Business Case #1
Premise: Building out a Tech Enabled, Multi-scenario IT solution for a small publishing business.
In office:
Scenario: Five employees at main office. President, Editor, Copy Editor, Graphics Editor, Project manager, IT Department. Hybrid workspace.
One main SOHO router, based on number of employees. AT&T router and online provider. One mainframe built out onto a rack. This also has a network attached storage on solid state disks. One small office printer.
Five in-office desks, each kitted out with preferred tech gear. Each person has different requirements. The in office computers are tethered to the mainframe with Ethernet cables. The cables are not in the walls. They are Category 6A cables. The office building has in-wall plugs for connecting the in office system to the cable system for the building. Maintaining this is part of the rent.
The wireless access system is mostly provided for the graphics department. The graphics department is on its own subnet, using MDNS to sign in. As the company grows, the IT department has explained that a centralized DHCP/LDAP system will be needed to manage all the devices. The MDNS system is small scale, aimed mostly at the tablets used in the graphics department.
President: prefers a strong desktop computer with a traditional tower, keyboard, and one monitor. Dell brand. The licenses are for traditional, stable software offerings: Microsoft Office 365, Patriot Software for accounting and payroll.
Editor: has a dock for a laptop, two monitors, headphones and dock for music. Also has a desktop tower with legacy media slots- 3 by 5 floppy disks, USB slots, all media slots. Writers use legacy systems. Dell and others.
Copy editor. One tower, with two large monitors. A KVM switch. One tablet with pen abilities. Works best scribbling on pdf formatted works submitted by authors. Receives media from editor already formatted into PDF or other document form.
Graphics Editor. Primarily uses a laptop. Has permissions set to allow new tech to be connected to an air gapped tower computer, as Graphics Editor tries out many different programs and hardware. The Graphics Editor is not pleased with this, as this involves uploading and downloading files by hand. However, the IT department tries to balance the need for new, cutting edge or obscure art technology with the security needs of the firm as a whole. Has Wacom tablets, plural, and Huion tablets,BYOD, which is why the tower is air-gapped. Works with Ipad Pro, Samsung Galaxy tab &+, Onyx Boox, Kindle Scribe.
Project manager: One laptop, no tower, chronically online with all the staff. Optimized Chromebook, with the full suite of Google Workspace. Allows project manager tremendous transparency and immediacy for all project benchmarks.
IT department: One person, tower with online presence, many small and second hand machines, parts. The IT department has to make requisition requests with Powerpoint presentations at least once a year. This is a source of frustration.
The company scaled up by getting basics. When the pieces broke, the company would authorize a replacement part, plus two additional backup pieces. There is a cabinet with mice, keyboards, and backup small hard-drives, should a tower fail. The small form factor hard drives are treated like spare tires on a jeep, while the main computer is at the repair shop.
For work at home, all staff has Dell laptops. The creative staff would prefer Ipads. However, manuscripts are best formatted in Word, therefore Dell is supplied. Staff is allowed to use their own Ipads for creative work. However, the company will not buy them.
Dell laptops are assigned, with a transport case, and an electric battery attachment. The graphic editor and copy editor have docks for additional peripherals: mice, headphones, and their other choices.
The company relies on PuTTY for VPN access during work from home days. The staff has access and uses high speed consumer internet at their homes. They foot the bill for this, as it provides their cable, streaming, internet and phone from home services for their family.
Phone system: still POTS for office. Voice calls from writers in far away places get garbled. Expensive, yet worth it. Staff is required to check in with results of phone calls. Phone calls are also recorded. Six phones with multiple lines. One for each person. Conference room phone has conference abilities, so is listed separately.
All staff brings their own cell-phones for their own personal business. Staff pay for their own private phones and phone services.
At home, for work, the preferred mode is Google Voice, paid for by the company. The transcripts are archived. Contracts and payments are negotiated by phone. The president wants no unpleasant surprises. If a contract point is not found in the Google Voice transcripts, then it is not enforceable.
Xerox stand alone Printer/ Scanner/Fax. Leased with service agreement. SLA requires that lease company tech handle all repairs. Staff limited to replacing paper.
Memory:
The publishing house explored cloud offerings. The IT department concluded that the best use of resources was a hybrid cloud model.
There is an in-house network attached storage, containing both current work and the archives of all previous work. It is a solid state device system. The rack and system were major expenses of the past year. The president of the company is barely persuaded this is a necessary expense.
The archives are backed up to a zone redundant cold storage in an Azure cloud account. It is inexpensive, and in another region. Only having one other location is not best practices, but it is what the president was comfortable with.
For Point of Sales:
Company has business accounts with Chase bank.
Company uses POS terminals sold by Chase bank. $500 each. Company owns two of them. These must be checked out and returned in good condition. Immediate photographic documentation for evidence of damage, if damaged.
The president and editor are the usual sales staff. Most writers must have their own marketing platforms. The project manager subs for general social media presence. The sales teams and volunteer teams are given email boxes and limited permissions, based on their authors’ wishes.
Software Suites:
The company has a preference for stable and low cost. Not a good customer for new, untested SaaS solutions. Microsoft, Chase, AT&T, are preferred providers for services. Patriot accounting and payroll is used. Intuit was the first choice, but the ease of use for Patriot won out. The company is willing to listen to other providers for these services. The major accounting and auditing is handled by Baker Tilly.
The copy editor has single licenses for many obscure word processing programs, as that is what the writers use. These licenses are expensed to the writer, for anything other than Microsoft Word or Google Docs.
Licenses and certificates are tracked by the IT department on an Excel spreadsheet. This also works at inventory control. An LDAP server is being requested for the next year. However, this will likely be delayed again this year. The license and certificates are audited once a year by the president and every other year by an outside accounting firm that has a software auditing division.
Security:
Company relies on being in the middle of a skyscraper, with a bank on the first two floors. The office building supplies bollards, security guards and an entry lobby with a guard. The parking garage has barricades, a security guard in a booth and cameras.
The elevator has a swipe card feature for allowing people to exit into the bank business floors. The other floors are for businesses that have walk in traffic.
The front door of the office is usually locked. There is a Ring doorbell system connected to the phone, allowing whomever is on call to go open the door to let people in. This is usually the IT person. This is a source of irritation. However, not many people come in and a receptionist would not have enough work to justify a salary and benefits.
The mainframe and rack is locked in a closet in the office of the IT person. The IT office has a lock that preferentially locks. The IT person has a key to their office. Keycards were explored, but were not considered financially viable for such a small business.
The mainframe routers and firewalls are Cisco systems. The documentation and general accessibility is why. The NAS is Intel-based. The IT department is trying to pitch Seagate as an upgrade.
The mainframe has several firewalls. There is the generic firewall between the company system and the internet. There is a defense in depth system shielding new manuscripts and projects. An early leaked project can damage the financial prospects of a new book. Therefore, the manuscripts in process are kept on a separate VLAN, in a separate subnet, behind a second firewall. However, they are not encrypted. This is based on writer’s superstitions. It is silly, but writers are both superstitious and the core of the moneymaking part of the business.
The public facing website is kept on its own screened subnet, with its own VLAN, and firewall, too. There are email address boxes for all the writers and the staff located here. This provides the most trouble from online attacks. Therefore, there is a dedicated SIEM for this.
Technical Debt:
The mainframe and desk computer set-ups are all two years old. They are 40% through their life-cycle. The graphics department is all new, first year. The mainframe servers are a mix of new and second- hand. As the servers break, they will need to be pulled, and repaired or replaced. The speculative budget for upgrading the mainframe is set aside. The maintenance budget is also stocked. The main upgrades for the year will be on the software side, which also includes training for the staff.