Executives are jumping on the outsourcing bandwagon as cloud service providers promise unlimited scalability, reduced expenditures for hardware and IT staff, and the ability to offload software and routine maintenance at a moment’s notice.
In fact, Gartner analysts predict that 35 percent of enterprise IT expenditures will be managed outside the IT department’s budget by 2015.
But overzealous executives eager to jump to the cloud may encounter security issues down the road, as the security practices of the cloud service provider are often unclear — up to and including where the data is stored. A survey by Symantec shows that only 27 percent of companies have set procedures to approve cloud applications that use sensitive or confidential information.
“It’s easy to deploy data and applications to the cloud, but most executives don’t have a handle on the true risks associated with those decisions. So they fail to build the proper assurances into the procurement process,” says Brian Thomas, IT advisory services partner for Weaver.
Smart Business spoke with Thomas about the risks of outsourced computing services and why companies should seek an auditor’s assurance during the procurement process.
What are the specific risks associated with the cloud and outsourced computing?
Possible issues include data integrity, confidentiality, privacy and security, system availability and reliability, and data retention and ownership. But the threat level and mitigation strategies vary depending upon the importance and sensitivity of the data being processed by the cloud service provider.
It may not matter if you can’t access your sales prospects for a few hours if your hosted CRM application goes down, but business would come to a halt if your hosted e-mail or e-commerce system crashes. Therefore, the provider’s server redundancy and service-level contract guarantees may be the most critical risks to address, where in other cases, the primary concerns may be security and privacy issues. Certainly, regulated companies need to pay particular attention to how the cloud service provider addresses their regulatory risks.
How can executives identify outsourcing risks?
When considering cloud computing project ideas, executives should ask a lot of questions. First, they must understand the nature of the cloud services being procured and the sensitive aspects of the systems being hosted or managed by the provider. After getting an understanding of the types of data and systems that will be exposed to the cloud, executives should ask ‘what if’ questions of their project teams. Such questions should be focused on general risk areas including data integrity, confidentiality, privacy and security, and system availability and reliability.
Executives should also get an understanding of their company’s exposure to risks related to data ownership and retention. Examples of questions to ask include, ‘What will happen if we lose connectivity to our cloud service provider for an extended period of time?’ And, ‘What happens if our cloud service provider is acquired by another company?’
How can executives use an outside audit to ensure the performance of service providers?
A third-party assessment by a qualified professional is the only way to know whether a cloud service provider has designed and implemented effective measures to identify and mitigate relevant risks, as self reporting is inadequate and providers may simply tell you what you want to hear.
You can save money by having your auditor review a cloud service provider’s service organization controls (SOC) report. There are three reports available under the AICPA’s standards for service providers. SOC 1 is based on the Statement on Standards for Attestation Engagements No. 16 (SSAE 16) and is best suited for companies that previously used SAS 70 for Sarbanes-Oxley or financial audit compliance. SOC 2 addresses the design and operating effectiveness of a service organization’s controls over the security, availability, processing integrity, confidentiality and privacy of a system. This may be more valuable for executives evaluating the controls a cloud service provider has in place to address risks beyond those relating to financial reporting.
SOC 3 involves the same scope as SOC 2; however, the report contains less detail and is intended for broader (marketing) audiences.
When are SOC 2 and SOC 3 appropriate?
Executives should request that their cloud service providers submit a SOC 2 report where applicable. The scope is generally best suited to address the concerns of users of cloud services. SOC 2 reports provide details of the procedures executed by the auditor to test the controls in place at the cloud service provider, and the results of those procedures.
If a cloud service provider only has a SOC 3 report available, that may be sufficient for getting comfortable while evaluating the service provider during the procurement process. However, executives responsible for the cloud services should request that the service provider submit a SOC 2 going forward to ensure that they can monitor the provider’s efforts to address any failed control activities.
Are there other certifications that can help mitigate risk when transitioning to the cloud?
If the provider cannot provide a SOC 2 report, see if they are certified as ISO 27001 compliant or if they have obtained assurance reports from a security firm addressing the ISO 27001 standard. If the provider processes, stores or transmits credit card information, it is required to meet the Payment Card Industry’s Data Security Standard (PCI DSS). Be careful when using these other forms of assurance. Their scope is generally narrower than SOC reports and may follow less rigorous quality assurance standards. However, in the proper context, they can be useful for executives attempting to get information about the activities performed at the cloud service provider.
Brian Thomas is an IT advisory services partner at Weaver. Reach him at (713) 850-8787 or email@example.com.
Insights Accounting is brought to you by Weaver
As a company grows, its information technology (IT) needs to grow with it. But some areas may be overlooked in the day-to-day hustle of getting the job done, says Timothy A. Heikkila, a principal with the Skoda Minotti Technology Partners Group.
“Companies should be considering options such as the cloud, looking at the security of their data and setting up a disaster recovery plan,” says Heikkila. “An outside advisor can help you ask the right questions and identify areas of concern.”
Smart Business spoke with Heikkila about what IT issues growing businesses should be concerned about and how to address those issues.
What is the first IT issue that growing businesses should look at?
As a business’s IT needs grow, companies need to consider whether cloud computing makes sense. If you aren’t familiar with cloud computing, it’s essentially remote access to applications and services via the Internet; it gives you secure access to all your applications and data from any network device.
Would it be cost effective to take your company’s e-mail to the cloud so that you don’t have to worry about maintaining data at your own location? When considering questions like these, companies should really weigh the pros and cons of taking that step. For instance, do you already have a location for your servers in-house, are you going to have remote offices, do you have a large traveling sales force? For a single location office, the cloud may not be a beneficial or cost-effective step, but for a company with multiple locations or a traveling sales force, it could make perfect sense to have your data housed at a central location in the cloud so that everyone shares access.
How can an outside technology expert help determine your needs in the cloud?
Outside expert advice is definitely recommended because the industry is changing so quickly that the types of questions you need to ask and the way to ask them are changing daily. For example, does the cloud provider have multiple Internet connections coming in to eliminate service interruption? What is the cloud’s capacity? How much is your business going to be able to grow at your current facility without shortchanging yourself?
Security is another important area to ask about. A lot of data centers that house this equipment are having SOC Reports prepared to make sure they have the proper controls in place that ensure their data is secure and not at risk of being breached.
What other technologies should growing businesses be aware of?
We’re seeing a lot of mobility with the evolution of the iPad and other tablets. A sales force can really take advantage of those devices by using them to take notes, share presentations, adjust quotations on the fly, get signed quotes, and close deals on the spot. It benefits the sales team because they can be connected to the office immediately, respond to e-mail and get instant answers as if they were sitting at their desks in their office.
One area of concern around these devices that a company needs to consider is security. Companies need to make sure that they have a policy in place that protects the company’s data in the mobile hands of the employees. For example, companies should be able to lock down or control the devices should they get lost. If a salesperson accidentally leaves an iPad somewhere, the company needs to be able to erase all of the data on that device so that it doesn’t get into the wrong hands.
Most e-mail servers have controls built into them that allow you to send a signal wirelessly to devices to erase the data, but if you don’t have an e-mail server with that capability, you have to get a third-party, add-on product that can erase it wirelessly. Companies need to have a plan in place to cover these new and growing concerns.
What should businesses think about when considering a disaster recovery plan?
Disaster recovery is another area that can help a business grow, or at least ensure that it is not set back. As technology grows more complex, having a disaster recovery plan is becoming more vital, and planning for if something does fail has become almost as important as investing in technology to grow your business.
A disaster recovery plan starts with sitting down to figure out what disasters your company should plan for, prevent, or recover from. For example, if you are OK with a tornado coming through your building and you don’t think it’s worth the investment to plan for a second, off-site location to back up your data, then you don’t need to plan for that event.
But, if you want to prepare for a virus attack against your mail server because it’s critical to get that server up and running again, it’s a complex process. Businesses need to sit down and figure out what they want to plan for and determine the most critical pieces of technology that they need to have up and running again if something should fail. Once the company determines which critical pieces of technology they need to have up and running, the next question to ask yourself is how quickly does it need to be up and running? For example, if you need to have your e-mail fully functional within two hours, you will need to have a standby e-mail server already built and ready to go.
Too many companies understand that something could happen, but they put the blinders on and think that it won’t actually happen to them. There are a lot of things they can’t control, though, and that they may not have thought about. This is another area in which an outside technology expert can help. That person will know all of the questions that go into building a disaster recovery plan and make sure that plan can be executed if needed.
Timothy A. Heikkila is a principal with the Skoda Minotti Technology Partners Group. Reach him at firstname.lastname@example.org
Last month’s ii2P Insights article described how small and medium-sized businesses (SMB) are facing a “perfect storm” in terms of balancing costs and customer intimacy. This month, according to Steve Carter, president and CEO of ii2P, SMBs that have decided to take action should follow some tried-and-true guidelines.
“By clearly understanding the objectives for your enterprise, you can make certain that your implementation of an end user or customer self-service platform actually becomes the end users’ preferred method of receiving support,” he says.
Smart Business spoke with Carter about implementing a self-service platform and the benefits of providing value to end users.
What should be the first step in implementing an effective self-service platform?
If there is a single step that misleads a company worse than any other, it is not getting the setup right at the start. Most of the time, executives deliver the mandate for someone to implement a self-service solution, thinking that they understand the issues. Nothing could be more detrimental than starting out with the wrong calibration.
Companies need to understand the real objectives of self-service. It is not just about trimming costs. It is about creating a true change in human behavior that drives and motivates more intimate end user experience between the customer and the company.
The objective should be to attract and retain solid, powerful end user participation with the value that you are trying to extend. The objective should be about developing a lasting platform for customer intimacy.
What would be the next step?
Once the fundamental objective is established for implementing an effective self-service platform, then it’s time to determine the true opportunity for your customers to help themselves. Another frequent error is thinking that self-service is limited to helping users ‘fix’ their own problems, such as ‘how to’ questions, or ‘fill in something.’ While these are certainly common and often easy to incorporate, that’s not the limit of effective self-service.
Quantifying the true level zero (self-service) opportunity is going to be more expansive than you typically first believe. Credit your smarter customer for that.
What do business owners need to include in their self-service platform?
Customers, especially in this day and time, are looking for self-service interactions that yield more value and independence. It’s becoming more of an environment of, ‘I want to track this,’ or ‘I want to compare these two products,’ or ‘I want to manage the entire buying or fulfillment process on my own.’
Along with the fixes and the finds, it makes great sense to consolidate many of the functional interfaces that your users are using today. A great example is expanding the IT self-service site to also serve as the gateway to other business functions, such as human resources, or information review (relevant news feeds).
Tying your customer-facing self-service site to your fulfillment tracking (such as Fedex or UPS shipping), albeit seemingly insignificant, is huge when it comes to adding value to the self-shopper.
Finally, it’s important to find a way to collect measurements of customer experience with your self-service site transactions. This correlation is going to be the most valuable information you can harvest. It will help drive ongoing improvement to the site.
What are some of the best-suited and easy-to-implement aspects of end user self-service solutions?
Avoid making the site too cluttered, but at the same time, there are some relatively common-sense elements to include. Certainly, have a strong search engine tied into a well-maintained knowledge base of solutions specifically created for self-service. One horrific mistake many companies make is placing a massive technical knowledge base in front of general purpose users and telling them, ‘Have at it!’ I call that, ‘where angels fear to trod,’ and nothing disenchants a user more than that. It is intimidating, and many times users won’t return once they experience that.
Bring any enabling technology to the site, such as self-service password reset technologies, or the ability to create a service ticket, or check the status of an existing one. Users don’t want to have to call someone to do those simple things. Make that available.
Allow users to submit requests for common services, or even new information. One caution here — someone needs to monitor and respond to those requests. If users ever sense that no one is minding the store, they will quickly lose confidence in the site, and revert back to labor-intensive methods. It’s hard to regain their confidence at this point.
What is the most important thing about implementing self-service?
This is big: Don’t succumb to building a ‘portal to nowhere ’. Standing up the self-service site that is an afterthought or an also-thought will fail. There is a proverbial bone-yard of customer self-service sites that have ended up there.
If you are not going to implement these three elements of a successful self-service platform — effective technology, solid business practices and committed managerial disciplines — save yourself the time and money and wait until you can.
Self-service is an investment to growing customer intimacy and loyalty. Done properly, it will change human behavior and deliver lasting benefits.
Steve Carter is president and CEO of ii2P. Reach him at (817) 442-9292 or email@example.com.
The “gap” between facilities and IT organizations has become an industry standard term over the years. While some companies are making strides to overcome this challenge, most struggle with this issue. So, what is the gap? Simply stated, it is when two departments don’t see eye to eye, and in many cases don’t work well together.
Over the past few years there has been a surge in the need for high-capacity and high-density data center facilities to meet the growing demands to store and manage information. This is being driven in large part by social networking, social media and cloud computing services growing at unprecedented rates. Data centers, unlike any other portion of a company’s real estate portfolio, requires input and support from both facilities and IT management and staff.
“IT is in the business of managing information — how it flows at the application layer, how it is transported, processed and stored at the hardware layer, and how it is protected,” says Rich Garrison, senior principal of Alfa Tech. “That is done through a combination of server, storage and network infrastructure designed to deliver and manage information, which in today’s information age is the greatest asset of most companies. Facilities are all about managing the real estate portfolio, space, power and supporting infrastructure.”
Smart Business spoke with Garrison about how to create a more productive work environment in which these two departments can work more effectively together.
Why is there often a gap between facilities and IT?
The gap occurs because of several factors, most originating from the human element. First, IT and facilities speak different languages and often simply don’t understand each other’s needs and priorities. Another major contributor to the gap is that in most companies IT and facilities are two separate organizations with separate budgets, schedules and agendas with competing priorities.
Some companies have rolled up the two groups into one organization to help align the two groups. The fundamental problem is getting those groups on the same page — or even to speak to each another in some cases. This leads to the more subtle interpersonal issues, like pride and ego, that often get in the way. It’s common for power struggles to occur over who is controlling what, allowing both sides to lose focus on what is really in the company’s best interest.
What are some consequences of the gap?
Employees become frustrated. They get tired of beating their head against a wall, make poor decisions and often are forced to settle for solutions that really don’t meet the business’s needs with respect to capacity, reliability and scalability. IT has a history of asking for ‘more than they need’ when it comes to space, power and other facilities resources. This is often due to the fact that long–term requirements are unknown, yet IT must be able to support whatever comes along. Some of these unknown factors may include changes in technology, mergers and acquisitions, changes in the companies’ products or services to name a few. Facilities on the other hand are pressured to ensure that real estate assets are cost effective and operationally efficient. Therein lies the gap, a gap in priorities, business requirements, budgets and management support or direction.
At the end of the day, the company ends up suffering because it doesn’t get the right solution or it spends too much money getting a solution that meets the business’s needs. We have seen IT groups choose colocation simply so they can maintain control of the data center, not because it was the most cost-effective way to meet the company’s data center demands.
Today’s server, storage and network hardware platforms are forcing IT to understand more about power and cooling due to the significant increase in density in recent years. However, having IT staff responsible for planning or managing space, power and cooling is not always the best solution. They usually end up getting it wrong, which can result in unnecessary risks or even catastrophic failures of the data center facility itself by not understanding the underlying facilities infrastructure.
How can companies bridge the gap between facilities and IT?
In almost every instance where this gap is an issue, the companies lack a strategic plan for IT, facilities or both. When companies get serious about developing a formal data center strategy they get much closer to bridging this gap. One particular tool I’ve developed to help bridge the gap is the OPR (Owner Program Requirements) document. The purpose behind this document is to facilitate a process to get facilities and IT to stop thinking about technical solutions, take a step back and start thinking about the business requirements, corporate goals and objectives. It then looks at the functional requirements of both organizations necessary to meet these corporate objectives. Next is to define in their own language the supporting technical and operational needs of both organizations necessary to be successful. This collaborative approach to developing a strategy and plan has proven to be a successful method to begin to bridge this gap.
Getting the two organizations to collaborate and talk in their own languages while finding that common ground is the point of the OPR. It demystifies technology by defining the requirements in terms both IT and facilities groups can understand. For a new data center project, this can be expanded to include a set of design considerations and criteria, written in more technical language that designers and engineers need to understand.
When we see IT staff taking an active interest in understanding facility operations and facilities staff take an active interest in understanding IT requirements, the results have been positive and bring about successful projects that deliver cost-effective solutions for the companies they work for.
Rich Garrison is a senior principal with Alfa Tech. Reach him at (408) 487-1209 or firstname.lastname@example.org.
The relentless pace of business automation and Internet commerce has led to a staggering increase in the amount of data that businesses need to store. And that growth has created a corresponding need for businesses to expand their IT capabilities.
However, a direct investment distracts from your core business and can cost up to $10 million for buildout and $5,000 per square foot for operational overhead. That’s why many companies are opting to outsource their IT through colocation.
“Colocation is all about economies of scale, focusing on your core competencies as a business and letting someone else handle the data center aspect,” says Joe Sullivan, senior director, colocation product management with SunGard Availability Services. “From a financial perspective, it allows you to take a large cash outlay or capital expense and convert that into an operating expense.”
Smart Business spoke with Sullivan about how to decide if colocation is right for you, and what to look for in a colocation provider.
Why are companies considering colocation?
The No. 1 reason companies consider colocation is to avoid making IT a core competency of their business. The second major reason is to gain the economies of scale you get from sharing a facility with others. Instead of having to build and maintain your own facility, you can leverage another company to do it for you and share those costs with other customers that you might not even know.
Some companies already have their own data center, but their current facility can’t keep up with their business’s growth. Adding a second site to handle the growth is one reason companies consider colocation. Disaster recovery planning is another reason. Companies may need an alternate location to protect against infrastructure downtime, either from natural catastrophes or hardware failures.
What are the key factors to consider when picking a colocation provider?
There are five key factors. First is how much power a customer needs, not only today, but in the future. The business is based on power costs, as well as the cooling needed to cool that power. That drives a large portion of the cost structure and facility capacity, so it’s the No. 1 thing providers ask customers.
The second factor is environment size. Do you need a cabinet, two cabinets, or do you need a cage to store your data? Think of cabinets and cages as storage lockers and apartments. You might only need a locker, or you might need an apartment, depending on how much you have. Basically, a collocation provider rents highly powered, highly cooled and fully redundant storage lockers and apartments.
Geographic location is important, as well. Many customers like to be close to their facilities. They want to touch and feel their data and make all the changes themselves. Others want their provider to be as far away from their main facility as possible, because their main concern is disaster recovery. Those customers ask about colocation facilities in St. Louis, Denver, Phoenix and Dallas, because those sites don’t have as much natural disaster activity.
Fourth is connectivity. You may call it bandwidth, telecom or fiber, but it’s all connectivity. This is important because you are going to need to get your data out of those storage lockers or apartments to somewhere — either back to your facility or to your customers through the Internet.
Last, what services do you need on top of colocation? Some companies just provide space, power and connectivity. Others provide services such as data backup, storage, security monitoring and intrusion detection on your servers, and services such as cloud applications.
You need to make a decision up front on whether you may want those services at some point, because if you are outsourcing your colocation, you may end up outsourcing other services, as well. If that’s the case, you want to make sure you choose a provider that has the capability to do that. The services you need on top of colocation today or in the future should be a big factor in your choice of provider.
What questions should you ask a potential provider to determine if it can meet your needs?
What facilities in the geographies we are interested in have the space and power that we need? That’s the first question. Because you’re not going to care if a provider has 55 locations and only three of them are in the geography you want and none of them have space and power available to meet your needs.
Next, get into resiliency questions. Typically, customers will look for companies that have fully redundant power systems. At every point in the process of the power coming from the utility company, through two feeds into the building, hitting two power plants, one system should be able to fail over to the other. In the event that anything in that chain fails, you have fully redundant systems.
That is a large differentiator between providers. Some are fully redundant and some have single points of failure. What the customer needs to determine is whether those single points of failure are acceptable for the applications they are running and for the price discount you would get.
Then you get to pricing. Not all prices are created equal in colocation. You might not be getting the same thing, even if it sounds the same. You might have two providers, one who advertises a cabinet for $1,000 and the other for $1,500. It may seem like the $1,000 cabinet is the better deal, but the $1,500 cabinet might give you three times the power density, which would make it a better deal.
You should ensure transparency in pricing from a provider, and always make sure you understand what’s included and what’s not included.
Joe Sullivan is senior director, colocation product management with SunGard Availability Services. Reach him at (303) 942-2937 or email@example.com.
Clinton Coleman was given a mission when he was named interim CEO at Bell Industries Inc. back in 2007. Bell Techlogix, a business segment of Bell that provides IT managed services was missing out on a chance to cash in on the growing demand for its offerings. It was Coleman’s job to find a way to capture that market.
Segment sales had dropped from $90.3 million in 2004 to $75.6 million in 2006, causing leadership at Bell Techlogix to lose confidence in its core business and begin searching for other ways to make money.
“That usually is a recipe for not very good results if a management team is focusing on things that don’t build upon what you already do well,” Coleman says. “A lot of that had to do with some of the previous managers’ own personal interests rather than what really made sense for the company to be focusing on.”
Bell Industries was taking a hit, too, dropping from $136.2 million in 2004 revenue to $120.3 million in 2006.
Coleman knew there was demand for what Bell Techlogix did. He knew companies were looking for a better way to manage their IT services. The effort just wasn’t being made to capitalize on this opportunity.
The board of directors at Bell Industries agreed with Coleman and installed him as the man to make it happen at Bell Techlogix, which has 608 of the company’s 714 total employees.
“Bell Techlogix really needed to reinvigorate its strategy for growing IT managed services,” says Coleman, who is also CEO at Bell Industries. “It was something that Bell did well, and they had the core competencies to do it. But over time, they really lost their way with respect to sales and marketing execution. They had lost their sales-driven focus. We needed to reinvigorate that growth where there were some good opportunities.”
It wasn’t going to be easy as Coleman had to energize his team in the midst of a tumbling economy.
“But it was what it was and you can’t really change any of that,” Coleman says. “So we just had to deal with those issues.”
See who is with you
As the new guy in charge, Coleman had a captive audience. But if he didn’t move swiftly to give them something useful to latch onto, his audience would start to lose interest and fall back into their old routines.
“I really challenged the team to realize that we can be successful doing this,” Coleman says. “We needed to do things differently and we needed to make some changes. But it was always about building around those core capabilities that Bell Techlogix has and realizing that those can be successful.”
Coleman expressed confidence that the tough economy was only going to increase the demand for the company’s services.
“We were able to identify how our strategy of growing the company in some ways very much fit with the challenges our customers were having,” Coleman says. “We help companies reduce their IT support costs while also improving their service levels. That created some opportunity for us. They were facing challenges that required them to re-evaluate the long-held beliefs that they had about IT support.”
Coleman needed his team to pick up the pace and put in the work if he was going to take advantage of this great opportunity that was out there. He began by reaching out to the managers at Bell Techlogix.
“Getting the attitude right among the managers is absolutely the first thing you need to do,” Coleman says. “If you don’t have the right attitude amongst the managers while you’re trying to refocus a company’s strategic direction for growth, while also at the same time handling an economic downturn, it’s very easy for people to be pessimistic.”
It really comes down to showing your passion and commitment and finding out who is willing to stand up and follow you.
“Who is up to the challenge?” Coleman says. “Who do you want to be working through this with for the next year?”
To begin answering those questions, he moved the company’s monthly leadership meetings away from a monotonous rundown of the financial spreadsheet.
“That was a new experience for a lot of managers making our monthly business reviews into real business discussions,” Coleman says. “Not just running through the numbers, but real discussions about what we learned this month. … You allow the senior management team to all be hearing the same thing and be participating in the same discussion. Through that process, you realize that some people are more up for the task than others as far as how they respond to that discussion.”
There was a key question Coleman needed to answer before he could move forward: Did his team understand the difference between a goal and a strategy?
“We’re supposed to grow our sales by X amount this year,” Coleman says. “That’s not our strategy. That’s our goal. Are we able to talk about what we are doing? How do our results from one month to the next indicate we’re really doing a good job in this area and we’re trying to re-evaluate this other area and look at things we can do differently.”
He needed to see who was willing to dig beyond the numbers. Who was willing to put in the time to figure out what the customer wants and then take those findings and figure out what the company needs to do in order to meet the needs of the customer?
“You need to make sure each one of the managers are in a position to carry forth the company’s vision and hold regular discussions with their direct reports,” Coleman says. “That really does flow from the top down. But that only happens if you have a broad group of managers that are all part of the same discussion of where we are trying to go as a company and what we are trying to achieve.”
The result of the initial group meetings was that some managers proved to have what Coleman was looking for while others did not.
“We weren’t painting everybody with the same brush,” Coleman says. “It was a real evaluation of putting managers in position to demonstrate how they could be part of the company’s success going forward.”
Coleman felt that lack of communication was a key reason why the company wasn’t making more money on its offerings.
“We’re not doing a good job of communicating with new customers and our existing customers about what we do and how what we do helps them with the challenges they are facing,” Coleman says. “There are other companies in the space, other midsized IT managed service providers, that have been able to have some success.”
One of the reasons companies fail to capitalize on new opportunities is that they become unwilling to analyze what they are doing and make changes to their plan.
“Every year, we would set a business plan,” Coleman says. “The important thing wasn’t that we set a business plan that remains frozen in place. … It was very important for us to always be listening to our customers and the managers and the people on the ground at Bell and the salespeople that were actually interfacing with customers every day. It was really listening to that feedback and making sure we were responding to it.”
Coleman needed to instill a mindset whereby the annual plan would be used as a guide that was fluid. It could be changed when circumstances called for it. It would not be set in stone and it would not be the sole factor used to determine whether business was good or bad.
“Companies will set a budget at the beginning of the year and for the rest of the year, you’re judged against that budget and that’s the primary measure of whether you’re doing well or not doing well,” Coleman says. “That can create a shortfall for a company. What you really need to be having is not a discussion of the budget numbers, but what’s going on behind that.”
There are a number of factors that contribute to the financials that appear on any company’s ledger. You need to talk about those factors.
“What you really need to focus on is how are the things that we’re doing every month either leading to or not leading to having success in that metric,” Coleman says. “That’s by looking at things beyond just a static budget that’s set in place and stays in place for the year. That can also lead to missing out on some of the bigger opportunities where you have more momentum than you realize and you need to have a reallocation of resources.”
When Coleman took over as interim CEO, he approached the job with a sense that he had a lot to learn. He wanted that attitude of curiosity and naiveté to give his people reason to open up and share with him their ideas to help the business grow.
If they were to be passionate about it, they couldn’t just do things because he told them to.
“It was a gradual process,” Coleman says. “I didn’t come in and pretend to be an expert on the company and the company’s business. It was one where we worked toward a more natural conclusion with the managers by using their input and building upon the realities of what’s going on in the company and what our strengths and weaknesses were rather than coming in and already having a predetermined idea of what we’re going to do and how we’re going to do it.”
You need to talk about outcomes if you’re going to move your company forward. It can’t just be a discussion of ideas that never lead to anything.
“This is how we’re going to know if we’re making progress or not,” Coleman says. “That was part of my job was to make it real for them. This whole idea of talking about the strategy to the company wasn’t just a theoretical discussion. Make it a real discussion: What are we doing this month to help us get toward those goals? It’s having an open and honest discussion about why we did or didn’t meet those goals and doing it with the entire management team so everybody is hearing the same message and everybody is part of the same discussion.”
It’s your job to make sure your people have that idea in the back of their mind about what the bigger goal is while they are dealing with the day-to-day.
“We’re trying to go and make sure all our daily efforts are working toward that vision,” Coleman says. “Remind everybody of what was the underlying strategic goal behind the metrics. What did we learn this month to indicate to us whether we’re being successful or not successful? What should we do differently next month to better achieve our strategic goals?”
In addition to addressing concerns, you also need to celebrate successes.
“In any particular quarter, one division may be having more success than the other,” Coleman says. “But by having the discussion together with the management team, it does help improve everybody’s overall morale and optimism if they are able to hear about and see the successes that other areas of the business might be having in that particular quarter toward the overall strategic vision.”
As Coleman looks at his company now, he sees progress. Sales for the Bell Techlogix segment grew from $62.9 million in 2008 to $66.1 million in 2009 and Coleman expects 2010 to show even more growth.
“Working through the economic downturn didn’t really help us in achieving those goals as quickly as we would have liked,” Coleman says. “But we’ve gotten to the point where we’ve rebuilt our entire commercial sales team. Last year, we had success in growing our IT manager service business at a pace it hasn’t grown in years and years. We’re doing a much better job of communicating with our customers and packaging our services in a way that customers are demanding it.”
How to reach: Bell Industries Inc., (866) 782-2355 or www.bellind.com
Clinton Coleman, CEO,
Bell Industries Inc.
Born: Cleveland, Ohio
Education: Double major in physics and economics, Vanderbilt University. I spent my junior year at the London School of Economics and Political Science. A lot of it was exposure to international culture and international ways of doing business. The makeup of classes is from all over the world. It was intellectually stimulating from that perspective, but it was also a lot of fun. I spent a lot of time backpacking around Europe and doing things that you only get a chance to do when you’re that age.
What was your very first job?
I was a busboy and also did the salad bar prep for Steak and Ale restaurants.
Who has had the biggest influence on you?
Rick Leaman, [former] head of mergers and acquisition in the United States for UBS. The first job I had out of college, I was in the mergers and acquisitions group at UBS in New York. So I was working on Wall Street doing M&A investment banking work.
I worked with him on a number of deals. He took a lot of interest in me, and he allowed me to tag along with him at board meetings and negotiations with management teams at a bunch of different companies. He kind of took me under his wing and allowed me to get exposure to the corporate decision-making process at large companies in a way that is very difficult to replicate when you’re 22.