Whether it’s the cool craft brew pub on the corner or the hottest new app, it’s clear that Americans love the excitement, risk, and reward of creating the next big thing in a small package. What also is clear: the US economy loves small and medium-sized businesses because their innovations propel economic resilience, allow us to compete more successfully overseas, and create opportunities for diverse and inclusive business ownership. While many assume huge multinational corporations motor the marketplace, the truth is local SMBs do.

Until very recently, SMBs comprised 99.9 percent of businesses and 47.5 percent of private sector employment in the US. Sadly, SMBs have taken a tremendous hit in 2020, with the COVID-19 outbreak presenting unexpected obstacles to their success and survival. How SMB owners and C-suite leaders have deployed technology is turning out to be a major factor in how, or if, their company will survive those challenges.

Like large companies, SMBs have become dependent on technologies to support critical functions such as marketing, sales, manufacturing, and customer experience, in addition to traditional back office. Those SMBs that have managed their technology with oversight and efficiency are realizing opportunities for competitive advantage. Of those that haven’t, many are struggling to overcome the effects of technical debt—specifically, what I call “Tech Debt 2.0®.”

The concept of technical debt has been around for nearly three decades. Howard G. “Ward” Cunningham, a programmer known for developing the first wiki, is credited with coining the term. “Shipping first-time code is like going into debt,” according to Cunningham. “Every minute spent on not-quite-right code counts as interest on that debt.” In other words, a little debt speeds development, as long as it is paid back promptly with a rewrite. This description makes the trade-off clear: Speedier development time and the ability to rush to market is leveraged against future work to improve and support the first version’s imperfections. The “interest” is a stand-in for future development costs, increased support headaches, and potential hits on credibility.

In my book Tech Debt 2.0®, I compare the concept of technical debt to financial debt. One way in which the analogy doesn’t work quite as neatly is that financial debt is typically owed to someone else, usually a bank, credit union, or rich uncle. Tech Debt 2.0, however, is something your small business owes to itself.

Similar to the original definition, Tech Debt 2.0 refers to an imperfection in the state of technology that a business should rectify in the near future, causing interest to accrue that is either financial or non-financial in nature. But, the definition is not simply limited to software development—because the problem isn’t simple at all.

For example, Tech Debt 2.0 can be attributed to the version of software and operating systems, the level of security capabilities employed on systems, the age of networking equipment in the data center, or the compatibility of existing solutions with new, cutting edge technologies. If you know where to look, the effects of Tech Debt 2.0 can also be found in data quality, business processes, and even among IT talent. The effects can be compared to accrued interest and directly impact, or irrevocably threaten, the bottom line.

Tech Debt 2.0 can translate into excessive costs for businesses, whether from rectifying security breaches, recouping lost revenue, or increasing expenditures. It also comes with a significant non-financial price tag. Tech Debt 2.0 can drive down employee morale, inhibit the recruitment and retention of good talent, and negatively affect the merger and acquisition process. And, it can have disastrous effects on a company’s reputation.

SMBs may not recognize IT as the key strategic asset it is, and, therefore, may wind up underutilizing IT for competitive advantage. Another distinct challenge for SMBs is their ability to minimize the impact of Tech Debt 2.0. The challenges of proactively managing their company’s technology investments are aggravated as SMB leaders confront the challenges of COVID-19.

The first step for leaders is getting a firm grasp of tech debt, the intersection of technology and economics, and how to recognize the different types: unplanned, creeping, and intentional. With an understanding of tech debt, SMB leaders can then take steps to avoid it, eliminate, or use it to their advantage. In Tech Debt 2.0®, I offer SMB leaders a tool to measure their company’s tech debt to help guide the future direction of their business.

Every SMB leader has an opportunity to positively impact their organization during this time of crisis and throughout the uncertainty ahead. Following are offensive and defensive actions you can take today:

On Offense:

• Do a health check of your project portfolio and reprioritize backlog.
• Refocus IT governance to accelerate decision-making and maintain alignment.
• Develop an “acute” action plan with intent and purpose for the next 30, 60, 90, and 180 days.
• Prioritize actions that focus on revenue preservation and customer experience.

On Defense:

• Diagnose your tech debt and plan to address root causes.
• Conduct a business impact analysis to prioritize your cyber risks.
• Review and revise essential “pandemic” security policies and practices.
• Engage your team and external partners to identify cost-saving opportunities.
• Protect core operations and monitor critical infrastructure services of internal users.

Above all, stay healthy and stay positive—for the sake of your family as well as your business.

[This article was originally published on ceoworld.biz.]

SMBs face many, if not more challenges than enterprise size businesses and have less resources to take on these challenges. As SMBs take greater advantage of technology to transform and grow their businesses they often incur another challenge that provides opportunity but is often fraught with peril. That challenge is the complex world of software licensing.

Over the years as technology has evolved from big mainframe computers to client server and network-based applications and today to cloud based applications software companies have evolved their pricing and licensing policies.

Making assumptions about how software licensing works or far worse ignoring software licensing can destroy an SMB, sucking up financial resources in fines, penalties, and unplanned licensing costs. Just as bad it can damage a company’s reputation exposing illegal license use or piracy.

The upside opportunities in software licensing are in taking advantage of software companies’ options for volume licensing, enterprise licensing and the world of open source. SMBs should make sure their CIO understands software licensing as it applies to your business and take all necessary steps to stay in compliance. Many 3rd party firms can provide guidance here including the software companies themselves. IT Ally™ is ready to assist you getting and staying on top of software licensing compliance.

Here are five key points about software licensing:

1. Look into volume licenses or site licenses whenever possible. These arrangements offer lower prices and often make administration tasks easier.

2. Know what “free” means. In the context of software licensing, free doesn’t refer to price. It means free in the sense of “free speech” and refers to the rights and restrictions imposed on using software.

3. Free or open-source software has fewer restrictions. If a program is released under a free software license or an open-source license, you generally don’t have to ask anyone’s permission to use it.

4. Read the End User License Agreement (EULA). It’s always a good idea to review these agreements, but it’s especially important to do so for one-off or small software purchases from less well-known companies. The EULA spells out what you can and can’t do with software. It covers everything from how many copies you can install to what the software company can do with your data and what additional software the company can install on your computer.

5. You may get secondary or home use rights. You may be able to install copies of the software on more than one computer, with certain restrictions. For example, you may be able to install a copy of the software on a home or portable computer, as long as it is not used at the same time as the software is used on your primary computer.

Establishing a successful business today involves undertaking projects to introduce innovation and achieve competitive advantage and differentiation. The Standish Group, a primary research advisory group reports that less than a third of IT projects were completed on time and on budget last year. For SMBs delivering successful projects is a major challenge. Wrike, the collaborative work management company says barely half IT project managers have any certification. That is quite often the case for small and medium size businesses. One key to meeting this challenge is to begin projects with a robust requirements gathering plan and process. Time spent gathering requirements can pay major dividends through the life cycle of the project. A multi-track approach to gathering requirements helps unearth hidden and hard to identify needs.

Here are eight techniques to use to identify requirements for your projects.

1 – Interviews – with a broad spectrum of stakeholders
2 – Questionnaires – carefully chosen, probing questions that allow respondents to reflect and put their thoughts in writing.
3 – Workshops – that will surface divergent opinions and contrasting views.
4 – User observation – ideally record the actions and activities that really take place during a process, look for artifacts posted in cubicles, keyboards, etc.
5 – Brainstorming – surface “what if” and blue-sky ideas that help break out of the current state context and consider new visionary ideas.
6 – Role playing – have people play different roles to understand how different parts of the system will need to work to support the integrated process.
7 – Use cases and scenarios – can be used to validate the envisioned process and identify exceptions and boundary cases that need to be considered.
8 – Prototyping – helps reverse engineer the requirements by identifying “I don’t know what I want but I don’t what that” features.

IT Ally™ has the resources and methodologies to help with requirement gathering and other critical phases of your IT project.

The rapid evolution of emerging technologies and the impact this has had on business has propelled technology executives into the C suite across most industry sectors. This has generated much discussion and activity around the new responsibilities and skill sets technology executives must accept and master. A great deal has been written to advise and assist CIOs and CTOs become leaders and successful contributors, setting and executing strategy for businesses on the path to digital transformation.

All of this is positive and will strengthen the individuals and organizations to the extent that they adopt the advice. Not so much attention has been given to the other members of the C suite – CFOs, CEOs and Board members who are also incurring new responsibilities and the need for new skills as businesses develop models focused on emerging technologies.

CFOs in particular need to recognize the expanded responsibility they have as business uses technology to develop new deep relationships with customers, suppliers, employees, regulators and shareholders.

Navigating Digital Transformation

The technology chiefs will have responsibility for knowing, recommending and implementing technology – dealing with the detailed, system integration, deployment and operation of infrastructure and applications.

The CFO’s responsibility is the financial impact of digital transformation on the enterprise and that can be extensive in ways that never came into play before.

To be clear, the focus for the CFO and C suite should be the management of technology’s role in the business and not the technology itself. Technology is evolving rapidly and promising so many attractive potentials that it is tempting to take on an aggressive agenda seeking benefits across an array of technologies. By focusing on strategies to manage technology the C suite can safeguard and promote the future of the business.

The CFO is responsible for weighing the value of all technology investment. He or she must consider each investment in the context of the entire business. For example, a customer experience improvement must compete with a new marketing campaign and literally countless other ways of investing the business’s resources. Steps to reduce cost through automation or outsourcing need to consider the effect on customer service and ability to develop new product.

Near term decisions need to allow for strategies to future proof the business, to remain flexible and able to respond to changes in the market as customer needs change and technologies continue to evolve.

Managing Cyber Security and Risk

Cyber security has become a major responsibility for the CFO and his peers. A security strategy to prevent compromise is essential. A strong combination of internal and external security protection must be in place. Equally important is a robust, rehearsed response plan for when security is compromised. The financial implications of a security breach are severe and far reaching.

Research conducted by the National Cyber Security Alliance found that as much as 60 percent of hacked small and medium-sized businesses go out of business after six months. While the CIO deals with the technical aspects of a breach, it will fall to the CFO to answer to the regulating authorities, banks, customers, and suppliers. and take steps necessary to restore the business to firm financial footing, if possible. Security also plays into the very valuation of the business. A security breach can have impact on the valuation of a business, and security must also be considered regarding mergers and acquisitions. A CFO must be on guard against acquiring a company that brings with it a significant security risk.

Given these increased responsibilities for navigating digital transformation, in addition to a full load of strategic and day to day operations what is a CFO to do? Well, don’t go it alone.
Small and medium size businesses can work with a partner who has knowledge and experience – real experience in situations where what they know and what they have done can be applied to their enterprise.

48 percent of SMBs plan to transform their business for a digital future yet many don’t understand what digital transformation really is.

Strategic Financial Management of Technology

CFOs can develop a playbook. Identifying areas to be addressed on a regular basis using internal and external resources. The CFO and C suite peers will learn to assess technologies that have real value for that business. They will know the cost of these technologies, the impact to the current and future bottom line and the opportunity cost of the choices they support.

They will learn to focus on the management of technology and best practices in IT governance, and portfolio management. The C suite team will become aware of and sensitive to IT debt built by deferring investment to replace aging infrastructure or legacy applications. They will avoid building liabilities that reduce the business’s valuation, increase risk and hinder the flexibility needed for the future of the business.

Mastering the Customer Experience

They will also become technology users familiar with and benefiting from data analytics, business intelligence and process automation. They will invest time and effort to learn what their customer’s experience is and how to improve it.

Partnering with a network of expert resources the C suite will demystify the hype around IoT, Artificial Intelligence, Block Chain and Machine Learning and understand when and if these technologies might have true meaning for their customers and add value to their enterprise.

To increase their ability to manage technology the CFO and peers will get involved, learning how emerging technologies are being used in their industry or similar industries. Environmental scans will assess what is being done by traditional and non-traditional competition.

By exercising this playbook periodically and repeatedly, the C suite will monitor progress being made, refining and maturing emerging technologies. This will promote development of an organization with the people and resources that can take advantage when the time is ready.

What We Can Achieve Together

If you are looking for assistance on the journey to digital transformation, IT Ally™ can help. For starters check out our Diagnostic. To learn more about IT Ally’s C Suite IT Advisor services, please visit itallyllc.com or, schedule a 30-minute consultation with one of our key advisors.

In today’s world of rapidly advancing technology, cyber advisory is the last thing your SMB wants to think about. But in reality, that’s not ideal.

Many small and mid-size businesses don’t have systems in place if their business is under a cyber attack. In fact, one of our previous blog posts addresses this issue. Nearly 82 percent of SMBs don’t have a plan in the event of a cyber attack. As a result, up to 60 percent of SMBs go out of business within six months of an attack.

Cyber advisory is one of the best defenses your business can have, but is it right for your SMB? Here are some signs that it might be right for you from Neal O’Farrell, Managing Director of Cyber Advisory at IT Ally™.

Difficulty Communicating Risks

At times, it can be difficult for business leaders to communicate well in their organization, whether it’s to their employees or board members. For an IT leader, that can be especially true. Not everyone at the organization understands what their IT leader does, so when they try to communicate the need for more security, it may be hard for them to get that across to other colleagues. This can be especially hard if any technical problems your IT leader gets blamed for your SMB’s IT issues. If cybersecurity isn’t part of their priorities, they won’t bring it up.

This is where cyber advisory is important because advisors know how to communicate these issues, especially to boards who need to hear it the most. They can also bring forth the discussion if it hasn’t been brought up. Advisors will be more open and honest about issues and concerns since they aren’t part of the organization either.

C-Suite Lacks CSIO

If you’re an SMB, you likely don’t have a CSIO, which leads to cybersecurity not getting the attention it needs. Similar to the last sign, your management team may not have the right questions or insight to take on cybersecurity.

If you don’t need someone full-time, but you want someone who can give you the best IT and cybersecurity guidance possible, cyber advisory is the ideal solution.

No Contingency Plan

There’s a saying that “a goal without a plan is just a wish” and that holds true for contingency plans. When you see the statistics, it’s better to have a plan than no plan at all. Of course, you hope your SMB will never have to use it, but if it were to happen, it could not only save your business but also save your business money as you manage the ramifications.

Numerous studies show that response plans that are thought out and executed well can save an organization a lot of money when the inevitable happens. Cyber advisory services can be a great resource as your organization develops a plan. Advisors not only have the latest knowledge, but also the outside perspective. This allows them to help you create a plan that fits the needs of your organization.

Low Priority for Board

Some boards just don’t care when it comes to cybersecurity. They either think that an attack will never happen to them. Or, they expect a cyber attack to happen, but don’t have a plan and are willing to deal with the financial deficit that goes with it.

If your SMB brings in cyber advisory services, they can change the conversation in a language they understand. Advisors can push through cybersecurity roadblocks, help the board navigate security and privacy regulations, aid in decisions and bring a fresh, outside perspective on the organization. Boards not only find it helpful, but refreshing.

If these signs ring true for your SMB, IT Ally may be able to help. With over 30 years of experience and perspective, our cyber advisors can provide the best knowledge and insight for your organization. Get to know us today by contacting us or by signing up for a free consultation.

This blog is based on an IT Ally Podcast featuring Neal O’Farrell, Managing Director of Cyber Advisory at IT Ally. Listen to it here.