Monthly Archives: July 2012

Focus on Existing Clients

I’ve been working as a part time consultant for small and start-up companies in Cambridge, MA. These clients ask me to design and build their IT infrastructure. Most of the time, the infrastructure is built in-house, and sometimes they are put into the “clouds”. It largely depends on which architecture make sense for the clients. For instance, some clients generate huge amount of data in-house, so it make sense to build the storage infrastructure inside their premise.

Once the infrastructure is built though, most will be in operations mode. This mode does not require huge amount of time — specially in small companies. You only get called when there are problems. Should you then look for new clients, so you can generate more revenue? I believe it is easier to focus on existing customers and generate more work (and revenue) from them. In fact, if you focus more on looking for new clients, your relationship with existing ones erode, your service become stagnant, and in some cases you end up losing their business.

To focus more on existing clients, here are three proven methods to generate more revenue from them:

1. Provide timely responses. When something breaks, fix it right away. If you cannot do it in the next hour, provide a feedback when you can work on it and the estimated completion time. Improve your customer service skills and communicate often.

2. Address unmet needs. There will always be unmet needs in the Information Technology space. For instance, the client may not know that due to regulation, data containing any personal information of employees and customers such as credit card numbers, social security numbers, etc. should be encrypted. Offer to create a project for this unmet need.

3. Offer value added services. For instance, offer a comprehensive Disaster Recovery Plan. Tell the client that a simple backup infrastructure is not enough for the business to continue to operate after a major disaster.

It’s hard and expensive to find new clients. Your existing clients will be happier (and will pay you more money) if you focus on them.

Mt. Wachusett: Conquered

Yesterday, Sunday, July 15, 2012, my friend Ferdie and I cycled the 60-mile hilly road bike course by the Charles River Wheelmen “Climb to the Clouds” bike tour.

Together with approximately 850 other cyclists, we climbed the gruelling 1-mile 9% grade climb to Mt. Wachusett. As an amateur rider, I felt the pain on my legs and back during the climb, but it was well worth it. The feeling of satisfaction when we reached the top was incredible.

I’ve been joining bike tours for the past couple of years, including the fun Five Borough Bike Ride in New York City,  and the Maine Lighthouse Ride in South Portland, Maine.  But the “Climb to the Clouds” bike tour is the longest and most difficult tour I’ve joined so far.

My goal is to ride a century course (100 miles or more) in the next couple of years. I’m looking at the Pan Mass Challenge, or the Harpoon Brewery2Brewery 150-mile ride from Boston to Vermont, as my next goal. It will be a tough ride. But just like anything else in life, if you want to reach your goal, you have to work hard for it.

Some photos: Climb to the Clouds, Maine Lighthouse Ride, Bike New York

Security Strategy

Amidst the highly publicized security breaches, such as the LinkedIn hacked passwords, hacktivists defacing high profile websites, or online thieves stealing credit card information, one of the under-reported security breaches are nation states or unknown groups stealing Intellectual Property information from companies such as building designs, manufacturing secret formulas, business processes, financial information, etc. This could be the most damaging security breach in terms of its effect on the economy.

Companies do not even know they are being hacked, or are reluctant to report such breaches. And the sad truth is that companies do not even bother beefing up their security until they become victims.

In this day and age, all companies should have a comprehensive security program to protect their assets. It starts with an excellent security strategy, a user awareness program (a lot of security breaches are done via social engineering), and a sound technical solution. A multi-layered security is always the best defense – a firewall that monitors traffic, blocks IP addresses that launches attacks, and limits the network point of entry; an IDS/IPS that identifies attacks and gives signal; a good Security Information and Event Management (SIEM) system; and good patch management system to patch servers and applications immediately once vulnerabilities are identified, to name a few.

Cost is always the deciding factor in implementing technologies. Due diligence is needed in creating cost analysis and threat model. As with any security implementation, you do not buy a security solution that costs more than the system you are protecting.