June 28, 2020

You can spend lots of money and time defining and executing a cyber security strategy.   That being said, here are three things that can be done this week to dramatically improve your organization's defenses.  

This isn't a list of goals for the year, if you really want to, you can get this done today.  

1. Require verbal confirmation of financial requests (free)  

You'd be amazed by how many organizations get duped by this one.  An email sent to people in your finance group will look like it comes from a company's executive.  The email will direct the receiver to wire money to an account or to buy a bunch of iTunes giftcards.   The easy way to guard against this is to require verbal confirmation of these transactions.  

2. Turn on "multi-factor authentication" (you probably already paid for it)

Gsuite and Office365 offer this feature, it just needs to be turned on.  In short, if your email notices a login from a new dev...

November 7, 2019

"If you want to be successful, make two parties happy - Finance and Operations"

- Alok Sharma

That's the first piece advice we give to IT managers we coach.  As Fractional Chief Information Officers, we wouldn't get anything done if this motto wasn't at the core of our consultancy.  

Remember that CFOs and COOs are at odds.  One is watching the bank account, the other needs to keep the trains running.  If you understand their objectives and language, you're going to have a much better chance of getting technology projects approved. 

Understand their objectives:

COO - Are they worried about downtime?  Do they need to improve accuracy? 

CFO - Are they trying to reduce headcount?  Better manage overtime?  What's their investment horizon?  What sort of a return do they want on capital?

Understand their language:

COO - This is usually pretty easy for IT people to understand.  Processes, flowcharts, roles and responsibilities are generally understood....

October 25, 2019

Salesforce is the #1 brand in CRMs.  If you mention Customer Relationship Management to anyone, Salesforce is the first name that comes to mind.  Salesforce is super flexible and powerful.  The problem, is that it's gotten expensive to licenses, implement, and maintain. 

If you are looking for a pure CRM (tracking leads, sales pipelines, customer contacts) there are many vendors that are less expensive and can be setup without a technical team.  Insightly, Pipedrive, Nutshell, Zoho are all less expensive than Salesforce and can be setup in a day or two. 

Salesforce makes sense if you want to move beyond the CRM.  So if you want to track fulfillment (warranty,  service crews, customer service tickets) it can make sense to buy into the whole Salesforce stack. 

If you just want to track your sales, Salesforce isn't for you.  

August 7, 2019

I don't want to talk about endpoint protection, next-gen firewalls, multi-factor authentication, or other security technologies.  I also don't want to scold you about what SHOULD have been in place.

Instead I want to offer you some helpful things to consider when managing a cyber-incident.

  1. Identify the incident clearly.  Was there an incident even? What do we KNOW vs. what do we THINK vs. what might be coincidence?

  2. Inform users that they are not in trouble if they are the source of the incident.  Cyber incidents can happen to anyone.

  3. Secondary information is not useful.  Bring in the user(s) that witnessed the incident and speak to them directly.

  4. Assign roles for the IRT (incident response team).  In smaller organizations, one person might have multiple roles. You should have the following:

    1. A single point of contact (SPOC) who will communicate internally and externally

    2. A single approver of purchases (mileage, overtime, overnighting devices, hiring cyber...

July 24, 2019

The F35 Joint Strike Fighter is a 1 TRILLION dollar defense boondoggle.  The idea was that the US Air Force, Navy, and Marines would all use the same fighter jet.  That sounds great, except each branch of the armed forces has different needs.  By the time those needs were sorted out they ended up with three models that share only 20% of their components (essentially 3 different jets).  

The fighter project tried to be all things to all people.  Instead, it ended up not making anyone happy.  Don't let this happen to your IT project!

Your goal shouldn't be to get all your departments on one system.  Your goal should be to get your departments the functionality they NEED.  If all those NEEDS align with each other and make a single system feasible, great!  If not, focus on how how you might be able to tie a few systems together either by technology (APIs, CSVs) or good ole' humans!

May 21, 2019

Sharma Analytics Founder Alok Sharma was a guest on the "Legacy Code Rocks" podcast.  Alok joined Andrea Goulet and M. Scott Ford of Corgibytes to discuss our "Operations Stack" and why our mantra is "People First, Technology Last".   


Remember, the Sharma Analytics "Operations Stack" from most to least important is...

- People

- Process

- Data

- Technology

March 26, 2019

Before you hire a data analyst a few things should be in place.  

1. Your business processes should be buttoned up.  

2. Basic data collection should already be happening.  

If these two things aren't in place there is no consistent process to measure and there isn't any data to analyze.  if you think a data analyst will get those things in order you're looking for a data analyst + process reorg unicorn (read: expensive).

February 6, 2019

You helpdesk is geared for firefighting, not strategic thinking. It's unfair to expect them to "Keep the lights on" and handle "Strategic IT" at the same time.   If a user calls your helpdesk, they'll drop everything to work on the issue at hand, because of this your strategic technology initiatives will always be on the backburner. 

January 17, 2019

"Keep the Lights on Technology" is the IT that is required for any organization to function.  Email, Internet, Wifi, Phones are examples of this category.  We sometimes call this "Break-Fix" technology. "KTLOT" should  be like a utility, it should just work.   

When you turn a knob, water comes out.  When you flip a switch, the light turns on.  KTLOT should work the same way.  If it doesn't just "work" something is wrong.  This technology should just melt into the background.  

November 9, 2018

 Technology is easier than ever to buy.  Because of that, we see organizations buying technology before thinking about how their people are going to use it.  The cart is coming before the horse.  In other words, Technology is coming before Business.  

Your IT team is like the scientists in Jurassic Park.  Just because they CAN buy technology doesn't mean that they SHOULD. 

Think about the humans, what their problems are, and the ROI you expect from a technology project before you buy ANYTHING!

Please reload

Search By Tags
Please reload


  • LinkedIn Social Icon
  • Facebook Social Icon
  • YouTube Social  Icon

Sharma Analytics - 440 Burroughs St, Detroit MI 48202 - 313-744-5782