Select Page
Why you should write a security policy today

Why you should write a security policy today

by | Sep 12, 2015 | Security

The Importance of Security Policies

Do you have all or any of the following:

  • Security policy?

  • Password policy?

  • Account lockout policy?

  • Malware policy?

A Common Scenario

Here’s a situation we encounter too often: An employee, Tim Jones, leaves the company. Two months later, someone discovers he was responsible for renewing a policy and had exclusive login credentials for the renewal process. When the new employee attempts to log in, they’re prompted for security questions that Tim set up—answers that are nowhere to be found. Calls to the company to handle the renewal lead to frustration, password resets, and account recreation. How could this have been prevented?

The answer is simple: a security policy.

What Is a Security Policy?

A security policy is a comprehensive document that establishes guidelines for computer network access and usage. It defines how an organization manages, protects, and distributes sensitive information—both corporate and client data—while providing the foundation for the organization’s overall network security framework.

While no policy book, employee manual, or process map can address 100% of employee issues, policies help get people on the same page and promote the right behaviors. A policy is fundamental to this goal and should be implemented without delay.

Essential Security Components

Your organization’s cybersecurity strategies, including policies and regulations, should address your most critical needs. Here are key components to consider:

1. Account Creation

Policies governing corporate accounts and user logins:

  • Account lockout policy
  • Compromised password policy
  • Password creation policy
  • Password protection and storage

2. Cloud Computing

Policies for managing web-based platforms and information access:

  • Remote access policy
  • Software installation guidelines
  • Web application usage
  • Internet usage policy
  • Download protocols

3. Confidentiality

Policies protecting sensitive client and employee data:

  • Email security policy
  • Confidential information handling
  • Third-party connectivity
  • Equipment use and disposal

4. Security Infrastructure

Policies covering safety, security, and data protection:

  • Anti-virus protocols
  • Backup procedures
  • Data storage guidelines
  • Mobile device information management
  • Disaster recovery planning

Implementation

Templates for these policy components are readily available online. A comprehensive security policy serves as a vital tool for managing areas vulnerable to:

  • Data loss
  • Cyber attacks
  • Natural disasters
  • Employee turnover
  • Other security risks

Getting Started

Managed IT services can assist with:

  • Implementing security policy components
  • Identifying dangerous security gaps
  • Setting up backup systems
  • Protecting against common attack vectors

Remember: The best time to create a security policy is today. Don’t wait for a security incident to highlight the need for one.

Ask An Expert

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Name*
Please let us know what's on your mind. Have a question for us? Ask away.
Disaster Recovery: Is your backup really ready?

Disaster Recovery: Is your backup really ready?

by | Sep 5, 2015 | Backup, Cloud, Managed IT Services

How much fear is behind the tens of thousands of daily searches for backup disaster recovery?

How do you know your backup recovery will work? What will you be able to restore, really? Globally, the search is on for the best backup and disaster recovery solutions for businesses. As it becomes easier to create and share data, the need for backup services increases. Fortunately, new cloud computing technologies allow for endless data sharing and syncing, and these interactions can be protected by replication services.

Backup Recovery Cloud Computing Devices

 

(more…)

5 Benefits to Testing Your Backups

5 Benefits to Testing Your Backups

by | Sep 5, 2015 | Backup, Cloud, Managed IT Services

Backup Testing: Your Business Continuity Insurance

Just as schools conduct fire drills and organizations practice emergency protocols, businesses need to test their backup systems regularly. In today’s digital landscape, data disasters aren’t a matter of “if,” but “when.” While we hope never to use these contingency plans, having tested, reliable backups is essential for business continuity.

Why Backup Testing Matters

Reality vs. Theory

Plans that look perfect on paper often reveal hidden flaws during implementation. Flowcharts and procedures might make sense in theory, but only through actual testing can we identify gaps, redundancies, and overlooked steps. The middle of a data loss crisis is the worst time to discover your disaster recovery plan has weaknesses.

Team Accountability

Regular backup testing allows for clear assignment of critical tasks to key personnel. As team members change or roles evolve, the plan can be updated accordingly. Testing creates a framework for maintaining current procedures and ensuring everyone understands their responsibilities during a recovery situation.

Enhanced Client Service

We’ve all experienced the frustration of hearing “Sorry, our system is down” from a service provider. With a tested backup system, you can confidently communicate recovery timeframes to clients and assure them their data is secure. This transparency builds trust and demonstrates professional preparedness.

Resource Optimization

Companies invest significant time and money in backup solutions. Without testing, you can’t verify whether these resources are being used effectively. Regular testing ensures your backup infrastructure meets expectations and provides the protection you’re paying for.

Risk Reduction

Backup testing helps identify vulnerabilities in your system before they become problems. Whether it’s outdated systems, human error, software glitches, or hardware failures, testing reveals weak points that could compromise your data security. By establishing multiple reliable restore points, you strengthen your disaster recovery capabilities.

Taking Action

Backup testing is like a disaster dress rehearsal – it prepares your organization for smooth recovery when real challenges arise. Consider these key steps:

  • Schedule regular backup tests
  • Document and update recovery procedures
  • Train key personnel on recovery protocols
  • Monitor and verify backup integrity
  • Test restoration processes end-to-end

Remember: The best time to verify your backup system is before you need it. Don’t wait for a crisis to discover whether your business continuity plan actually works.

Ask An Expert

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Name*
Please let us know what's on your mind. Have a question for us? Ask away.
The 10 Principles of ERP Selection Success

The 10 Principles of ERP Selection Success

by | Jul 5, 2015 | ERP Selection

Focus Your Time and Money During ERP Selection

When it comes to selecting the right ERP system, there’s one principle we see overlooked more often than any other: focus. ERP selection isn’t a back-burner project. It’s a strategic initiative that will shape the future of your business. Whether you’re upgrading from legacy systems or implementing ERP for the first time, how you manage your selection process will determine how well your new system supports growth, efficiency, and innovation.

 

Man celebrating successful ERP system selection

Focus your time.

Focus your money.

And most importantly—focus your attention on what really matters.

Why ERP Selection Deserves Your Full Focus

There’s an old saying in business: you can’t manage what you don’t measure. And you can’t measure what you haven’t prioritized.

ERP software touches every part of your organization—from sales and purchasing to shop floor operations and financial reporting. That’s why you need to treat ERP selection with the same level of discipline and investment you’d give to a new production line or major facility upgrade.

Yet too many teams try to fit ERP evaluation between daily tasks, letting months slip by with little traction. That delay doesn’t just cost time—it costs momentum, clarity, and confidence.

Build a Realistic Timeline

Most successful ERP selection projects take 3 to 6 months from kickoff to final decision. Stretching beyond that increases the risk of project fatigue, shifting priorities, and stakeholder disengagement.

Set clear milestones. Appoint a project owner. Treat ERP selection like the business-critical initiative it is—not a side task.

Form the Right ERP Review Team

ERP software doesn’t live in a silo—and your selection process shouldn’t either. Build a cross-functional team that brings voices from every part of the organization:

  • Sales and Marketing

  • Operations and Manufacturing

  • Finance and Accounting

  • Purchasing and Supply Chain

  • Human Resources

  • Executive Leadership

Each team member should expect to dedicate 4–6 hours per week, while your internal project lead should plan on 12–15 hours to manage progress, coordinate with vendors, and ensure alignment.

These aren’t optional meetings—they’re critical investments. The people who use your system every day should help choose it.

Budget for the Real Costs

ERP selection isn’t just a software expense—it’s a time and labor investment. Here’s a quick breakdown of what that might look like:

}

Internal Time Commitment

Let’s say you have 6 team members plus a project lead, each contributing 6 hours/week over 20 weeks. That’s over 800 hours of combined effort. Multiply that by the hourly cost of your leadership team, and you’ll start to see the real investment—before you even write a check to a software vendor.

External Consulting Support

Hiring an independent ERP advisor (like EstesGroup) can add structure, insight, and vendor neutrality to your process. A typical engagement might run 15 hours/week at $175/hour over 20 weeks—an investment of around $50,000–$60,000. But don’t make the mistake of thinking this replaces internal participation. The consultant brings clarity—the team brings context.

Travel & Workshops

Don’t forget discovery sessions, site visits, vendor demos, and potential travel costs. A good discovery meeting today can save hundreds of hours post-implementation.

The Cost of Distraction

We’ve seen companies spend over a year “researching” ERP systems without making a decision. By the time they’re ready, leadership has changed, priorities have shifted, and employees are disengaged. The result? Restart. Reset. Rework. With a slow-burn approach to ERP selection, success can feel impossible. Given all of the variables in ERP selection, success is often a fast play and a long play, full of risk and fury and, eventually, celebration.

That’s why we tell clients: Set the time. Commit the resources. Make the decision.

ERP is not a someday project—it’s your now strategy for operational excellence and future-proofing your business.

Let EstesGroup Help You Focus

At EstesGroup, we’ve spent more than 20 years helping companies like yours navigate ERP selection. We don’t just manage software—we guide business transformation. Our team brings deep experience in manufacturing and distribution, along with a proven ERP selection methodology that ensures time and money are spent wisely.

Let’s build a process that fits your goals, your people, and your future.

Let’s Get to Work

Need help budgeting for ERP selection success? Want to know what good looks like? Reach out—we’re here to help you simplify technology, improve operations, and gain efficiencies.

BEGIN WITH A BUSINESS PROCESS REVIEW

EstesGroup's Comprehensive Guide to the Cloud

This field is for validation purposes and should be left unchanged.
Name(Required)