In the pile of junk mail today was a damnable claim by Google that a 10 person company can save $35,000 per year by using Google Apps. Huh? If I bought 10 new PCs with Office EVERYTHING and backed them up and formatted/reinstalled them 37 times, it wouldn't come close to $35,000!!! I seriously hope this is a typo. If not, I'm willing to sign up today.

The flash on the phone's camera obscures some text. It reads "Number of employees in company."

Just buy an OS license per user, right? Not so fast, there. Behold the glory that is the Virtual Enterprise Centralized Desktop or VECD. This special license, with an even more special name, is required for every virtualized desktop. And the best part is that it's only sold Per Device. Connect from your PC at work - that's 1 license. Once in a while from a laptop? That's a second license. Microsoft does allow access from home without requiring a second license. And you can receive up to 4 virtual instances per license, which is nice.

Per Device licensing has always seemed a bit strict for those organizations that nearly match in users and devices. Usually Microsoft offers both Per Device and Per User options. This is even more so for those users that login from multiple devices, which is a rapidly growing segment of the workforce. I connect from four different devices regularly.

Joe has been posting a nice buyer’s guide about the features available on various SAN storage products. But it doesn’t really address the question of why move from direct attached storage (DAS) to a SAN. What benefits does a SAN bring to an organization?

To answer the question, we have to look at how storage is purchased and provisioned without SAN based storage.

Say you have an older File Server which currently has 500GB of data but can’t take any more drives.  Performance is fine but you decide you need to upgrade to a new server to add more capacity. You want the new server to have room to grow, so you spec out and order a server with 1TB of disk space. You also have Mail Server. It’s a pretty new server, but you recently merged with another company and the mail store size doubled overnight.  It needs storage and fast, but not a lot as you don’t anticipate the mail store growing so quickly in the future. You have 500GB of storage sitting on the new File Server, but you can’t use any of it to host the mail store.  So you order an external tray with just a couple drives and still end up with more storage than you need.  

Ten months later you look and see that file server data is growing rapidly and the free space is already gone.  You have an external tray attached the mail server, but you can’t use that to attach it to both servers. So you have to purchase a separate tray for the file server.

This example is over simplified, but it highlights three problems of direct attached storage:

·         Poor scalability

·         Poor Utilization

·         Silos of storage

Poor Scalability

It is not uncommon for an entire server to be replaced just to increase capacity. Not only is this expensive, but if the old server was performing fine you are buying additional resources (processing power and RAM) that you don’t really need. Adding external trays allows you to add large chunks of capacity, but what if you only need a bit more space. 

Poor Utilization

Data growth is dynamic which makes calculating your future needs difficult. The lack of flexibility in DAS discussed above and the fact that adding capacity frequently involves downtime or complete server migration leads organization to buy much more storage upfront than they need.  The result is servers with considerable amounts of unused storage.

Silos of storage

Because of the two problems above you end up with servers with spare capacity, but it is unavailable if another server needs it.  You have storage you’ve paid for but can’t use. Organizations respond in two ways, they either accept this inefficiency or start adding multiple services to servers that have space even if it violates best practices.  An example would be adding high usage file shares to your mail server.

How a SAN helps

A properly designed and deployed SAN addresses each of these problems.  SAN based storage is scalable, flexible, and allows storage to be shared between servers.  The end result can be better storage utilization meaning you only buy the storage you need and can easily add more as needed.  SAN based storage is also a critical element that enables organization to effectively utilize advanced technologies like clustering and virtualization.

Hopefully you now understand the benefits of SAN based storage and have decided it’s time to add it to your organization.  As you can tell by the number of features Joe has in his buying guide, there are many more options and decisions to make. Like any new technology deployment, good guidance can mean the difference between a successful deployment and failure. In future posts I’ll break down:

·         What is a SAN? Or more accurately what components make up a SAN?

·         How should a SAN be used and how should it not be used?  There are many ways to deploy a SAN can limit its utility and seem to be more expensive and troublesome than it works.

Running antivirus has become standard practice on home computers and corporate desktops alike. It is required by a number of security certifications and most IT security policies.  Yet I’m willing to bet that almost every company has still seen an increase in the number of computers infected with some form of malware.  And cleaning up the havoc malware reeks is becoming more and more difficult. It would seem antivirus is letting us down when we need it most. This is backed up by recent research that shows that of 10,000 computers infected with a common Trojan virus, 55% were running fully updated, fully functional AV software.  

So, if you are running antivirus why doesn’t that protect your computer?  In my view the problem with antivirus is that it is far too reactive and not proactive.  To explain, let’s look at how antivirus works:

·         Antivirus companies scour the internet looking for new malware. The problem with this is that some poor soul is already infected at this point.

·         The antivirus company then has to build a signature of this particular malware. This takes time during which your computer is potentially vulnerable.

·         The signature is than packaged and pushed out to the antivirus client.  While this is a proactive action, any IT admin will tell you that keep AV signatures up to date is a hassle with the best products out there.

·         Now your computer thinks it knows what to look for. The problem is that if the malware is modified, the signature can become worthless and the process has to react again.

·         Even if you have the right signature, many AV products won’t find an infected file until they perform a scan of your computer. It then tries to quarantine and clean the infection. Again, this is reactive. Real-time scanning might catch some malware before it lands on your computer, but if this method is reliable than why do AV companies still advise full scans on a regular basis.

There was time when user education could do as much to prevent an infection as the best antivirus.  But when high profile, trusted sites become compromised, and drive-by downloads can infect your computer without any user interaction the ability of end-users to protect themselves diminishes greatly.

So, what is the solution? Home users will probably just have to hope for improved antivirus products and fewer vulnerabilities in their software. But to business the pain and expense of dealing with malware infection has made the concept of Application Whitelisting an attractive way to keep computers clean.   In my next post I’ll explain exactly what this is and talk about a few of the options out there.

Come join us on October 1st at 3:00PM for demonstrations and discussions of these exciting new products. What will users like most about Windows 7? What three features separate HyperV R2 from VSphere 4? Can your environment use both hypervisors effectively? Our event will be held at Sullivan's Ring Side. Click here to RSVP.

This seminar is focused exclusively on IT personnel, in a management or strategic role. Engage directly with technical experts experienced in the installation and management of these products.

I hope you can make it. Your RSVP is appreciated.

Back in August, I introduced the various components of the System Center family. I also pointed out that the cost would of licensing each product, or even licensing a single product for multiple virtual machines, would be prohibitive for most smaller organizations. However, Microsoft has responded with the Systems Center Management Suite license that includes the licenses to manage multiple virtual machines using the full System Center family for a far more approachable price.  Here is what is included:

·         A license to run the Virtual Machine Manager server.

·         Management license for:

o   Data Protection Manager (DPM)

o   Operations Manager

o   Configuration Manager

o   Virtual Machine Manager (VMM)

This license is sold in two flavors:

·         The Enterprise flavor is licensed per physical server and allows you to manage 4 virtualized operating systems on that server. 

·         The Datacenter flavor is licensed per CPU (a minimum of 2 processors) but allows you to manage an UNLIMITED number of virtualized operating systems on a physical server.  When licensed for two CPU’s the Datacenter license is only about 25% more than Enterprise, and most likely if you have more than 4 VM’s you’ll have two CPU’s and will save money by going with the Datacenter edition.

But for small environments the biggest value of the license comes when using DPM for backup. But to explain the benefit let’s use a small virtual environment example. 

We have a Hyper-V server with 4 virtual machines:

·          A domain controller/file server

·         An Exchange 2007 server

·         A SQL server

·         A SharePoint server

The DPM protection agent also comes in two flavors:

·         Standard Data Protection which allows you to perform basic file level protection of a server.

·         Enterprise Data Protection which is required to provide protection for advanced applications like Exchange, SQL, SharePoint and Hyper-V

One of the benefits that drove this small organization was the ability to backup an entire virtual machine, which means we would need an enterprise DPM license for the Hyper-V server. When a Hyper-V server is protected with the enterprise license you are also permitted to deploy a standard DPM license inside any of its virtual machines. This allows us to backup the domain controller and file server, but the other servers would each require their own Enterprise protection license. So we would need 4 enterprise licenses.  Similarly, to properly protect all these servers with alternate backup products would require a special Hyper-V agent, SQL Agent, SharePoint Agent and Exchange Agent.

But, if this company was to purchase the Enterprise Server Management Suite they would be entitled to all the Enterprise DPM licenses they needed. And because of the new pricing, they would pay less.  Just 3 enterprise DPM licenses would cost more than the enterprise suite license. And on top of that you get management licenses for all the other System Center products.

There are two gotchas with this management suite:

·         The only System Center Server license included is the VMM server license. So you still need to purchase the server licenses for DPM, Operations Manager and Configuration Manager to take advantage of the management licenses included in the suite.

·         Despite all being part of the same product family, the System Center server product cannot all run on the same server.  Only VMM and DPM can coexist.

Because of these limitations it is likely that smaller environments will only take advantage of the VMM and DPM components of the suite, but it still offers a compelling value to consider.

When should I recommend Cloud solutions to my clients? I don't know. Today I'm going to start figuring it out. I'm going to compare an on-premise build with a cloud based solution for a hypothetical 50 employee organization. Allow me to skip a lot of details and say it will provide roughly equivalent features and security. Anything required in both solutions was a wash and therefore ignored. What you're left with is mostly a lot hardware (servers, SANs, firewalls, switches for iSCSI, etc), deployment services and hardware-level support.

NOTE: All pricing is retail and rounded. Individual proposals may vary. A greenfield is assumed - no data migration. Everything that was common to both solutions was excluded so this may represent a small portion of the overall project. 

Cloud Offering:

In the cloud we'll procure 20Ghz of processor capacity, 50GB RAM, 3 TBs storage with 10 Mbps of bandwidth to host 15-18 Virtual Machines. Onsite backup for 1.5 TBs. This will run about $10,000 per month.

On-Premise Offering:

On-premise will provide provide about 60Ghz (over 24 cores), 96GB RAM, 3TB direct attached storage for backup, 3TB iSCSI SAN. We'll plan on hosting 25-30 VMs on this platform. You'll get this for about $160,000 including 200 hours for installation and configuration. See my build here. Note we dropped 25% of capacity for high-availability.

To even the playing field we have to factor in datacenter costs for the On-Premise Offering. I see a rack, 10Mbps of bandwidth, and 40A of power. Say $3000 per month?

Conclusion:

Let's compare 3 years of costs. In the cloud you're out $360,000. At home, including the data center costs, you're looking at $268,000. The $92,000 delta has to cover the hardware support and maintenance for 3 years. There is some difference in capacity and reliability. I hope it helps your evaluation to say that the cloud offering, in this case, is 35% more expensive.

Click image for single page PDF

In today's post on the CIO.com blog, Michael Hugos raises several interesting points about transitioning IT asset costs from fixed costs to variable costs. He boldly predicts that doing so will herald a rapid economic expansion. Though I'm not willing to go so far as he is, I am a big proponent of emphasizing variable costs. The justification is simple dollars and cents.

Even in small organizations IT asset acquisition is well into the tens or hundreds of thousands of dollars per year.  Dollar for dollar it is hard to beat rolling your own virtualized environment.  Do-it-yourself, if you're able, is the cheapest method. There are several mitigating factors to this:

1) The competition for those budgeted dollars is diverse. Instead of spending $100,000 this year on assets, what if you spent $35,000 on cloud-based offers and moved $65k into a marketing program, new sales reps or other projects that increase top line revenues.

2) The opportunity cost of building and maintaining that system interferes with other IT projects. By migrating routine and time-consuming tasks into optimized environments that are designed for those tasks IT departments can focus on projects that require highly specialized knowledge.

3) New cloud offerings from Terremark, Amazon and 3Tera (among others) are radically altering the scale at which IT exists in small and mid-sized businesses. The cost savings that come from purchasing a small piece of a big pie are significant when compared to your home baked pie.

Many organizations would do well to investigate methods that take IT assets off the books and put those capital dollars into more revenue generating tasks. In any economy that is just good sense.

SonicWALL has recently refreshed it's successful TZ line of network security devices, aka firewalls, for the small office marked segment. For those unfamiliar with SonicWALL's network security devices, the term firewall is a misnomer. Beyond simple packet inspection and port forwarding these devices are capable of performing realtime anti-virus, anti-spyware and intrusion protection which SonicWALL refers to as Unified Threat Management or UTM.  

The new generation is made up of three devices: the TZ100, TZ200 and TZ210.  Despite the numerical decrease the entry level TZ100 is a step up from the TZ180 and TZ190, capable of over two times more UTM processing throughput.  Beyond performance improvements the new generation is now capable of:

• SSL VPN remote access (more on SSL VPNs in a future post)
• WAN (or Internet Access) and VPN failover standard. (Note: The 5.5 firmware release will support up to 4 WAN connections)
• Hardware failover (TZ200 and TZ210 only)
• Support for 3G mobile broadband USB modems as either the primary or a backup internet connection. (TZ200 and TZ210 only)
• Also, TZ210 offers an application firewall capable of blocking or throttling specific types of network traffic over allowed protocols. For instance, limiting the bandwidth that can be used to view YouTube.

In addition to the functional improvements, SonicWALL has made significant changes to how these devices are sold.

• First, SonicWALL no longer uses licensing to restrict the number of nodes that can pass through the device. All devices will allow an unlimited number of nodes. However, that doesn't mean these devices can actually support an unlimited number of users, they still need to be appropriately sized for the environment. But, this is a great change as the previous version would start to block internet access if the number of nodes exceed the license, such as when guest laptops were using the network.
• Second, The Enhanced SonicOS firmware is now standard in all devices. The "standard" SonicOS, which had limited funcationality, has been eliminated.

Both of these changes greatly simplify the purchasing process and reduce the need for a customer to add licenses to fully utilize the device. Still, some features such as Gateway Anti-Virus and Anti-Spyware still require subscriptions that must be renewed.

Like the TZ180 all the new models are available with or without built-in wireless. However, the wireless versions of these devices support the new wireless N standard capable of up to 300MB/s of wireless traffic, nearly 6 times the throughput of the wireless G standard.  Or instead of purchasing the integrated wireless, the new TZ series also support centrally managing between 1 (TZ100) and 16 (TZ210) SonicPoint wireless access points.  When combined with power over ethernet, SonicPoint wireless access points can be easily placed in the optimal location based on the layout of your office, rather than being forced to place it in the server closet because it's integrated into your firewall.

Finally, another new feature in the TZ series is called Comprehensive Anti-Spam Service (CAS).  CAS is designed to be a hybrid between device and cloud based spam filtering, and is positioned to be an alternative to Postini, MXlogic and Microsoft's cloud email filtering services.  Basically,  when CAS is enabled and the TZ device receives an email through SMTP it sends the message up to SonicWALLs spam engine "cloud" which performs the spam analysis with the latest possible signatures and then forwards the good messages back down to the TZ. The TZ then sends the message to the email server for final delivery. This process offloads the spam analysis processing from the device and doesn't require storing and updating signatures on the TZ. While I find this to be an interesting new service it doesn't provide all the features provided by the other cloud filtering services. For instance, because the other cloud filtering vendors are the initial point of contact for all external emails they can queue up messages if your email server is down. CAS is also inbound only for the TZ devices which means your IP address could still be blacklisted.  Still this is a promising new feature and it will be interesting to see where SonicWALL takes it as it develops further.

Anyone who has ever had to sit through the video of the lions chasing the gazelles in the African safari will appreciate this video. Verne Harnish, CEO of Gazelles, Inc.,  opened up his presentation at CompTIA's Breakaway Summit with a twist on that video:

Perhaps I'm on a 'failure' kick, but that word will appear heavily in this blog entry too.  What do you think are the most common design or management failures of a business network? Trends have developed through assessing hundreds of different networks from 1 to 1000s of PCs, Here is my list, in order of severity and also expense:

1) Data Backup: Is this surprising? I regularly run across companies that don't have a functioning backup system. Most of the companies have invested thousands of dollars into these non-functioning backup systems. Backup failures are split pretty evenly between design (never could have worked) and management (might have worked before).

2) Security: Does everybody in the office share the same password? Or maybe your file permissions allow Full Control to all users? If not, those than your users share accounts to access critical data. All of these and much, much worse are common.

3) Over-Spending: Sad but true, wasting money ranks #3 on my all-time failures list. Overstaffing is easily the most expensive form. Excessive hardware, unused licenses, and 'managed services' are all common budget busters.

4) Licensing: Though much improved in the last 10 years, licensing comes in at #4. Even small businesses can own a large number of licenses with various contract terms, quantities, installed locations, and versions. Figuring out what is owned can be surprisingly difficult. The Business Software Alliance campaign that awards $50,000 to those who turn-in an employer should make every owner think twice.

Many a technology implementation has been derailed by poor project management. In this post we'll look at some common failures of technology project management.

NOTE: This is the first article where I am specifically opening the kimono a bit. This should be an internal-only distribution but, frankly, that's stupid. For a little biz like GCS we're far better off spreading the word far and wide. We're a learning organization and tomorrow is another learning opportunity. A new PM is starting and needs to gulp down all of our accumulated knowledge while hitting the ground running. The failures listed below are the three most common failures of a GCS project.

 Failure #1: Communication

While hardly unique to technology PM, communication lies at the root of most project failures. With technology the communication must be more detailed, more repetitive and more direct. More details are required because the subject is so foreign to many of the recipients. More repetitive because recipients will not allocate the time required to understand the projects goals, benefits or requirements. More direct because 'I Told You So' is the only defense of a PM stuck between a successful project and an upset user.

Failure #2: Training

What percent of users attend 'mandatory' technology training in most organizations? Far less than half. And it is rarely those knowledge workers and executives most affected by the technology changes. The 'I Told You So' defense works less well in this area though. A user unable to use a system can't avoid the need to go to training. The training will have to be conducted with that user, typically at greater expense in a one-on-one method, to accomplish the project's goals.

Failure #3:  Hardware Specification

The level of complexity in a modern network implementation is the only reason cloud computing may gain a foothold. Is the variety of PCI bus types (PCI, PCI-X, PCI-E, PCI-64) really required to accomodate the very limited number of peripherals attached to a server? If that's the case why is every card available in every bus type? And then we're mixing SATA and SAS, internal and external with a cool dozen different connectors?

Failure #4:  Documentation

The easiest task to postpone is without a doubt the most costly. Failure to document dramatically increases the long term cost of support and maintenance. And though any documentation is better than no documentation, thorough documentation can take 2-5% of the project's hours.

The solutions to these failures? I hope they're obvious. None of these issues are too complex. If you want solutions, you'll either have to pay us for it or wait for a future blog post.

Microsoft has long offered a number of system management products. Recently these products have been grouped into the System Center family of products.   The founding members of the family were SCOM and SCCM.

·         System Center Operations Manager (SCOM) is a highly extensible monitoring system. Because of its expandability SCOM can be configured to monitor an entire environment from network and server hardware to detailed monitoring of applications.

·         System Center Configuration Manager (SCCM), formerly known as SMS, is a powerful system management product capable for end to end management of both servers and client.

Historically these products have been targeted at medium to large environments. While smaller environments could benefit from the enhanced management capabilities, they could rarely justify dedicating servers to host these products or the cost of the server software. However, newer additions to the System Center family combined with virtualization have altered the playing field to a point that smaller environments should re-evaluate the potential of System Center.

Virtualization is probably the biggest game changer for the small environment. On the one hand virtualization gives smaller environments the flexibility to host additional isolated servers, like system center servers, without requiring additional expensive hardware.  The downside to this freedom is the increase in the number of systems that need to be managed.  If virtualization is added to a small environment without additional systems management capabilities the potential for problems and poorly designed environments increases drastically.

Data Protection Manager (DPM) and Virtual Machine Manager (VMM) are the newer members of the System Center family.

·         DPM is Microsoft’s foray into the backup software market. More than just another multipurpose backup solution, DPM is designed by Microsoft specifically to backup Microsoft systems and applications using the new concept of continuous data protection.

·         VMM allows IT professionals enhanced management capabilities and centralized management of virtualized environments large and small. VMM can be combined with SCOM for even more functionality to ensure optimal placement of virtual workloads.

As smaller environments begin to build virtualized infrastructures, DPM and VMM can become powerful, indispensible tools. But the cost of licensing of these products individually would seem to keep them out of reach for these environments.  Microsoft has release a new license called System Center Server Management Suite that addresses this issue, puts System Center within reach of small environments, and will be the focus on the next post in this series.

As a business asset the typical network infrastructure is valued at investment less depreciation. All design, installation and configuration costs are written off immediately. Is this a fair assessment of the value of the network?

On Forbes.com today a model for assessing the value of public/social networks is presented. They postulate that value of a network is "the net value of each user's transaction summed up for all users."  Can the same valuation be applied to business technology systems?

For many social networks the business IS the technology. You can't separate Facebook or Twitter from the application and infrastructure behind them. They are completely integrated. Can the same be said to modern business technology systems?

Most modern businesses can not function independently of their technology. Business processes have been defined, human resources selected and prices have been set based on the use of certain technologies.

So what is the value of a business's network? If $10 million of annual sales is 1) sold on Blackberries, VoIP handsets and email, 2) delivered using MS Project with parts procured on the internet and 3) accounted for on Dynamics GP (Great Plains) than "Beckstrom's Law" places the value of that network at the net earnings on that $10 million dollars. At a net margin of 7% - 10% that is $700k to $1 million dollars.

Why is this important? A $10 million dollar service company likely has no more than a $250,000 to $400,000 investment in technology. That's not a bad ROI.

Today launches a series of posts targeted at new businesses including boot-strappers and those with more financial resources. I'll review the many technology tasks required to launch your new business from selecting an accounting system to building out your first office. I'll talk about options you have at each stage and when it's appropriate to consider the more expensive options.

Password List: Before you do anything else download and use PasswordSafe. Many of the tasks below require you to setup new accounts. Most businesses lose this account information in the first months of operations and waste hours of time later proving they should have access to the accounts.

Domain: Acquiring a good domain name is a challenge as most of the prime domain names are no longer available. Find a detailed discussion about choosing a domain name here. A low cost provider, such as GoDaddy, offers the same product with a fine level of service. Do make sure that if someone is buying the domain for you it is registered in your name. Use an email address that you WILL ALWAYS have access to. This is a common frustration for young companies.

Email: Most companies begin life with a low cost form of email known as POP3 or rely strictly on a web-based provider. Hosted Exchange and Google Mail offer far superior options to regular POP3 email with relatively similar costs. Hosted Exchange is available from many vendors. You'll get better mobile device support, improved email/calendar/contact sharing and reliable data backup.

Telephones: Who needs a phone anymore? You will. Relying on cell phones becomes an extremely expensive proposition. While undoubtedly the tool of choice early on you will need phones on desks before too long. Hosted Voice over IP solutions have highly variable call quality, advanced feature sets and high recurring monthly costs. An in-office phone system is the choice of most businesses once they reach five or seven employees. Modern systems, such as the Avaya IP Office, offer advanced integration to mobile devices, telecommuters and remote employees. Advanced functional needs such as call center, call recording or specialized auto attendants may demand a phone system before staff capacity does.

Website: For a few thousand dollars you'll get a basic marketing page advertising your business. This should include several unique pages, a custom design and some ability for you to change site content without calling the design company. Expect to have to generate the text yourself.

Website Hosting: This will probably be provided by your design company. Expect to pay $15 - $30 per month for basic level hosting. Advanced sites featuring high traffic volume,
e-commerce or custom development may have hosting costs of a few to several hundred dollars.

DNS Hosting: DNS hosting is rarely mentioned by hosting companies other than they'll provide it. Many hosting companies, ISPs and technology service providers have low quality DNS systems. If DNS fails it will affect your email, website, remote access and more.

In this final installment on this round of M&A, I'll focus on preparing for the transition. These tasks can simplify the integration process while reducing your organization's risk. Click to read Part I and Part II.

User Security: Internal employee abuse is a major risk. Many unknown new employees will have access to your network and data. An aggressive computer monitoring solution can mitigate those risks. Logging all user activity tends to improve behavior on network systems. Improved behavior minimizes employment risks, such as sexual and racial harassment. Logging also deters intentional damage to your systems. Security cameras and door access control installations can add an element of protection to inventory and company assets. Door control systems allow you the ability to terminate an employee's access to buildings or areas instantly and completely.

User Limits on Technology: It is likely that your existing technology infrastructure has a user limit near your current utilization. Most technology vendors offer heavy discounts to small and mid-sized businesses. These discounts are removed at fixed employee increments. For instance, Microsoft no longer considers a business "small" after 50 employees. You may find that as you grow employee count, the per-user technology expenses increase substantially and suddenly. Investigate technology costs of the combined organization prior to the acquisition.

Accounting Security/Auditing: Quickbooks and other basic accounting packages offer limited user security within the application. Transactions such as invoices and purchase orders may be deleted. This leads to two of the most common forms of employee fraud. In the first, the employee erases invoices to steal the payment. In the second, fraudulent POs can be erased allowing the criminal to steal the ordered goods. Advanced accounting systems prevent this abuse and allow more granular security in user rights.

Accounting Transaction Limits: Every accounting system has transaction limits after which performance and reliability erode. There is a dramatic difference in the transaction limit and overall price of the first tier of accounting applications from the second tier.

Chart of Accounts Organization: As the complexity of your chart of accounts increases, you should consider a more advanced accounting package. One benefit of high-end solutions is advanced chart of accounts capabilities. Many can also manage multiple, independent organizations in a single database. This has been the mainstay of the oil and gas industry as well as other investment management organizations for years.

IT should have a prominent role throughout the M&A process. Not engaging them early enough presents significant financial risk.

In the first part of this series we started looking at the technical assessment process that IT should undertake prior to any M&A activity. In this second part we'll look at a some common financial risks which may escape some executies.

Non-Technical Assessment

Off-balance sheet leases: Equipment leases on computer networks and phone systems are very common. Leases allow the buyer to keep the liability off of the balance sheet and may be overlooked on the expense register. The most common lease, a Fair Market Value lease, has a balloon payment due at termination usually 36 to 60 months after purchase.

Telecom Contracts: Many companies go several years or more between negotiating telecom contracts. These companies can pay thousands of dollars per month too much. The company may be locked into long term contracts from 36 to 60 months. These services may be wholly incompatible with your needs. Termination fees are often the remainder of the contracted balance.

Microsoft Licensing: A popular Microsoft licensing method called Open Value requires the buyer to make three annual payments. It may not be easily recognized as an annual recurring transaction. This annual fee can easily exceed $50,000, and in some cases $100,000, in businesses with less than 100 employees.

Out of Support Technology: If equipment is out of manufacturer's support, it is prohibitively difficult to source parts. It is impossible to engage the manufacturer, which is often times required for assistance. Expect to replace or procure spare parts for all out of support hardware. Businesses that are good targets for acquisition will frequently postpone required hardware or software upgrades.