
Far and away one of the most critical things you can do to prepare your business for success in the coming year is to reduce your exposure to risk. While this can feel impossible in an era when maverick hackers and outsiders are working night and day to infiltrate your network and carry off your data into oblivion, that does not have to be the case. Don’t miss this episode as highly-regarded risk advisor Richard Ollis from the firm Ollis, Akers, Arney visits the BITE for an interview. Tap into his expertise as he illustrates how technology is imperative to making every business less risky, and how a well-designed backup and disaster restoration plan can help you avoid collateral damage. Grab a cocktail and settle in for this very special guest!
Speaker 1:
Welcome to the JMARK business innovation technology experience.
Christina:ri
In today’s episode, we’re going to talk about making the right moves and preparing your organization for risk in 2021. A few things we’ll cover are having a multi-layered approach to security. So for example, you need things like antivirus and security monitoring tools in place, but beyond that, there’s also the human element. So you need to make sure your employees are trained. And then beyond that, of course, is insurance in case something does happen. We also talk about budget. With all the risks technology does need to be a main part of your budget. And then it’s not if, it’s when in today’s world, your company will be attacked that’s just the world that we live in today. So since it will happen, you need to make sure you’re prepared. Okay, let’s get started.
Todd:
Welcome everybody to the business innovation technology experience. We’re excited to have Richard Ellis from [inaudible 00:01:01] with us this morning. We find ourselves at the tail end of a tumultuous year 2020 and the topic for today is about preparing for risks in 2021. I don’t think anybody could have predicted some of the potential risks that have occurred in 2020. Everybody always approaches their planning, thinking about backup and disaster recovery and thinking about insurance and cybersecurity insurance and all the different risks in an organization. But oftentimes it’s like from a distance and people don’t realize that it really is something that is happening right now and happening with people and what we’ve seen in 2020, I think one of the big lessons that we can take is that it can happen at any time to anybody, whether that is a natural disaster, whether that is a security event, whether that is a… whatever, there’s a million different scenarios that we could go over.
Todd:
In looking forward towards 2021, I think we all agree that we have to take a stance of caution, so to speak. We’ve talked a lot about innovation, but at the same point you can’t innovate if you’re not protected. And so looking forward into 2021, Richard, what do you see as some of the things that business owners… what are the top things that business owners really need to look at to make sure that they are set up for success for the new year?
Richard Ellis:
Well, first of all, you’re exactly right that 2020 brought on some risks and some changes that I think none of us were really planning on and prepared for. I will say a couple of things, particularly as we get into technology, we have seen the explosion of remote work where… and I’ll just give an example of us personally. We were, fortunately we were preparing for providing remote work to our staff and so we had all the technology purchased and in place, we had changed over our phone system where we can operate that remotely and this was not in preparation for the pandemic, it was really to provide more flexibility to our staff.
Richard Ellis:
Well, fortunately, we’d done all this and we were preparing to offer our staff one day a week of remote work if their job position would allow for it and then we hit the pandemic. And what has happened, not only to our business, but many businesses that can provide remote work is we figured out that, that you can be productive sometimes even more productive, working remotely, whether it be at home or from another location. And just like, we’re on this call today and we’re doing this remotely, I think a year ago, although we might’ve done a little bit of this, I bet you we’d have been in a studio and we’d have been having this conversation differently than we are now.
Richard Ellis:
And so I only say that to tee up our conversation to say that not only is technology an important part of what we all now do, it is going to become… it’s going to have exponential growth as we continue moving forward in our businesses. And so I look back on my career and it used to be back in the, what I’d call the old days, when I first got started, we were concerned about buildings and about the contents in those buildings and those types of things and we still are, but far, far more importantly, we are concerned about technology exposures, what technology can do and frankly, the risks, which I’m sure we’ll get into, that they create. And so I would just say that the risks associated with technology are growing because of the exponential use of technology that has been brought on by this pandemic.
Todd:
Yeah. I couldn’t agree with you more. The migration of workloads to a distributed workforce has been as dramatic and it’s been necessary. But as you mentioned, that also has brought about new risks that not only has the distribution of work and of data created more risks, but it’s provided an opportunity for hackers to exploit that. And so, when we say or when you hear this word exponential about security risks in 2020, I’m not even sure that word is big enough, Dax you’ll have to help me with the wordsmithing, but it is. If you look at a graph of the security incidents since the beginning of 2020 versus now, it looks like 2019 was a walk in the park. And with the distributed workforce, we see, like you said, people are beginning to embrace it.
Todd:
They’re embracing being able to have the flexibility, they’re embracing being able to have more freedom and get work done and a lot of people are seeing more productivity and all of the stats are showing that people working from home are more productive for the most part. But that doesn’t mean we can’t, we shouldn’t prepare for the risks. And as we’ve talked about on other episodes, we have to adapt, we have to innovate, we have to provide solutions of course, for our employees. But at the same point, if we get knocked in the head, because we didn’t take care of a risk, then all of that innovation, all of that great planning is going to not do any good. And so, apart from the IT side and the technology side of securing an organization, what do business owners need to make sure they have in place to protect their organization?
Richard Ellis:
A couple of things, one is really trying to nail down how you’re going to use technology, number one, in other words, are you going to deploy it from a remote workforce standpoint? Do you have VPN in place? Are all your people set up on not only wifi, but secure wifi within their homes or wherever they’re working from? And then probably as importantly, what we’ve learned is that at work I’m really used to being… if I’m sitting at my desk, I’m used to being fairly diligent about security issues. As I deployed home, I kind of lost track of the fact that I’m still at work here, and I need to make sure I continue to be diligent in how I’m approaching security, because I can be lured into a kind of my home life where I’m probably not quite as diligent as it comes to security.
Richard Ellis:
And what we’re seeing, and again, the growth has been explosive, is all of these emails and websites and things that try to trick you into clicking on links and attachments and providing information and all of those various things have really increased and are frankly breaking through our blockers and our firewalls and so forth and they’re figuring out ways to get around that. So you’ve… I really think that, again, it’s not only having the proper equipment, including firewalls, including security and all of those things in place, it’s also having the right, not only mindset, but right training for your staff so that they know what to look for, what the lookout for how to operate their equipment, how to get on VPN in an effective way and all those various things. And then I’m sure we’ll talk about this and I’m talking a lot of risk management here, but then on the back end of it is making sure you have the proper insurance policies in place to protect you in the event that something does happen and does break through.
Christina:
Yeah, that’s what we talk about all the time is that your employees are the biggest risk and training is so hugely important. And I actually educate my family all the time. I talked to them about it, they’ve never even heard of the word ransomware and I’m like, “This is very real and scary.” And I know I hadn’t heard of any of this stuff until JMARK and it’s mind blowing, it’s terrifying. This is the most important thing, in my opinion, you can do right now is educate and train every employee.
Richard Ellis:
I absolutely agree with that. And I think it’s the human side of things as to where many things get compromised in that training is so, so important.
Todd:
And what we’re essentially talking about here is a multi-layered approach to security. A lot of times, when you look at security, you’ll have a technology person come in and go, “Okay, well, we need to do this, this, this, this, this, this, this.” And it’s all related to the technology. There’s a ton of items related the technology from the antivirus on the computer, the patch management policies, the VPNs and all the different kinds of security monitoring tools but then this other layer, you both mentioned is his employees, making sure that they’re trained. And then you have, below that or maybe above, how you want to phrase it, there’s the insurance just in case something happens. But a lot of people to get insurance and don’t take the time to spend… they may not even put enough into their policy and they don’t put enough effort into securing the organization from the technology side or the employee education side and they are looking at their insurance as a just a backup save me, “I don’t need to invest in technology because I have this insurance policy.”
Todd:
What are some of the numbers that people need to realize in terms of protecting themselves and some of the gotchas that they need to realize in terms of, if something does happen from a security standpoint or disaster standpoint, that people may not be protected as much as they think?
Richard Ellis:
Yeah, well the thing I would say first and foremost is that insurance is really important and analyzing the insurance policy to make sure it fits your needs is very important. But frankly, in the event of something happening that is really only going to protect some of the financial risk or financial damage that has occurred. If you think about all the downtime and all the time that might have to be spent dealing with some type of breach or private information hitting the marketplace, and as importantly, reputational damage, if our company is out in front and in the news about a significant event happening, that really does damage to our reputation as a company. And so, although insurance is very, very important, it’s always our preference to make sure that we try to have policies, procedures and protocols in place to really minimize this risk before it ever hit an insurance policy and then again, the insurance policy, it will cover financial damage, but there are going to be many things that businesses deal with that they’re going to be dealing with outside the insurance contract.
Todd:
Yeah. So I think that when we talk about employee education, there’s also the idea of employer education or sorts, really understanding the ins and outs of the insurance policy. When a security event occurs there are legal ramifications that may or may not be covered under your insurance, there are forensic and analysis costs that may not be covered under your insurance, there are, like you said, the reputation, how can you put a price on that? Especially now when people are trying to innovate, they’re trying to move fast, they’re trying to grow their organizations, despite all of the challenges that are occurring, and then bam, you get a blow of something stupid like that happening. And so there’s all these things that we really have to look into. Do you see that the insurance is a strategy or is the insurance more of a gotcha, so to speak a backup plan?
Richard Ellis:
You know I think insurance is part of the strategy, however, it is only, and I really can’t express this strongly enough, it’s only part of the strategy. And the reason I say it’s part of the strategy is because there are provisions within that policy that you may need to adjust and tweak based on your specific needs and based on your client base and or vendors that you’re interacting with on a regular basis. But as you put that aside, I really think something that is, I was going to say as important, but I’d say more important, is the policies, procedures, protocol and the training that we talked about with your staff and, and frankly having your equipment up-to-date and protected and your network protected, those things are exceptionally important.
Richard Ellis:
So there’s that front end work that we just talked about with all of that, and then what I call the backend work and that’s the insurance policy, and then what you do in the event of a loss and part of that policy normally is access to a technology attorney and a breach coach in the event that something should happen to you, they are there to try to help walk you through the necessary steps to get you hopefully back to normal. And so again, it’s really, I think Todd in concert with one another, that those things work together.
Dax:
Yeah. I think that’s the word that keeps occurring to me is proactive. You need to have a proactive approach to managing and mitigating your risk because the fact is the world we live in today, we talk about this all the time with JMARK, it’s not a matter of if you will have some sort of cybersecurity breach, it’s a matter of when and it’s a matter of the damage that occurs on the tail end of that afterward and how you manage that damage and reduce it is by doing all the things that you’re talking about Richard, is having these processes in place, having the insurance for the financial part of it, but having the advisors on every end and, having the backup plan, having a plan to restore.
Dax:
We talk about this so often at JMARK, it’s not just about the backup, it’s about how you can restore your data and all of that stuff, and get back to work as quickly as possible, mitigate the damage to your reputation and all of these things are things that you need to be thinking about beforehand. Again, being proactive so that when it does happen, you are already have everything in place in order to weather that particular storm as smoothly as possible.
Richard Ellis:
Yeah, I agree a hundred percent and something I’ll add to that, is that backup, we’ve seen some real horror stories with backups of companies trying to access those backups only to find out that number one they’re not there or it hasn’t been backing up because they haven’t tested it. Number two, in an ideal world, you’d have some type of a backup that would be offline, off network. Because these bad people are getting really, really, smart and if they can get on your network, then they’re accessing the backup and in some cases, for lack of a better word, taking it away from you. And so then you go to try to access that backup and it’s not there, and then just as Christina said, then the ransomware demand comes forth and you don’t have an adequate backup and guess what happens then? You’re really in, in tough shape from negotiating with these bad guys. So, like you said Dax, that effort to be proactive, I think is just critical.
Todd:
I think it’s important too, to remember that when people see the news about organizations that are facing these attacks, we see in the news the big stuff. We see the FireEye they’re a big security organization, we see The National Treasury and different things that have been affected, and these are like, “Wow.” One way to look at it is those are big companies, they have money, they have lots of technology and they were still hacked. But another way to look at it is those are big companies and hackers are only interested in them. Well, the truth though, is that you don’t see a lot of the smaller companies in the business because they don’t have the financial reserves, they don’t have the backup systems that are done correctly in an offsite or disconnected immutable, it’s called, system. They don’t have the proper insurance policies and, and even, not in any way to put down insurance, but if you have a small business and your entire network is compromised and the hackers are requesting a huge amount of money that you can’t pay, business goes under.
Todd:
We’ve seen businesses, small businesses that have, have fallen victim to this. And I don’t like talking about these things because I don’t like the idea of spreading fear for the sake of fear, but going in, with the year we’ve had in 2020 going into 2021 we have to recognize, as Dax said that it’s not if, it’s when. And it doesn’t matter if you’re big, if you’re small, what location of the country you’re in, if you’re distributed in your office, if you’re hybrid, if you’re in the cloud, if you’re not in the cloud the attack vectors are all over and that’s why oftentimes it comes back to the multi-level approach of all the different things and it goes back to making sure you have a backup system that can actually restore your data in case you can’t pay that ransom or you can’t clean up the systems. Think about the data that you would lose in that kind of scenario. That’s where you start realizing that there’s a change in strategy needed.
Richard Ellis:
I think like it or not, whether you’re a large or a small business, the fact that your technology budget is growing is just a fact of being in business now. And when I say that, I just mean that having both your equipment up to date, your network and its security up to date, your remote workforce being able to be deployed and secure, the proper training as we’ve talked about and then the proper insurance policy to protect that technology and all the data that you have are things that are part of the game if you want to be in business. And I don’t necessarily like it, I’ve been in business 30 years and our technology budget has gone from what used to be a minuscule budget to where it’s now a big part of our operation, but at the same time, it allows us to be more productive, it allows us to add flexibility to our culture, it allows us to be able to operate 24/7, it allows us even through this pandemic to provide uninterrupted service to our clients.
Richard Ellis:
And so the bottom line is, is that technology has grown and is now, I believe, one of the top three things that a businesses has to have a plan around, has to be proactive about and has to think about. We talked about earlier through this pandemic about how we’re going to use it effectively and so having a plan around it being proactive and training your staff are exceptionally important.
Dax:
Yeah, I think that’s exactly… you took a lot of the words out of my mouth there, Richard, with speaking about how there’s the good and the bad of technology, there is more risk now or different risks that business owners have to weigh because of the technology. But there are all of the advantages that technology brings us in the way that we can work and what we can get done. So accepting that is accepting that managing the risk needs to be part of your strategy, part of your business strategy, part of your business plan, part of something that you take into account every step of the way.
Dax:
I’d be interested to hear Todd and Richard your thoughts on the idea that one thing that occurs to me with risks like this is that people… I think most people have a really hard time taking a lot of this stuff seriously if it doesn’t seem real to them, because it hasn’t happened to them yet. And it’s hard to get people to take something seriously when you don’t really have a concept of it, when it seems like it’s something that could happen to the other guy, even if you know it’s real, it’s like, “Well, that could happen to the other guy.” So how do we get business owners to do this, to have that healthy fear that Todd spoke about, and not the debilitating fear where, where it’s too overwhelming, you don’t want to act.
Richard Ellis:
Yeah, Dax that’s a great question. Here’s how I would try to answer that, is one, I don’t think you ever learn as acutely as when it happens to you, like you said. That’s how we’ve all heard the phrase, “I’ve learned by my mistakes and I’ve made a lot of them over the years.” But however, working with really good advisors for your business and frankly, the business I’m in and risk management and insurance, a really good advisor can bring you examples and solutions and strategies on those various risks that you’re talking about. And so learning from others, even though it hadn’t happened to you, I think is a way that that many businesses can do that.
Richard Ellis:
I’d add one thing, before Todd jumps in, and that is, we believe in making conscious decisions. And what I mean by that is, all these areas that we’ve been discussing here is, I’m okay with not buying an insurance policy if that was a conscious decision that the leaders of that business considered weigh the options and decided not to. But what pains me is when we don’t make a decision and we are then bludgeoned by some event and it’s not because we’ve made a conscious decision is because we have not made a decision that we’re blindsided and worse financially devastated.
Todd:
Yeah. I think that, one of the things that comes to my mind is, going back to what you were talking about in terms of the budget Richard, business has changed over the last 30 years, everything is technology. You want to innovate? Technology is going to be involved. You want to reduce costs? Technology going to be involved. You want to grow the organization, increase profits? Technology is going to be involved. Whatever you want to do, create better customer service, improve productivity, reduce risk, technology’s going to be involved. So we see the IT budget, yes is increasing, and this kind of goes into what we’ve been talking about, but it’s also increasing because business has shifted from whatever their business end to being a technology business. That’s kind of what we’ve been talking about. Technology runs business. And so when you look at it from that standpoint, when you look at it that technology is a part of your team, so to speak, and is contributing to all of these different initiatives in your organization, you look at that and go well, “Okay, yes, my risks have increased because technology is more intertwined with everything, but also it’s producing more. Technology is increasing productivity, it’s increasing the amount of work we can do, it’s increasing our connectivity and improving our morale and different things.”
Todd:
When people think about technology as an expense and think about cyber security policies or back up and disaster recovery plan or security systems in the organization, this idea of it’s an expense that I have to do or a necessary evil that I have to do, is the entirely wrong approach in 2020 and 2021. Because technology now is a main part of the budget, it’s what moves our organizations forward and we have to start considering it as an asset that can help our organizations, and along with any asset, we want to reduce the loss of that asset. We want to make sure that we don’t, as you say, bludgeoned ourselves. I think that’s going to be my new favorite word.
Richard Ellis:
I agree with that and think about all the things that we’ve learned through the pandemic, and I think there’s some real learning experiences. We have three offices and we used to travel quite a bit between offices and during the pandemic, obviously we weren’t traveling as much and we’ve used video conferencing and we’ve learned how to use it effectively, which is a real key, and because of that, we’ve reduced our travel time, we have increased our productivity, also we meet with clients over video where we used to have to travel out to see them and we used to print lots of material where now we’re sharing screens and providing that via attachments and email and also people are not commuting as much because some are working remotely.
Richard Ellis:
And so there are a lot of things that I think we’ve learned through this experience that we’ve all had, where we can use technology more effectively, be more productive and frankly, obviously I miss seeing people in person and we will get back to that, but I’m also convinced that we’ll be using a lot more technology in the future once we get past this pandemic, that will enable us to be more productive, more efficient, and frankly, more profitable,
Dax:
I think that’s a good point that technology is… we’re obviously acknowledging the fact that technology helps create these risks because it’s so widespread and used in every aspect of business today, every workflow. But also technology is the answer to a lot of these problems, both from the IT stance and I also think from the insurance side of things that I’m sure you Richard, over the past, I think you said 30 years over your career, have seen the use of technology to deliver better insurance products to people. You have reams of data that you can use to pinpoint where you can help people better and how you can deliver better products to different industries and different businesses and make sure to protect them better in a way that you probably couldn’t do a couple of decades ago because of technology, because that’s all available and same thing on the IT end, that we’re able to deliver solutions to some of these risks and to weaknesses in businesses networks and stuff and show up vulnerabilities much quicker and respond much more rapidly because we have the technologies to do that remotely and to proactively automate updates and that kind of thing, to make sure that these things are happening. So I think that’s the other blessing side of technology is that it also makes every business able to be more agile and respond better in a way that couldn’t happen in the past.
Richard Ellis:
Yeah. I don’t think there’s any question that it’s increased speed to a whole new level, as far as providing effective service and material. The benchmarking and data that we now have available to us is light years ahead of where it used to be just a few years ago and we’re able to analyze risk far more effectively, and then deploy resources and solutions to that more quickly and more readily. So you are exactly right, it’s really… I think the real trick though, is figuring out… people still want, and frankly need a human being to understand their situation, that they understand about them and knows them and their business or their situation, and then they use the tools that they have with technology. And so it’s about that balance of using human capital and their expertise and experience and knowledge and caring, all along with that technology, I think that’s where the magic happens. And it’s about finding that right blend to deliver to the client and the relationship that you’re in.
Todd:
I think that’s perfect. Our motto, so to speak is people first technology second, and that is exactly exemplifies why we have that. The other thing that I want to bring up before we leave in terms of risks for 2021 is the risks outside of technology. We’ve seen a lot of organizations affected throughout the country with natural disasters, the hurricane season was the biggest in history, tornadoes, Dax had an earthquake, there’s something everywhere.
Todd:
There are a ton of things that have to happen, and going back to really what you were saying, Richard, this idea of taking care of people, when an organization truly has their technology set up for flexibility like you talked about and has a backup and disaster recovery plan that they understand and know they have the policies in place, they have the training in place when there is a disaster, that’s exactly what you’re doing, you’re taking care of your people. Because you are essentially working in a new location possibly or you’re adapting to whatever the situation is, but in terms of disasters and some of these other things that are maybe outside of the realm of technology, but that technology still maybe could help. What are some of these things that we can do, that business owners can do to protect themselves and be prepared for whatever might happen in 2021?
Richard Ellis:
Great question. And as you just pointed out, the world has changed and is changing. Property and the protection of property has become far more challenging with the volatile weather that we’ve been having, whether it be in, you mentioned wildfires, hurricanes-
Todd:
And even riots.
Richard Ellis:
Earthquakes, riots, all those various things. So a couple number one, make sure you have a good handle on what it would cost to replace your property. And I will tell you that it’s just an age old mistake of thinking my property is worth what I can sell it for. That’s true if you’re selling it, but if you’re not selling it, you’re going to need to repair or replace it, and that value is far different typically, than what you can sell it for. And so the cost of construction has gone up over the past decade significantly. And to build a home today, let alone a business type of structure, a commercial building those costs associated with that are significantly different. And so I would really encourage all of our watchers and listeners to make sure they have a good handle on what it would cost to replace their properties. So that’s one thing, a great risk management strategy.
Richard Ellis:
Another is what we talked about in the way of policies and procedures, but I’ll take that and move it from technology into human resources and employment. We are seeing significant changes in employment law and the litigation associated with employment matters. And so making sure that you have an up-to-date handbook, the right policies and procedures in place and more importantly, that you have your managers and your people trained up on how to execute these policies and procedures. And then the last thing I’ll leave us with just because I knew this throughout my career, but boy did it really hit home during this pandemic and that is, is making sure that you’re building an effective team in your business. Because if you have an effective team and something goes wrong, I promise you are going to be in far better shape to execute a disaster recovery plan just have all hands on deck, helping you as you recover or try to deal with whatever the situation is. And so I can’t express enough that that is a constant, constant effort that every business should go through of building and perpetuating.
Richard Ellis:
Succession planning is something that I don’t think we all do enough of and think enough about. And, and, and that is something that is so critical to a business. And frankly, if you think about a long-term team player that has been with a business that, that knows your clients, that knows your systems, that knows your industry replacing or training up someone to take their place when they eventually exit from the company is exceptionally important, so this idea of succession planning. So I’d say property values very important, employment types and HR situation exceptionally important and then building and perpetuating a team exceptionally important. So those are the three things that I would point out in addition to the technology, Todd that we talked about today.
Todd:
Great. Hard to follow up on all that and I think Christina’s going to have trouble narrowing her list down to three. But the one thing I did want to touch on because we haven’t talked about this because you’ve mentioned policies several times and it occurred to me that JMARK has gone through a maturity over the years with policies as I assume most organizations. And when we implemented policies at the beginning, it was to implement the controls of the organization. Policies are meant to state the controls of the organization. For example, we have a policy that States that, we will have a backup disaster recovery plan. The policy states that that backup disaster recovery plan must be updated annually, it States that we have certain information that has to be stored in archive for up to seven years. And these were the controls that all of the technology, the people, the processes follow.
Todd:
What I found that I thought was really interesting that I haven’t put much thought to is, at the beginning when we rolled out policies to all the employees, it was like, “Another thing I got to read.” And it wasn’t until this year that there was a meeting, we have a team called the culture crew that talks about culture issues and the policies came up and everybody was grateful for the policies, they enjoyed reading the policies. And I think that the maturity of the organization has come to the point where people want clarity, people want to understand what they need to do, how to do it and that’s why policies are so important because they cover all of the controls of the organization. What happens with your backup and disaster recovery, what happens with your security what’s required of, if something would have happened, to a lost computer or what’s your BYOD policies and remote policies and all of these things, they drive clarity.
Todd:
It’s not about like about just a hard hammer and rules here, rules there, rules everywhere. It’s about providing clarity to the organization and that provides, clarity provides peace, clarity provides assurance and clarity in that sense improves productivity, it improves loyalty to the organization and improves the way people work together in the organization. And I just didn’t want to… you’ve mentioned that several times and we’ve kind of glossed over, but I wanted to mention that because it’s so interrelated to all of the different things we’ve been talking about.
Richard Ellis:
What a great point. And I’ll add to it just briefly to say that your policies also can create and help create your culture. And I’ll give you a couple of examples. It doesn’t have to be all this heavy handed, these are the rules kind of thing. In the pandemic we discovered that many of our people were not using their vacation because they couldn’t really go anywhere. And so we instituted a policy where they’re able to roll over some of their vacation time to the following year to make it easier and more flexible for them. We also changed our flexible work arrangement policy during the pandemic to allow for more flexibility and then we instituted a more robust short-term disability program during this process as well.
Richard Ellis:
So kind of like you say, Todd, policies they do provide clarity, they do set some rules, but you can also use them to tweak your culture, making it, frankly, making you an employer of choice, a better place to work and providing more flexibility for your staff. And so again, it’s that balance of having the right protocols in place to not only protect the company, but give the staff and the partners that you work with a better place to work and a more meaningful experience,
Todd:
And thinking about everything we’ve talked about during this episode, it occurs to me that if I had to summarize everything into a single strategy, it would be agility. I read an article yesterday that talked about how with everything that’s happened in 2020, we still have to have a long-term strategy, but we have to somewhat embrace where these… they said shortdeness or something like that, with the idea that how do we go into 2020 and be agile, if this hits us, how can we move forward? If this hits us, how do we move forward? If this hits us, how do we move forward? That’s what we’re talking about. We’re not talking about doom and gloom. We’re being real about the risks that are out there. And when you’re considering your strategy it’s all about flexibility like you’ve mentioned several times, which are just about that agility. It’s about how do we keep working? How do we keep moving forward? Taking small steps if necessary and help our organizations be successful and meet our customers where they are. But reducing risks in 2021, I think is going to start with the idea, at least the theme of how do we maintain and improve agility in our organizations.
Richard Ellis:
I think that’s great. And I think some of the things that we talked about today allow you to be agile. If you’ve got the right technology, if you’ve got the right policies and procedures and you have the right team that allows you to be agile. If you don’t have those things in place, it’s much, much more difficult to be agile.
Christina:
Okay. So I’m going to wrap it up today. Like Todd said, I could have chosen a lot of words to encompass what we talked about, but I narrowed it down to three. So first thing is multi-layered approach to security. So there are pretty much three different pieces to it that we talked about. The first piece are the things like VPN, patch management, antivirus, those kinds of things. But then beyond that it’s the human element. So making sure that all your employees are trained, know what to look for, things like that. And then beyond that, there’s the insurance. So in case something does get through those cracks, you have the insurance in place. All pieces are vital, you can’t just have one.
Christina:
Next thought and I chose is budget. So with all of the risk in the world today, technology and insurance need to be a main part of your budget. They’re not just another line item expense, like a lot of other things. I think Richard mentioned, it’s a fact that your technology budget should be growing. And I think Todd mentioned technology runs your business today, no matter what industry you’re in. And then last, this is something I think Dax mentioned which is, it’s not if anymore it’s when. So in today’s world, your company will be attacked, period, in some way, shape or form doesn’t matter size location, if you’re hybrid anything of that nature, it’s not if, it’s when. So it’s extra important to make sure all of these things are in place. So thank you so much, Richard, for joining us today.
Richard Ellis:
It was my pleasure and I look forward to doing this again sometime.
Christina:
Sounds good.
Todd:
Good.
Richard Ellis:
All right. Take care.
Speaker 1:
Thank you for attending this podcast. We hope it has been informative and help convey that at JMARK, we are people first and technology second. To learn more and discover additional content relevant to your business please visit us online at jmark.com or at LinkedIn, Twitter, Facebook and Instagram. You may also call us at 844-44 JMARK. Thank you for your time and we look forward to seeing you again.