Avoiding Scope Creep on IT Projects

Many businesses dread taking on an IT project, because their experience with them in the past involved problems, delays and cost overruns. The common culprit in failed projects is often referred to as “scope creep”, when the original focus of the project is thrown off course by unexpected – and sometimes unrelated – issues. These problems may seem to negate the benefits that the project was intended to deliver.

Scope creep does not have to derail a project, though. Here are three steps that can prevent scope creep from affecting the success of your IT project.

Plan Well

One of the causes of scope creep is an incomplete or faulty scope of work. Carefully plan the scope of work to include every single thing that will be required to bring the project to completion. Anything that takes time, or costs money needs to be included. Investigation of the IT environment is vital, too. Understand exactly what is being changed, and ensure that all the required components, software and tools are the correct versions for the plan. Ensure that they will all work together as planned.

Anticipate the Unexpected

Build into the project plan the mechanism for dealing with things that could not be anticipated. This includes a change management strategy. Changes that are necessary to bring the project to fruition will need to be addressed, hopefully without affecting budget or schedule. Requested changes that are not necessary to the project need to be designated “out of scope” and not be allowed to derail the project.

Have Regular Milestones to Check Progress

The worst time to have to deal with scope creep is at the end of the project. A proper project plan will have specific milestones, and expectations with regards to schedule and budget. This way, if the budget or the schedule is threatened, it can be detected at the milestone level and possibly mitigated before the whole project is affected.

It’s one thing to have technical skills – but executing a successful IT project takes IT project management skills. Many businesses don’t tackle IT projects often enough to have the insight necessary to properly plan an IT project.

Your company cannot afford to stand still on technology, and it can’t afford to have a poorly designed IT project disrupting the operation, either. Clare Computer Solutions has been doing IT projects for over 25 years – we can help you design a project, implement it and manage it. We’ll get it done – on time, and on budget.

CCS Delivers Value Through Education as Well as Tech

The whole premise of managed services is to get ahead of problems – to prevent them before they occur. This is accomplished with proper monitoring and management of IT assets, but since some problems are caused inadvertently by user actions, it’s important to address that as well – through education and training.

In a modern office, just about everybody has a computer on their desk. But that doesn’t mean everyone in the office is particularly tech-savvy. Many people don’t have an affinity for technology and only want to know enough to do their jobs.  It benefits the company, the employee and the IT support staff (internal or third party) to invest in some regular employee education. Here are two good examples:

Malware Prevention

Cyber criminals have learned to exploit naïve users with clever emails that look legitimate, but contain malware payloads or have links to infected sites. The recent ransomware outbreak was made possible principally by users’ unwitting cooperation.

Awareness of Productivity Tools

Productivity software suites are updated regularly, but users rarely take time to explore added capabilities, preferring instead to use the features they are accustomed to using. But software companies don’t do the updates just to provide snappier user interfaces – they add interoperability, shortcuts and more powerful collaboration tools. Many of these go unnoticed by office workers, and so the company does not get the benefits of the improved technology.

Education is the way to close the gap, but many business aren’t keen on the notion of sending their staff out for lengthy training. In some cases, deep-dive isn’t what is really needed. Instead, training can be a little more informal, focusing on highlights and “tips & tricks”.

When it comes to networks security, the training should be mandatory, consistent and refreshed periodically. The stakes are high, but training can greatly reduce the threat of user-enabled malware infections, especially when coupled with good technical security measures.

Clare Computer Solutions offers educational information in several forms – educational events, on-site training and through our website. We urge you to take advantage of these for your company’s benefit.

Network Security Starts With Your Corporate Culture

The speed at which technology changes makes it difficult to stay current on threats to your company’s Information Technology and network security is at the forefront.

There is a temptation to deal with cyber-threats as a one-off cure.  Are hackers trying to get into your network? Buy a firewall. Are viruses causing problems? Install anti-virus software. But it’s not that simple.

To effectively protect your company from cyber-attack, security needs to be ingrained into the corporate culture. Technology alone won’t be enough — security best practices have to be part of the way in which every person in your business works.

Here are some ways to achieve this:

Think Security from the Top Down

Security cannot permeate the corporate culture if the top management doesn’t practice what they’re preaching. For example, how can you enforce the need for strong passwords, if management has simple passwords, stored on a post-it under a keyboard?

Put Someone in Charge of Network Security and Empower Them

Many industry best security practices are designed to be implemented and updated for all users through a single management console. Allow your IT staff to set up proper policies, and enforce them for all users.  Create levels of access based upon need – the rule of thumb is, nobody should have access to more of the network than they need to do their jobs.

Educate and Train

Many cyber attacks (especially ransomware) are unwittingly enabled by network users. Does everyone on the network practice security best practices when using email or the web? Do they know how to avoid infected sites, and spot email phishing attempts? Do they know about phone scams designed to draw out sensitive information?  They should – and all new hires will require the same training.

Assess and Improve Regularly

Security is a process, not a project. Your network needs to be regularly assessed for security vulnerabilities as do your business processes, preferable by an outside third party company. New employees will need to be properly trained on the corporate security culture, and existing employees will need periodic training refreshes.

Once everyone in the company is on the same page and of one mind when it comes to security, it will be much harder for hackers, script kitties and other cyber-criminals to disrupt your business. A cyber-attack, such a ransomware infection, can be catastrophic to your business – investing in some tools, training and consulting is a wise move. Clare Computer Solutions can help your company be prepared to avoid cyber crime, on a technical level and also on a user level, with ransomware awareness training. Contact us today to get started.