Brandon Darling

Many business owners balk at the title “consultant” largely because, by the time they have to call one, they know they’ve already made mistakes and it’s only bad news from there on out.  Forget the fact consultants make way more money for much less work.  That’s because consultants don’t have to deal with the small-minded drivel of your “company politics” and they never have.  Long ago, they started telling it like it is and found that people with money (business owners) want that, but for a fee, not a salary, less the talk-it-like-it-is guy wise-up to the owner some day.

Largely, consultants are the mouthpiece of the owner that needs to be the bad guy but can’t, either because the business owner is a family descendant owner and has no real business savvy (read: balls) or they’re in a highly delicate negotiation (read: answering to lawyers with balls). 

The secret is this: consultants are only valuable when you hire them BEFORE you make a decision.  By the time you need an expert and you’ve already begun a project, the writing is on the wall that you’re doomed to failure and you have only yourself to blame.

Put aside your pride that you think you know everything.  Men with balls hire people smarter than they are because smart people often lack balls.  That’s why the guy with the money – and the balls – doesn’t fear the smart guy.  If you fear the smart guy, you probably lack money, balls, or both.

Here’s one example.  A client of mine succumbed to letting a copier sales guy in the door.  Mistake number one – get a $7 per hour secretary to turn all sales people away at the door.  This will save you thousands every week.

 Then, they let the sales guy go fishing because their copiers were up for renewal (for starters, they weren’t, and for seconds, never let a sales guy in your building). 

So the sales guy leaves and comes back with THREE sales droids.  Of course, one has the mandatory jubblies that all sleaze-houses have.  You know, the girl that couldn’t hack pharmaceutical sales but had to quit stripping because her strain on the load-bearing bass pole at her last job was in danger of putting the whole building in ruin.

Yeah.  I said it.

So they come back with numbers that absolutely look ridiculous.  Of course, their “professional audit” of current consumption indicated they were paying several thousand dollars a month already.  According to their numbers, replacing all the equipment, buying out the old lease, and throwing in that new server they always needed but could not afford would cost a few paltry hundred dollars more per month, or, in sales-droid speak, “YOUR INVESTMENT IS ONLY $5.16 PER DAY!”

Seriously.  That guy works hard for that cookie.

So they called me.  I was shocked.  “You mean this is just a sales proposal?  You didn’t already buy this and they have no idea how to integrate the fax-to-email with the new Exchange 2007 server they sold you which doesn’t work because they also sold a three-year-old 32bit box out of their back closet?”

I was almost proud of them.

So I went to work, which is what I do.  I took $5.16 * 365 (to get the “cost” per year) * 5 (I ignore leap years. Bite me.) to get $9,417.00 as the additional cost.  Mind you, this gives them Exchange, which they never had before, and for that cost over 5 years, I think I might have bought the deal.  However, read on.

First, estimated consumption of paper and consumables on the copiers and printers in question were “professionally audited” to be in excess of $2,700 per month.  There were TWO multifunction machines and four workgroup printers.  Small countries operate a military on less money.

Secondly, the $9417 overage was IN ADDITION to this $2700 figure, which amounts to the sales-droids commission less the $8000 override the girl with jubblies will take.

So the total solution is roughly $171,400 over five years.  In other words, a small house or a bitchin’ car in this neck of the woods.

My analysis.  An Exchange server with 64bit hardware, 500GB disk (4 spindles of 15k RPM SAS disk with 4.6ms seek time, mind you) 16GB RAM and 8 cores at 2.0GHz with a 1333MHz FSB PLUS the extortion fees for the Microsoft licenses clocked in at a whopping $16,000 with tax.  I did the additional research to find out what a handful of printers and two multifunction machines would cost to lease over 5 years.  The WORST number I could come up with was $68,000 and that’s NOT the one I proposed.

So, worst case: $16k +$68k = $84k.  PLUS my fee of $10,000.00 (yes, just to LOOK AT NUMBERS I CHARGED THEM TEN THOUSAND DOLLARS) is $94k.  That’s a NET SAVINGS OF SEVENTY SEVEN THOUSAND DOLLARS ($77,000.00) or more than SEVEN HUNDRED PERCENT (700%) ROI on the money they spent with me.

They gave me $10k, I gave them $77k. 

ALWAYS HIRE A CONSULTANT.  You will regret it if you don’t.

email brandon@brandondarling.com

The vast majority of your life is obscure.  That means that most people don’t know your middle name because you never told them, and because most people don’t know where to look up public government records.

Just because your middle name is generally unknown, doesn’t mean it is secure.

He’s a mental picture:  I could put One Million Dollars in CASH on my kitchen table and leave all my doors and windows unlocked.  So long as no one knows that I have One Million Dollars in CASH on my table (unsecured) then that Million Dollars is perfectly safe.

However, that’s not how security works.  Securing something means taking steps to ensure that something remains under your control despite effort to take it out of your control.

In my previous example, locks, security cameras, electric fences, and mal-adjusted rabid Rottweilers make my One Millions Dollars more SECURE than the previous scenario where I rely on the blind ignorance of others to keep my money mine.

In the online world things are different.  No one is after YOU.  Hackers, viruses, malware, spyware, adware - it is all cold, calculating, and collecting.  It doesn’t know who YOU are - because it doesn’t care.  The majority of identity theft is not accomplished because someone went after YOU as a PERSON - it’s because they made use of modern methods to take ANY indentity in general - NOT YOURS IN PARTICULAR.

To paint this picture, a “hacker” uses a program to scan millions of computers on the Internet (which includes yours, EVEN IF you have a firewall and anti virus software).  That program has two purposes in life: 1. find vulnerable computers (yours) and 2. infect the computer and use that infected computer to scan for other computers which are vulnerable.

Rinse, repeat.

I know a lot of business people who say “I don’t need to worry about security, who’s going to hack me?”  Hello numb nuts - NO ONE ATTACKS -YOU-.  Hackers seek out and exploit the $400 computer you bought from Best Buy which you dutifully refuse to run Windows Updates and Anti Virus Updates on because you’re too busy sending emails with little animated icons from a toolbar you downloaded which while sending cute smiley faces is also pilfering your customer credit card numbers out of Quickbooks.

What is security?  It has nothing to do with *where* your data is.  In fact, having your company data on your own systems in your own office is probably the LEAST secure place for your data to live.  You let anyone who claims to be “the computer guy” in your front door and right in to your server room.  At this point, passwords are useless - physical access to any system IS ACCESS.

In fact, if your firewall doesn’t have the latest updates, a syslog server, and someone (a real BODY) watching it on an hourly basis, it’s pretty much a bump in the wire for the all the junk your employees and your kids (yes, you let your kids use your office computer, don’t you?) are downloading and running.  Firewalls are great for keeping the outsite world out (sort of) but once some uneducated user (you and your entire business) download that cutsie little program, your $10,000 firewall is completely ineffective.  Yep, your investment crumbles that fast.  (Oh, did you catch TEN THOUSAND DOLLARS for a firewall?  Yeah, that $60 router/firewall from Best Buy is basically a neon sign advertising “Hack Me - Credit Card Nubmers Here” on the Internet.)

And let me rant about wireless.  Folks, if it comes out of a consumer electronics store, then IT IS NOT SECURE.  If your wireless was setup by your son’s friend, then it is already being used by every pedophile with a Pringles can inside a 1 mail radius to to download kiddie porn off of YOUR Internet connection.  Wonder why you can’t send that email to your accountant or the IRS?  Your Internet connection is probably on every watch list in the world and the only reason you’re not in the clink yet is because modern law enforcement hasn’t even figured out how to properly defend a hand-held radar gun citation.

So what’s the answer?  There isn’t one.  Security threats change EVERYDAY and unless you have a person - or a company - vigilant for your security, then you’re likely hacked and you don’t even know it.  Sure, you’ll know when the SEC or VISA comes knocking at your door wanting to know how 100,000 credit card numbers wound up leaking out of your website, ecommerce application, or accounting program, but at that point it’s too late and someone already has a noose sized for your scrotum waiting for the order to hang.