0 Comments
A successful leader needs to meet people where they are at, invest in their holistic development, and be fully committed to mutual success. Anything less is likely to put your organization on a path to a degraded culture that can lead to an unnecessarily high turnover rate. A poorly performing culture and consistently high rate of exodus will hit your bottom line hard and fast. Over time, it can start to impact your top line revenue as unhappy employees tend to create unhappy customers. One need not look any further than bi-partisan politics to see that when mutual success is not a priority, calamity and frustration can ensue. Early in my management career I was introduced to Maslow's Hierarchy of Needs through the lens of leadership. If you are not familiar with Maslow’s theory, here is a quick overview.
It seems quite commonplace for people to assume only they themselves have complicated and sometimes messy lives. We tend to look upon others and assume they are happy and whole. We glean this assumption from minimal evidence gathered while observing their emotional facade. Our opinion of their life comes from our observation of their smile, happy social media posts, and that one afternoon we spend at their house watching the Superbowl. Every now and then, we get a glimpse into another personal reality and only then realize how many hurdles they must clear every day, just to make it to work. The online world of social media and blogging even has a word for it, sonder.
The best employees, the most successful people, are self-actualizing. They develop a drive and desire within them to be better, do better, and often lift up those around them. These are often the people among us that have great ideas, drive innovation, seem to effortlessly tackle that big project and then do not brag about it. In my personal experience, co-workers and good leaders, that were self-actualizing, did all those things and then still found time to help and mentor me, and were happy to do so! There simply is no book, college course, or weekend seminar to achieve self-actualization overnight. It is, instead, a journey. Often the path is riddled with derailments, resets, and setbacks. The journey never really ends. As with any journey, most of us need a guide. While Google Maps has made many great advances, they still have not quite figured out a GPS feature for our lives. The role of guide can, and in my opinion should, be filled by a good leader. Given the simplicity of meeting people where they are at, it perplexes me that so few leaders and companies pursue this approach within their corporate culture. It is even further baffling when, as I have, you see firsthand the benefits of this approach and still do not commit to it. To be fair, I slip up from time to time and catch myself failing to follow my own advice in some situations. Regardless of my human fallibility, it is always my intention to meet people where they are at and it is also a skill that must be in continual development.
Granted, the details of this framework are much easier to type than it is to practice its practical application. The good news is you need not be an expert day one. The biggest hurdle I see most leaders face is making the time to ask someone how they are doing and then commit to the conversation to work past the happy facade. Some of the worst managers I ever worked for intentionally took an opposite approach. If anyone has ever told you to ‘check your baggage at the door’, and you were not standing at the jetway of a plane, you have experienced the negativity of that tactic. MANAGERS An employee with a less than ideal attendance record gets called into their manager’s office.
Do you see any reason this manager was not justified in their approach or any reason to not support firing the employee? They violated the attendance policy, they were warned, they re-offended, they were fired. Seems pretty cut and dry by any employee handbook standards. However, let’s try a different approach, let’s explore sonder and Maslow’s hierarchy of needs this time around. LEADERS An employee with a less than an ideal attendance record gets called into their leader’s office.
LISTEN This fictitious scenario is based on a number of very similar situations I have helped my employees navigate. Listening with a commitment to hear, can uncover a number of viable solutions that provide a mutual benefit. Just because you as an experienced leader can think of several solutions, it does not mean your employees have the same knowledge or experience to help them navigate. If you have the mentality of a manager, you may read this and think, this is not my job, I do not have time to waste on employees that cannot show up on time, why don’t they just have someone else deal with his dad, and so on. If you have the mentality of a leader, and meet this employee where they are at, your reaction will be much different. A quick recall of the Maslow Hierarchy will remind a leader, that at this moment of life, your employee is operating at the very low end of the needs pyramid. They are worried about their “safety needs” and might even have some ongoing concerns in the “physiological needs”. A rather simple, and brief, check in with this employee and few supportive suggestions, could quickly move this employee up a few levels. An amazing, and frequent outcome of this approach is a corporate culture that prioritizes the well being of each other. A team guided by a leader that consistently meets them where they are at can form a strong culture within the team. As that grows, peers will invest in each other’s success and increase their personal commitment to their team and the entire company. Additionally, time spent helping an existing employee overcome life’s challenges it less expensive and less time consuming than hiring a replacement and repeating the cycle. MEET THEM WHERE THEY ARE AT In our company this element of our culture is very strong. Employees have helped each other overcome housing challenges, coordinated car pools to resolve transportation issues, back each other up when babysitters fall through, and much more. It has not stopped there. Our employee’s treat our customers with the same "meet them where they are at" approach and listen with a commitment to hear them. Instead of serving our customers at arm’s length, our team becomes a part of their team and a partnership is built and nurtured with every interaction. There will be bad actors. It seems to be an unfortunate inevitability. Putting this approach in practice can expose your organization to the risk that someone will take advantage of your support. The best counter measure is to ensure your company policies and employee handbook have a complementary framework. If an employee repeatedly misses agreed upon remediation goals and their performance is still missing the mark, dismissal may still be the best outcome for both parties. As a leader, you will know you did everything possible to help the employee be successful, even if the final outcome means they need to find their success elsewhere, they will still be better off for your guidance and demonstration of compassion.
 The last major component of a business-class network is a Wireless Access Point (WAP). This device allows Wi-Fi enabled systems to connect to your network. It is also common in many businesses to provide a guest Wi-Fi. It is critical to select a WAP that works with your network switches and firewall to segment the wireless network. Otherwise, others using your Wi-Fi would be able to access your other business computers and confidential business information. The wireless network is identified by assigning it a name, referred to as a Service Set Identifier (SSID) - more alphabet soup! The SSID is the name of the network that shows up on your wireless device when you search for wireless networks to use. While the specific name of the SSID is not very important, it should be something that clearly identifies your wireless network so you can distinguish it from others that may be in your area. SECURITY In addition to segmentation, a critical configuration setting for Wi-Fi is its security. A secure SSID limits connections to your network by controlling who has the password. It also encrypts the information sent over the wireless connection. Without this setting it is easy for an unauthorized party to ‘listen in’ on the information sent over the wireless network. That could allow them to access confidential information, including capturing passwords to any resources accessed over the wireless network. It is a best practice to restrict your employees from connecting their personal wireless devices to the same segment of your network used by your company’s computers. Smart phones, tablets, and devices like Amazon Echo and Google Home can introduce vulnerabilities into your network and also impact its performance. Providing employees with a secure and segmented wireless network avoids these risks. GUEST WI-FI
This can be a useful marketing tool to connect with customers using your guest Wi-Fi. A captive portal can also require the user to take a certain action to use the network, such as checking in on social media. Many hotels do this to send you to their website before letting you surf the web. UPDATE!
Keeping the WAP secure with by installing software updates is critical to keeping your business information secure. Additionally, software updates can improve the performance and stability of your wireless network and keep it compatible with new devices. A powerful feature that should be considered by business owners that want to keep their information secure is Unified Threat Management (UTM). UTM is a service that comes with a modern business-class firewall and only works if the Firewall is covered by a warranty and support subscription. Unified Threat Management uses advanced technology to identify potential risks and threats to your network. If any Firewall that is part of the UTM subscription encounters a new security threat, it shares that threat information with the other participating Firewalls and allows your Firewall to neutralize the threat. YOUR BUSINESS NETWORK CHECKLIST
These steps will help your business avoid network performance issues that can result in employee downtime, unhappy customers, and cyber attacks.  In my previous posts about your business network, we talked about your router, firewall, and switch. These posts are just the basics to get you down the path to a secure, dependable network for your business. If you have questions or need support for your network, an Integrated Service Provider can help. They can support your entire network and provide all your equipment, or they can address the elements your IT department would like. The important part is to give your network the attention it needs so you get the best value out of your technology.
 Part 3: SWITCHES In part 1 and 2 of our series about business-class networks, we covered routers and firewalls. But you have to connect everything. Here are some basics you need to know about your business network switches. Getting all of your business devices connected to your LAN requires a network switch. A network switch is a physical device with multiple connection ports to make a physical link between your computers and your Internet gateway.  DUMB NETWORK SWITCHES Network switches made for the consumer market and commonly found for sale on the shelf of big box stores have very limited functionality. These are referred to as unmanaged or dumb network switches. They provide a flat network where all devices connected have the ability to access each other. This also means the network data from all connected devices is in competition to get to and from the Internet.
CLEAN PIPES? Does your business offer a guest WiFi? A guest, using your LAN, may be able to access your other business computers and their information if your network switches cannot be configured to isolate devices.
A Managed Switch allows for multiple Virtual LANs (VLANs) to be configured to segment certain types of devices as needed by your business. In a business-class network switch implementation, it is best practice to isolate computers, servers, video cameras, phone systems, and guest networks.  SUPPORT A Managed Switch also provides more monitoring capabilities. Therefore, if an issue arises with your LAN performance, a Managed Switch provides more insight into the potential cause of the issue and reduces the time and effort to resolve the issue. A proper business-class network switch will also have a better warranty and support subscription from the manufacturer. Most business-class equipment come with at least a 3 year warranty. That big box store warranty is usually not longer than a year, or will cost you additional fees with sub-par service. The warrant entitles you to a replacement if the switch breaks at no additional cost. This allows you to avoid unplanned capital expenses to replace failed equipment. The support subscription entitles you to software updates which are just as critical on switches as they are on Firewalls. These updates keep your network secure, efficient, and free of issues. In our final installment of this network overview series, we will talk about your business Wireless Access Point (WAN). Please leave questions or comments below. You can tell me what you want to learn about in the "Ask Me" section at the top right of this blog page. Leeward Business Advisors provides secure solutions and business-class networking powered by Fortinet. We can monitor your entire network, including your managed switch and proactively maintain and provide remediation.
Leeward Elite provides a complete network package at a set monthly rate with no additional surprise fees. Don't Lose Sight: What you need to know about your business network: Part II - Your Firewall2/4/2020  Part 2: YOUR FIREWALL In part 1 of our focus on business networks, we discussed routers vs. modems. In this post we will talk about your firewall. It is important to pay attention to the security of your information and business resources. The network feature required to protect you is called a Firewall. It is an integral part of protecting your data. Without one, it is like leaving your front door open. WHAT IS IT
For you trivia buffs... The first commercial firewall, DEC SEAL, shipped in 1992 and included proxies developed by Ranum. Get more history here. There are two basic types of firewalls: hardware-based and software-based. Routers can include a hardware firewall. Data travels through the router firewall as it travels between the computer and the Internet modem. Software firewalls are installed on your computer and monitor the information requests. Using both offer the highest security level. CLOSE THE DOOR In part one we talked about cable modems functioning as a gateway to the Internet. Many cable modems also run Firewall software. Unfortunately, not all firewall software is created equally. In fact, most of the firewall software provided with a standard cable modem only provides a minimal amount of protection for your information. Some even come configured with a standard and well-known password. Meaning that anyone could easily look up that information and use it to gain unauthorized access to your business information. It is like closing the door but leaving the key in the lock. The firewall feature of a cable modem can also become overrun with usage, causing the modem to freeze or lock up and disconnect you from the Internet. To account for both the stability and security shortcomings of the firewall feature within a cable modem, it is best to install a purpose designed business-class Firewall. These will be designed for higher usage levels (number of computers concurrently connected on your network LAN accessing the Internet) and designed with better security features. Learn more about the difference between business-class and consumer-class firewalls.
Additionally, someone needs to be in charge installing those updates when they are released by the manufacturer. If you don't have a dedicated employee to make sure to keep up with updates, you may benefit from an Integrated Service Provider who can perform updates and proactively protect your data. AM I SAFE
In Part 3 we will discuss your network switch.
Please leave questions or comments below and you can tell me what you want to learn more about in the "Ask Me" section at the top right of the blog page.  Part 1: THE ROUTER One of your most important business assets may be your most neglected - your network. Your network connects your computers and makes accessing the Internet possible should rank higher on your business priority list. Most IT and technology support providers know their customers need to pay more attention to their business networks. Yet, instead of explaining its value and criticality, they market using fear tactics. Granted, many of the statements about cybersecurity risks are at least somewhat accurate. But you should make decisions about business investments based on insight, not panic.
This is part 1 and will talk about your modem and routers. BEFORE WE WERE CONNECTED Have you been around long enough to remember Personal Digital Assistants (PDAs), flip phones, or TVs that did not include the word SMART in their name? If so, then you know a device’s functionality is limited when it is not connected to other resources, like the Internet.
ROUTER vs MODEM Modem or a router? They both serve as a gateway between your internal Local Area Network (LAN) and an external Wide Area Network (WAN) and the Internet. Most Internet Service Providers (ISPs) provide this gateway as part of their monthly service. The most common in use is a Cable Modem. The Cable Modem takes a signal that is transmitted over a physical coax cable and converts it into a format that your computer can understand.
This means it just cannot handle the capacity of a small office; it works fine for a few home devices, but connect more than a few and the router function tends to fail. And they aren't very secure which leaves you open to cybersecurity issues. If consistent Internet access is important to your business, this issue needs to be overcome. The best practice is to disable the routing features in a modem and let a dedicated device do the routing. This is done when you put your ISP modem in Bridge Mode and get a router. In Bridge Mode the modem does less work, taxing its resources less and reducing failures and outages. The dedicated router is designed to handle more Internet usage and takes on the workload with ease. The router then provides better security and a more dependable Internet access. SO WHAT DO YOU NEED TO DO
If you are knowledgeable about putting your modem in Bridge Mode and adding a router - do it. If you need support, reach out to an IT solutions company (Hey, why not call Leeward Business Advisors?). This may seem like a lot of information and tech-speak. It is really all about protecting your network and making sure it is performing the way you need it to. It is important. It may seem easier to just call your Internet Service Provider and have them come connect you to the Internet, but you leave you and your business open to vulnerabilities that can easily be avoided. I will continue to share more about your network in future blogs. The goal is to educate you on what will help grow your business. Please feel free to leave questions or comments below.  I couldn’t do it alone; I haven’t done it alone
 Bandwidth is a measure of how much information can be sent over a network concurrently. Think of it like a garden hose. The larger the hose, the more water can flow through it. Bandwidth is shared by all the connected devices.  Most businesses have an Internet connection that has a different download bandwidth than upload bandwidth. This is not a significant concern for companies with a single location. However, if you have more than one office and need to share information between locations, you might be in for a disappointing surprise. Internet connections come in two varieties as it relates to bandwidth. Those are symmetrical and asymmetrical. ASYMMETRICAL The asymmetrical is the most common and where the provider gives you more download bandwidth than upload. This is a great solution for consumers and home users where most of the Internet activity involves downloading information, like streaming a movie.  SYMMETRICAL When a business has multiple locations sharing information, a symmetrical Internet connection, where download and upload bandwidth are equal, is more desirable.  SOME QUICK ALPHABET SOUP Network speeds are measured in bits, not bytes. Bandwidth is measured in bits per second (bps). Megabytes per second (MBps) refers to a unit of measurement for file size. Megabits per second (Mbps) represents the bit capacity of a network connection. (More info here)
When the offices exchange information, one is downloading and the other is uploading, but the information will be transferred using the lower of the two bandwidth factors (fewer lanes). The information flowing between the two locations travels at 10 Mbps between the locations. You have likely experienced this issue in your personal use of the Internet and resources like social media.
WHICH IS RIGHT FOR YOU Bandwidth needs vary from business to business and it is best to have a professional assess your needs. If you know your business will regularly access information resources between your multiple offices, do consider investing in symmetrical Internet connections. The other option is to use an asymmetrical connection, but ensure that the upload bandwidth is large enough to accommodate your needs. Some providers are now offering asymmetrical connections with 100Mb upload speeds, which should accommodate most multi-site business needs. (Need a refresher on Bandwidth vs Latency? Read this past article.) Economic Gardening: The Edge of Chaos; Finding Your Goldilocks Zone; Crossbreeding the Winners1/6/2020  The Next Big Idea: Growing Christmas Trees in the Desert It does not need to be a tree specifically and the desert is not the only option, but if you want to build a sustainable business with unlimited growth potential, you do need to live on the Edge of Chaos. The balancing act is finding the edge, getting as close as possible and not falling over. This is the Goldilocks Zone, where entrepreneurship thrives. Stand too far away from the edge and you simply will not be distinct enough to thrive without significantly deep pockets. Entrepreneurs venture to build something that others have not or cannot. It is this type of entrepreneur that needs to find the Edge of Chaos and be very comfortable operating there. I WOULD LIKE TO GET THIS IDEA OUT IN THE WORLD I have an opinion on the definition of entrepreneurship; I believe it is being over applied. I see an entrepreneur as someone that builds something new and different. That is not to say that becoming a franchise owner or purchasing a well-established business is any less significant and amazing. It is simply different than what fits my view of an entrepreneur. If you don’t buy that franchise or purchase that 30-year-old ice cream shop, someone else will. Entrepreneurs venture to build something that others have not or cannot. It is this type of entrepreneur that needs to find the Edge of Chaos and be very comfortable operating there. This is disruption.
IT'S ALIVE A business is far more akin to a biological entity than a mechanical one. In a biological environment the entities are impacted by the changing environment around them. The Edge of Chaos is where conditions and circumstances overlap to allow the creation of a new product or service that others have not been able to produce. Operating successfully at the Edge of Chaos puts a business ahead of others and makes it difficult for others to catch up and replicate. If you have a great business idea you are afraid to share because you think others would steal the idea and beat you to market, then you are not living on the Edge of Chaos. If you have a method and process to get evergreens to thrive on inexpensive desert soil, you’ve found the Edge of Chaos.  Finding Your Goldilocks Zone Let's explore how you can find your edge of Chaos. Some entrepreneurs are naturals at spotting opportunities and gravitate toward the warm glow of chaos. Sometimes it is as simple as being in the right place at the right time. Bill Gates saw the opportunity for disruption and built a highly agile software company during a time when the industry was dominated by slow moving, cautious, corporations. Not all of us are this lucky. Fortunately, for the rest of us, there are few reliable methodologies to find the elusive Goldilocks Zone - where entrepreneurship thrives. THE GOLDILOCKS ZONE Subject matter experts, customer feedback, and crossbreeding winners are three very attainable and successful approaches. I should note, this NEEDS to be an intentional effort. Your organization needs to put a priority on this quest and allocate resources to pursue. Solicit your SMEs and customers for feedback on your current products and services. This inquiry needs to go much deeper than your traditional satisfaction survey. You need insights into what is missing, what works well, what goes unused, what excites them, and what enables them.  What problems do they have that you are not solving? What don’t they like about how you deliver service or product? You need to fully understand the emotion your service and product invokes and where you are missing opportunities to thrill your customers. THINK AMAZON PRIME Amazon already had a very successful business model and significantly disrupted the retail industry. They were founded standing with their toes on the Edge of Chaos. The environment around them continued to evolve. Other retailers added more and more features to their own eCommerce platforms to compete with Amazon. Amazon responded to the growing number of big box stores entering the eCommerce space by launching Amazon Prime, which leverages capabilities and resources Amazon has that no other retailer has under one roof. Walmart could beat Amazon at deliveries and returns, but is not positioned to serve up massive digital content and extend its accessibility through a smart speaker. Netflix and Hulu could beat Amazon at digital content, but no one considers Netflix or Hulu an authoritative source of which crock pot has the best consumer reviews. Amazon can fulfill all those consumer needs in one brand. JUST DO IT Once you find that opportunity you must put the plan into play. This might include modifications to existing services or products, creating new, or changing the way you deliver your services and products. The key here is to make sure you are working within your capabilities and combining your resources in a way to create more value for your current and future customer base. Remember, you are planning to move in snugly to the edge of chaos. One should not stand there very long without checking to make sure the right results are happening. Consider setting up a few focus groups or meet with current customers to get their feedback on this new offering. If you are bold enough, you might even consider sharing your idea with a competitor to gauge their reaction. If you have truly found the edge, they will not able to quickly replicate it. Their reaction to your new product could offer valuable insight. Amazon lives, quite successfully, at the edge of chaos. When something shifts in their environment, they adapt and move to a new Goldilocks Zone. Embrace feedback and be willing to make changes to stay at the edge. Keep in mind your business is more like a biological entity. To survive at the edge, you must be alert and swift in making decisions.  Crossbreeding the WinnersAs I have discussed previously, we view businesses as more akin to a biological entity than a mechanical entity. Businesses do not exist in a vacuum and their success, or failure, is influenced by the environment around them. In order to thrive as a business, it is important to innovate. The most powerful innovations are ones that live at the edge of chaos. This is where the conditions and circumstances overlap that enable the creation of a new business offering that is difficult for others to replicate.
This approach is more powerful than the prior, as you are not limited to crossbreeding your own products and services. Rather you can pull for a nearly unlimited list of ideas and combine them in new ways that create offerings your business as the resources and capabilities to deliver. We do this regularly in our business and it has given rise to some of our most successful solutions. Here is how to get after it. BUILD THE LIST Brainstorm a list of winning products and services. I recommend looking both within and outside of your industry for ideas on highly successful solutions to add to your list. Do not slow down your process worrying about organizing or sorting this list. In fact, capturing the ideas in a random order or grouping will support this process. There really is no way to go wrong in this phase, the more ideas the better. PREPARE FOR THE GENETIC MODIFICATION Break your list into two or three groups. Random selection is the preferred method, at least for your first attempt. You may find a grouping strategy you prefer after completing the process a few times. Invite a few team members to join you in this part of the process. Provide everyone a copy of the same information. Working independently, each person should select one item from each group and work on one hybrid at a time. For example, let’s say we want to combine jalapeno poppers, hot sauce of the month club, and virtual reality. All three are successful business offerings, yet they are unrelated as products. The key is not to focus on combining the literal products, but rather bringing together the features and benefits that made them successful and then create a new offering based on those design goals. Following our example, you would create a chart something like this:  BREEDING THE WINNERS The next step is to combine the features and use them as a guide to create a new idea. It is not mandatory to use all the features and creativity is strongly encouraged. In our example, we will use the following features: Now each person should brainstorm a list of new products or services that would have these features.
Let’s imagine our company provides door delivery of common grocery store items. Using this list, I might create a recipe of the month club that uses exotic spices. Each month we would send our customers a new recipe card and sample packs of the unique spices and a link to a pre-populated shopping cart containing the rest of the recipe ingredients. This offering would encourage them to continue to use our grocery delivery service, generate additional revenue from the recipe membership, and introduce them to new unique spice products they might not otherwise purchase. This is just one of many new ideas that could be generated with the same list of features. Continue this process independently until each person has 3 to 5 new ideas. Then each person should present their ideas to the group, take feedback and update their idea to incorporate others' ideas. Have each person pick one they like the most. Using this one idea each, create a short sales pitch, ad, or product sheet. Present and review the final selections with the team. PRIORITIZING AND ORGANIZING THE CHAOS
I prefer to start by evaluating the Degree of Difficulty for each idea, then take the top 3 on for further consideration. You could also add in a SWOT analysis (Strengths, Weaknesses, Opportunities, and Threats). If you have the resources available, you may even consider doing focus groups or public surveys to help whittle down the list. The two most critical factors are to ensure that you have an idea the market will want to buy and that your company has the resources and capabilities to produce this new product or deliver this new service. I always recommend doing a pilot release of any new offering. Use feedback from pilot customers to refine and improve the offering before a full scale release. The frequency at which you create new offerings depends on your business model and the markets capacity to consume new offerings. DO NOT BE AFRAID TO BE BOLD Gather data and adjust your approach and frequency over time. Your new ideas are based on winning features that have been proven in the market. Add description If you continue to do the same things, you may not continue to get the same results - you may get left behind. Entrepreneurs venture to build something that others have not or cannot. It is this type of entrepreneur that needs to find the Edge of Chaos and be very comfortable operating there. This is disruption.
Retailer Improves Security and Simplifies Operations at 740 Stores - Without Increasing Costs12/18/2019 Fortinet completed a case study about the technology solutions Batteries + Bulbs chose on Leeward Business Advisors advice. 
Vice President and CIO Michael Lehman is a nearly two-decade veteran of the company, having arrived in early 2000. “At the time, we had five IT employees for 120 stores,” he recalls. “And our data center consisted of a single server.” Today, the IT team consists of around 75 people, providing development, service desk, and infrastructure services to headquarters and to the corporate and franchised stores. Given the unique needs of its market niche, the company has built its own custom applications for its eCommerce site and point-of-sale infrastructure as well as a sophisticated cross-reference tool that shows which batteries fit which devices. ENHANCING CYBERSECURITY While in-house development is a key part of Batteries Plus Bulbs’ strategy, Lehman’s team does not hesitate to use third parties to perform specific functions or to supplement the internal team during specific projects. Cybersecurity is one area where the company has relied on service providers for close to a decade. “Franchisees want secure and compliant systems, and we do not want to pretend that we have the in-house expertise to make that happen,” Lehman contends. Two years ago, Batteries Plus Bulbs’ contract with its managed security service provider (MSSP) was coming up for renewal, and the team knew they needed to update the way they approached security. “We engaged our legacy provider eight years ago, at a time when retail organizations were scrambling to meet new security requirements,” Lehman recalls. Specifically, versions 2.0 and 3.0 of the Payment Card Industry Data Security Standard (PCI DSS), released in 2010 and 2014, introduced new, more stringent standards for merchants.
security operations functions as possible. Ideally, the software and hardware used by this provider would be integrated as well. “Unlike last time, we had a defined idea of what we wanted,” Lehman says. “So, we decided to do a smaller, more directed proof of concept (POC), focusing primarily on the hardware selection.” Batteries Plus Bulbs selected Fortinet as its hardwareprovider over another vendor. To manage this relationship, the company selected Fortinet Partner Leeward Business Advisors, a Wisconsin-based consultancy that takes a broad, strategic approach to designing technology solutions for businesses of all sizes. LeewardBA won the contract for a number of reasons. “They took the time to understand our business and put together a thoughtful proposal that was a value add for us,” Lehman relates. “They also provided a superior solution at a really good price.” Specifically, Batteries Plus Bulbs appreciated the fact that LeewardBA has both security operations center (SOC) and network operations center (NOC) capabilities and uses the fully integrated security solutions of the Fortinet Security Fabric. “The Batteries Plus Bulbs team saw the value in our broad capabilities,” says Michael Polzin, CEO at LeewardBA. “Our ability to dynamically support the desktop infrastructure, switching, and the wireless infrastructure in addition to the SOC was a huge advantage.” DEPLOYING COMPREHENSIVE SECURITY The LeewardBA solution is built on FortiGate next-generation firewalls (NGFWs) installed at each store. The FortiOS operating system underlying the NGFW technology also enables all other Fortinet Security Fabric solutions—including third-party solutions developed by Fabric Partners—to be seamlessly integrated. All Fortinet solutions are backed by comprehensive, artificial intelligence (AI)-enabled threat intelligence from FortiGuard Labs. And LeewardBA has access to other sources of threat intelligence that have also been integrated into the Security Fabric. One welcome feature of the FortiGate NGFWs is FortiGate Secure SD-WAN functionality, which the company uses to connect its 740 stores to the headquarters. This robust software-defined wide-area network (SD-WAN) technology enables the company to safely use the public internet to scale network traffic, rather than relying solely on expensive multiprotocol label switching (MPLS) circuits. “Managing this part of the solution enables LeewardBA to ensure network performance as well as security,” says Jason Klein, CTO for LeewardBA. Another feature of FortiGate NGFWs that Batteries Plus Bulbs is taking advantage of is intent-based segmentation. “For PCI compliance reasons, our register network is separated from the rest of the infrastructure,” Lehman explains. “Being able to take advantage of the dynamic trust models in the FortiGate makes this segmentation even more robust.” LeewardBA also manages instances of FortiManager VM and FortiAnalyzer on behalf of Batteries Plus Bulbs. “These tools enable us to provide centralized management from a single pane of glass, detailed reporting, workflow automation, and trends analysis,” says Klein. “This enables the in-house team to get a complete picture of their security posture at a glance, at any time.”
Batteries Plus Bulbs also elected to subscribe to the FortiGate Unified Protection (UTM) Bundle, which gives the company access to security services like advanced malware protection, web filtering, IPS, and application control—enabling the company to retire several point products. “They are using just about every element of their UTM package, and they love that it is all visible from one place,” Klein reports. In addition to the consolidation accomplished to date, the FortiOS platform and the Fortinet Security Fabric provide the flexibility to add myriad additional security features in the future—all seamlessly integrated with centralized visibility and control. “The flexibility and scalability of the solution was a big selling point for Batteries Plus Bulbs,” says Peter Van Opens, a client success manager at LeewardBA. STARTING TO SEE TANGIBLE BENEFITS The deployment was rather complex, given the number of point products being retired and the number of separate franchise groups Lehman’s team supports. Batteries Plus Bulbs and LeewardBA moved at a deliberate pace and recently completed the rollout. “We are now working on final fine-tuning for this project and planning for next steps,” Klein says. And while specific results are not available yet, the company is beginning to see benefits. Perhaps the most visible benefit to Lehman’s staff was a greatly increased level of visibility of the company’s security posture and infrastructure. “We were often in the dark with our prior solution,” Lehman remembers. “Our prior MSSP did not provide us with actionable insights about what risks we faced or what we could do about them.” “Now we have security information by glancing at a screen, and we can drill down to any level of detail we need,” says Dan Dugan, vice president of IT for Batteries Plus Bulbs. “We can take a more proactive stance to managing security. This gives us confidence that we are equipped to manage security threats for the next 5 to 7 years.” Another benefit is the flexibility of the Fortinet solution. “I was pleased with the many ports the Fortinet devices have,” Lehman says. “This gives us the flexibility to add services in the future without having to rearrange the infrastructure.” One example of this flexibility is that stores have been able to set up a separate wireless protocol specifically for testing smartphones and tablets that are brought in for repair. “We need to isolate customer devices from company devices,” Lehman explains. “So, it is prudent to be able to have a dedicated testing protocol.” Controlling costs is another benefit of the LeewardBA/Fortinet solution. “This wound up being a cost-neutral project,” Lehman relates. “When we set up the security infrastructure eight years ago, franchisees starting paying a cybersecurity fee that they had not paid before, and this was frustrating for many of them. The new solution does not increase their fees, yet it delivers much more robust security and performance.” Finally, Batteries Plus Bulbs now has a scalable solution that makes adding additional security products and services very easy. “Having a single provider gives us economies of scale, and we know that services we add later will be compatible,” Lehman asserts. “Some of what will happen in the future is unknown today, but we have the depth and breadth in our security architecture to provide protection from whatever comes along.”
|
AuthorMichael Polzin is the CEO of Leeward Business Advisors. He has over 25 years experience in Information Technology. 
Archives
April 2020
|
