<img src="https://secure.leadforensics.com/78049.png" style="display:none;">
Skip to content

Subscribe to us on iTunes 

Full Transcript

Carl: Welcome to the Connected Enterprise Podcast, where our guests share how they stay connected in their business and personal lives. I'm your host, Carl Lewis, from Vision33. My guest is Carlos Aparicio, also from Vision33. Carlos is the general manager of our cloud team, residing in the Vancouver, Canada neighborhood. Carlos, tell us about your background and role at Vision33.

Carlos: Thanks, Carl. I've been with Vision33 for 4.5 years. I've worked in the technology industry for 25ish years. At Vision33, I'm the manager of cloud and IT services. Our goal is to deliver a seamless solution to our SAP Business One customers by providing infrastructure support, deployment, and procurement from both cloud and on-premise perspectives.

Carl: How many cloud customers do we have?

Carlos: When I started, there were 100ish. Today, we’re close to 450.

Carl: That’s a good number. And it will give our conversation some context. There are many trends – automation, AI, IoT, machine learning, etc. – being done in the cloud. But you have a specific one you share with our staff and customers; one people should pay attention to, and not only in the cloud. Security. What do people need to do about security?

Carlos: That topic is near and dear to our hearts because security penetrations affect our customers. We consider that in every discussion. From a redundancy perspective, we talk about DR (disaster recovery) solutions. Whether it's a dedicated cloud environment or a cloud appliance, organizations must be able to recover from disasters. Disasters can be security-related, equipment failure, or environmental, like fires, tornadoes, earthquakes, hurricanes, etc. We highly recommend customers have a resilient solution that includes a very stable infrastructure, whether that be on-premise or in the cloud.

Carlos: The key to that resiliency is backup, backup, backup. Every time you turn on the news, there's something about ransomware. Your local healthcare system, government, etc. was attacked. The only way to be safe, regardless of how many pieces of protection you have – firewalls, software security appliances, etc. – is a great backup solution and recovery points. The more recovery points you have, the less data you lose.

Carlos: Some people are good with losing 24 hours’ worth of data. That would be the recovery point. And they’ll accept downtime of two, four, six hours; whatever they’re ok with. But an organization must define those. How much data can they afford to lose? How long can they afford to be down? When you chose those numbers, your organization – or your IT provider – can help you meet that criteria. But the first piece is identifying those numbers. The great thing about the cloud is there's always space for storage. There are always ways to take images, snapshots, or recovery points of your data. We cannot recommend this strongly enough.

Carl: Do many organizations have that conversation and answer those two questions?

Carlos: No. There’s RPO – recovery point objective – and RTO – recovery time objective. Medium to large organizations understand that, but small businesses may not even think about it until somebody points it out. Most businesses don’t understand until they have to recover from a disaster.

Carl: We should have these conversations more often.

Carlos: Absolutely. It's like insurance policies when you go on holidays. You buy it because you think you might need it. You're happy when you don't use it. But then you curse yourself, thinking, "Why did I spend money on that?" Peace of mind. That's what it boils down to. And with business-critical applications or work, sleeping at night or peace of mind is the route to take.

Carl: I always try to determine how likely it is that a customer will have one of these issues eventually. In your 4.5 years’ experience, how many customers per year have a disaster?

Carlos: On the cloud side, where we do our own hosting, we have a managed services solution. We block access to anyone other than our teams, which limits our exposure. We even limit exposure to the internet via how users connect and the level of access they have.

Carlos: We do that to protect the environment. But ultimately, protecting the environment means protecting our customers’ mission-critical data. Since I've been here, we haven't had any disasters.

Carlos: For customers with their own IT solutions on-premise, one per week is generally the case.

Carl: Wow.

Carlos: It’s unusual if a week passes where no one notifies us or asks for help.

Carl: Out of 1000 customers a year, that's quite a percentage.

Carlos: Yes, that's a lot. And ransomware isn’t going away. It’s one of the biggest menaces on the internet – the wonderful internet we all love to get information from and use for daily activities. One wrong click in an email by a user who thinks, "This is cool," is the difference between your business being safe versus having data encrypted by an organization that demands a hefty ransom. They usually want payment in cryptocurrency like Bitcoin, which is extremely hard to trace. And criminal organizations are – I hate to say it – becoming professional.

Carl: Unfortunately, yes.

Carlos: It's their job. It isn't somebody sitting in a closet in their basement anymore. It’s well-organized organizations that take their job seriously. And are proliferating these attacks worldwide. Antivirus software isn’t enough. If the large corporations and governments are being attacked, and they have millions of dollars to spend on security, it’s about more than simple antivirus software. The only true resiliency and peace of mind we can offer customers is backups, backups, backups.

Carl: And natural disasters, which people don't think will happen to them. Early in my career, I was involved with the Portland Youth Philharmonic Foundation.

Carl: They had their Microsoft Small Business Server in a basement. It was their everything – office, etc. It had windows right onto the street, where people walked by on the sidewalk. The city had a rainstorm, the windows filled up with water, the glass burst, and the basement – they lost everything. It was very damaging. And once you experience this, you're on edge about it the rest of your career. Carlos, what are the biggest challenges as people try to use technology to protect themselves?

Carlos: The biggest is a lack of knowledge. It's not their niche. Maybe they’re running their IT department off the side of their desk. We see that in our business lines where an accountant works for an organization. His specialty is accounting, but he's running the IT department off the side of his desk. I say, "Do what you do well, and let others do what they do well." If you're not proficient at something in IT, from a security perspective, it’s best to pay someone to do it.

Carlos: We have good intentions, but we're clouded from a cost perspective, or we think it's a cost savings. You need to look at backup and recovery as, "It’s not an ‘if,’ it’s a ‘when.’” But you keep pushing it off because something else always comes up. Again, it’s ‘when it will happen,’ not an ‘if it will happen.’ We have one per week now, but I think we’ll see that increase in the next six months to a year.

Carlos: One per week is good in the industry. I think we’ll see an increase because we've dealt with a couple already. One was environmental, not a security breach. Everybody's somewhat familiar with the California fires, where people are being evacuated daily. One organization had a warehouse in the area. They had to evacuate their building and leave everything behind. This business would have been paralyzed without the disaster recovery solution we implemented. It offered business continuity.

Carlos: Was it the same experience they would have had in their office? No. But it’s a better solution than, "Oh no, I'm not allowed back into my business. I'm going to be out for a week. I can't even send emails to my clients to tell them." You could have clients emailing you, "What's going on? You haven't returned my emails." And you aren’t getting those emails. From a business continuity perspective, it's essential.

Carl: Sounds like one of the biggest challenges is being overconfident. "It'll never happen to me."

Carlos: Yes.

Carl: As it relates to this, what's the next big thing from a technology perspective for protecting our data?

Carlos: Right now, it’s checking URLs before they fire off a system. Many services do this on a subscription model. It's identifying URLs and cleaning or scrubbing them before they fire on your system. It delays things a little bit, but the technology has improved to minimize the delay. As with anything revolving around security, however, there's an inconvenience to the user. But that's the next level. And it will become more prevalent, so it will do away with the phishing attacks where somebody sends you an email and, unbeknownst to you, the link takes you somewhere you shouldn't be. I see URL scrubbing as a critical event in the internet industry.

Carl: I'm sure it will get an acronym of its own, right?

Carlos: There's already one out there – I just can't remember it off the top of my head.

Carl: Until we hear it, it's URL scrubbing. I like that.

Carl: Switching to something closer to your daily personal work and life. I ask all my guests if their personal communication is changing. When I got into the business, everyone used phones and fax machines. My first cell phone was the size of a suitcase. But things have changed. For you, is it still email? Or are other things entering the picture as you work with customers?

Carlos: A collaborative work environment is what everybody is working toward. There's a variety of different tools we use. A big one is Microsoft tools. Microsoft Office, SharePoint, Teams, etc. Skype. GoToMeeting. These collaborative workspaces allow for daily communication. We’re replacing phones with instant messaging and collaborative communication options like Teams or Skype.

Carlos: You and I generally use Skype or Teams. Some of us still use GoToMeeting. But there are many options – it’s just choosing the one that works best for you. I don't have a preference.

Carl: I've used many of these, and I have favorites for various things I do, like the podcast. Because each one has a niche. Does social media affect your work daily?

Carlos: On a professional level, I stick to professional mediums. I mostly try to stay off social media. I use message boards to get the latest information about Microsoft, Amazon AWS, SAP, etc. We deal with those every day. I like to stay informed with blogs or news feeds from those organizations

Carl: At Vision33, we have a strong partnership with Amazon. Customers run different solutions in the cloud and on-premise. You work with software providers all over the world. What are the most challenging parts of collaborating with these critical third parties?

Carlos: Time zones. Time zones are challenging when you're dealing with people in Asia or Australia. Even in Europe, where the time difference is only eight hours. It’s easy to hop on a call wherever you are – but finding the right time to connect with parties from different areas of the world is challenging. Microsoft Teams has an option where you can send an invitation to a group that says, "Here are three (or however many) options you can choose from for us to meet and collaborate. Can you please vote for the time that works best for you?"

Carlos: It’s sent just like a normal meeting invite, but the people you invited can respond, and the time with the most votes is your meeting time. It's helped me a lot because it avoids the back and forth. It’s automated.

Carl: I haven't initiated that yet in my work, but I need to learn how. I'm glad you mentioned it, because I have a hard time connecting with customers in the UK sometimes, and it’s because of the time zone issue. With so many hours difference, there are only a few times in the day that work for both of us. Fine-tuning that would be helpful. So far, the invitations I've answered have been from SAP. And I always lose to the Germans.

Carlos: You can add that to your signature file, too. If you email someone, they can click the URL at the bottom of your signature and see your availability. And if they want to make an appointment with you, you can share your calendar, too. It depends on how transparent you want to be.

Carl: I need to jump on that. Because everything we do seems global. And gets more global. I need to find better ways than waking myself up at 4:00 am.

Carlos: I agree.

Carl: As you work with customers and others, do you use automated systems? I know you use a ticketing system. Do you measure certain aspects of your work with customers? Do you track it and keep the KPIs, and those sorts of things?

Carlos: You hit on one; our ticketing system. Within our ticketing systems, whether they're created internally or by customers, we have a service level agreement. We measure metrics of satisfaction by randomly requesting feedback. That's from a customer engagement and ticket resolution perspective. We rely heavily on that to measure our response times and satisfaction rates. We also use automated tools that offer us feedback about how the systems are running. We have a management console with all our systems that our support staff resides on; it gives us our ‘heartbeat.’ "Is it on or off?" It also offers basic metrics at a glimpse via a green light, yellow light, red light system.

Carlos: "How is the CPU/memory performing? What type of hard drive capacity constraints do we have?" Basic information and feedback. Those numbers are set through thresholds we've set from what we expect the systems to be. That gives us agility. Also, proactiveness. Say we see a pattern on CPU consumption for an environment. We can say, "We need to adjust here." And proactively – without the customer even realizing what's happening on the back end – we’re increasing resources, avoiding downtime, or preventing users from being affected. We use that heavily in our daily work.

Carlos: What our support staff resides on is between the ticketing system and the monitoring system. They spend their entire days on those two systems. They're critical to our business. We discussed how we managed 100 customers an hour, and the answer is economies of scale. We used to do it with two support staff bouncing between environments, but we can’t do that anymore. One of the things we're excited about is a monitoring tool that can do what we call ‘self-healing.’ For example, if we're monitoring an environment and we see consistent errors, the tool can fix the problem without human intervention.

Carlos: That's exciting for us. It provides resiliency to our environments we can pass onto our customers. Our SAP Business One application should be like a light switch – nobody cares how the electricity arrives at the light switch. Nobody cares what happens on the back end. All we care about – and what we expect – is that when we flip the switch, the lights come on. When they don't come on, it's like, "How can this be?" We don’t ask why it’s not working. We say, "This is impossible."

Carl: There are only two options: it's great, or it's the worst.

Carlos: Our goal with SAP Business One on a hosted cloud solution is to offer our customers a light-switch solution – just click the button and it will work. Customers shouldn’t have to worry about what happens on the backend.

Carl: That's the goal for sure. Well, Carlos, I'm glad you joined me. I've been meaning to have you as a guest for a while. The things you shared will be helpful to many of our listeners – stuff they’ll follow up on in their plans to take better care of their own businesses. I always try to keep these times to 20 minutes, but it feels like we may have gone a little over. So, thank you for joining us. And until next time, I hope everyone stays connected.