Monthly Archives: June 2012

The Cloud: a Primer for Small and Mid-Sized Businesses

– Dean Tremblay, Partner

Cloud services are getting a lot of buzz these days. Although the concept and the technology have been around for some years now, Apple’s iCloud has recently brought cloud-based services to the attention of the masses. Cloud technology, storage availability and bandwidth have advanced such that cloud services are now accessible to businesses of all sizes. Tango Technology Group’s cloud services for SMBs help organizations to take advantage of that.

In a previous article, I outlined how the cloud can deliver real, practical value to small and mid-sized businesses. Here, I’d like to spend more time explaining what the cloud is and some of the options that are available for businesses.

About Cloud Computing

Cloud computing provides computing functions as a pay-per-use utility. In much the same way that hydro-electric power is delivered to your home from a central location, cloud computing delivers access to IT infrastructure and IT applications from a centralized location rather than a server at your premises.

The Benefits of Cloud Computing

Traditionally, software- and hardware-based business applications had to be installed and maintained on site, on desktops and/or on servers. Today, applications and even complete servers can be hosted by third parties on “cloud” infrastructure.

  • Maximize resources: Run lean with no need for dedicated real estate to safely and securely house IT infrastructure.
  • Pay per use: With hosted “cloud” services, you pay only for what you consume on a monthly basis.
  • Reduce cap ex: Avoid the capital expenses of purchasing and maintaining dedicated servers.
  • Scale: Easily scale a cloud-based service up or down as your business and workforce needs change.

Types of Clouds

There are three general types of cloud-based models of relevance to Tango Technology Group’s clients. These are:

  • Public cloud – we make hosted Microsoft applications such as Exchange, SharePoint, and Dynamics CRM available to our clients on a pay-per-use basis. In addition, we have managed backup and business continuity services. and are two other well-known public-cloud services.
  • Private cloud – computing resources are dedicated to a single organization and can be hosted by us or at the client site.
  • Hybrid cloud – a combination of public and private cloud is implemented to leverage the best advantages of each to match the client’s specific needs or situation.

Tango’s experts can help you to determine the best cloud service model for your business’s needs, and can help you determine where the cloud fits within your IT strategy roadmap.

Cloud Computing vs. Server Virtualization: Don’t be Confused

Over time, “the cloud” has come to be used to refer to nearly any kind of technology, IT service, software or application that is disassociated from a specific piece of hardware. However, there is a distinction between the cloud and virtualization that is useful for purchasing decision makers to understand:

  • Cloud computing delivers computing functions and applications as a utility on a pay-per-use basis. Examples include Hosted Microsoft Dynamics CRM, Hosted Sharepoint, Hosted Microsoft Exchange, hosted email spam filtering, hosted backup, and more.
  • Server virtualization consolidates multiple pieces of server hardware to a single server that can then share its resources between multiple “logical” servers. Server virtualization is used extensively to build cloud infrastructures, but it does not in itself comprise a cloud. A virtual server may also be hosted in the cloud, or on premise. (You can read more about server virtualization on our Server Virtualization web page.)

Organizations that partner with Tango are assured that the best selection of technologies and delivery models are chosen for their business needs.

Cloud Computing Complements Managed IT Services

One of the best ways that an SMB organization can streamline its IT is by outsourcing its IT functions to a dedicated service provider that also offers cloud computing services. Doing so eliminates nearly every capital expenditure typically associated with server IT infrastructure. Specifically:

  • Managed IT services reduce or eliminate the need to hire and maintain IT personnel on site.
  • Cloud computing reduces the costs of IT services by providing pay-per-use access to business applications and services.
  • Cloud computing reduces or eliminates capital expenditures on servers and many other network infrastructures associated with traditional delivery models.
  • You can leverage economies of scale because your managed IT service provider is able to host cloud-based services on behalf of many clients.

Security and Other Important Considerations

Security of data, applications and systems is a concern for every company and those taking advantage of cloud-based services are no exception. Unauthorized third-party access to sensitive data must be managed in both traditional and cloud infrastructures.

As with any aspect of IT infrastructure management, cloud-services providers must deploy policies and best practices to protect cloud users. Tango follows the ITIL v3 process management system, a series of best practices and processes for the management of IT infrastructure. Our cloud services are delivered to customers through a secure, Tier 3 SAS 70 certified data centre. This ensures that both the services and the data are safe, reliable and quickly recovered in emergencies. Features include:

  • Biometric Access Control System with video surveillance
  • 24x7x365 critical monitoring, alerting and reporting
  • Advanced redundant climate control systems
  • …and more.

Additional Reading

For more information about Cloud Computing, I recommend the following resources:


How to Avoid Top 10 IT Mistakes Committed by Small- and Mid-Sized Businesses

– Dean Tremblay, Partner

In this article on BrightHub, GFISecurityLabs’ David Kelleher talks about common IT mistakes that small and mid-sized business (SMB) customers make. Avoiding these pitfalls is possibly the best reason for an SMB to outsource its IT to a dedicated managed IT service provider.

Below, we take Kelleher’s Top-10 list as a jumping-off point and describe how we help our SME clients protect themselves from a variety of business risks with proactive, outsourced IT management.

Connecting systems [such as new computers and mobile devices] to the Internet before hardening them.

Part of our managed IT service is to provision gateway access controls (a.k.a. firewalls) to protect internal IT systems. We also provide anti-virus and spyware controls to all of a customer’s connected systems.

Connecting test systems to the Internet with default accounts/passwords.

When we provision new computers, mobile devices and other connected systems on behalf of our clients, changing default passwords to strong, secure passwords is part of our process.

Failing to update systems. Security holes exist in your operating system and no software is perfect.

We provide both native Microsoft patch management as well as patch management from third parties for targeted applications, such as Adobe products, Java, QuickTime and others. This is part of our standard managed services offering because we believe strongly that it needs to be done.

Failing to properly authenticate callers.

Most of our clients provide us with a list of authorized individuals who are allowed to initiate changes on their networks. Where required, we can also use a challenge/response protocol to authenticate individuals who contact us for helpdesk support on behalf of a client organization.

Failure to maintain and test backups.

At Tango, we believe that any IT service is rendered irrelevant if excellent backups are not maintained. To protect client data from disaster, we regularly back up business data and we validate that the backups are successful on a daily basis. We also perform a test “restore” process once per month for any client engaged with us under a managed services contract.

Failure to confirm that your disaster recovery plan actually works.

We provide backup and disaster recovery services for SMB clients. In our experience, most SMBs do not have disaster recovery or business continuity (DR/BC) plans in place and find it too expensive to justify the cost of, for example, maintaining two completely redundant IT infrastructures with fail-over. Our cloud services offerings substantially reduce these costs and make DR/BC accessible to small and mid-sized customers.

Failing to implement or update virus detection software.

Tango implements a “defense and depth” strategy of protection against viruses, malware, spyware at the email server, the network gateway and the desktop to ensure that your systems are fully protected. This is another core service in our managed IT service offering, no exceptions!

Failing to educate users. Users need to know exactly what kinds of threats are out there.

In our managed IT service industry, end-user knowledge (and lack thereof) is perhaps the most common area of risk that affects our customers. A lack of awareness or sophistication can lead to users opening their systems to viruses, spyware, phishing and other threats. The solution is to mitigate risk through ongoing end-user training. In addition, Tango builds client IT architectures such that end users are removed from critical decision-making processes. For example, next-generation firewalls and email security applications remove most of the risk from vulnerability attacks. But, education is still the first line of defense!

Trying to do it all yourself.

Even if you have an IT resource on staff, it’s simply not realistic for an SMB to effective manage all aspects of IT effectively. In a previous article about knowing when it’s time to hire an IT resource <link once that blog is approved & posted>, I outlined that four skill sets that a corporate IT department of any size must possess, and provided an ROI/budgeting model to help you determine how best to fill those needs. Chances are good that a partially or fully outsourced managed IT service model will make the best sense for your business.

Failing to recognize “insider threats”.

Any malicious, untrustworthy or disgruntled employee presents a risk if they are not properly monitored. If you operate in a strict regulatory environment or have other reasons to be concerned about insiders hacking, stealing or selling your sensitive business and customer data, there are a number of checks that we can build into your IT architecture and roadmap. This may include implementing monitoring measures on specific systems, devices or network resources. It may also require high-security physical restrictions on employees who enter and leave your premises. Our IT strategy and virtual CIOservices can be leveraged to provide expertise, insight and solutions to these and other big-picture IT concerns.

What You Can Do Now

To evaluate your organization’s IT security against these and other potential risks, contact us for an IT security audit.