid plan for IT, a department that effectively undergirds just about all the business processes in a typical office these days?
'I Don't Have To Worry About IT Security'
I recently wrote "Why SMBs should pay attention to Security" to address precisely this attitude in small and mid-sized businesses. Many believe they are too insignificant a target for hackers to waste their time on. In a nutshell, while it is true that elite hackers are unlikely to find anything in an SMB to be worth their while, a lot of the security shenanigans out there are perpetuated by criminals with mediocre computer skills pushing the buttons of "ready-made" malware toolkits.
These criminals use these third-rated tools to "gather" as many victims as they can, and commit their crimes against the prey who fall into their nets. As you can imagine, a disregard of IT security and failure to put up a credible defense opens SMBs up to successful raids by these gatherers. A cohesive security plan though, will likely be adequate to thwart such attacks.
'I Can Wait To Implement A Backup/Recovery Plan'
Compared to the thousand and one things clamoring for immediate attention in a typical SMB, the idea of devoting precious time and resources to put together a cohesive backup and recovery plan can sound outright preposterous to short-sighted executives. Surely that is something that can be put off until next week/month/year, right?
Sorry, but no. If your organization were to experience a failure in the server that generates new invoices, would it be a catastrophe that your company can recover from within a reasonable time frame? If you think the above scenario is unlikely to happen, my counter is this: Since when was it possible to predict a system crash or data corruption?
'Mobility Solutions Just Give My Employees An Excuse Not To Come In The Office'
Unfortunately, this idea belies the truth that mobile devices are already in the office. And depending on the laxity of administrators or presence of security controls, might already be hooked up to the computer network. A proactive approach will allow businesses to better manage and secure these devices, a topic shall be covering later this week.
In the meantime, I look forward to your thoughts or anecdotes pertaining to the above areas