Tip 1: Make It Easy For Your Customers
Leaders are making themselves easy for customers to do business with by:
1. Enabling true hands-off support and maintenance. On-site staff should not have to press the reboot button, install new versions of the software, or click “OK” to security requests. Remote access should be completely transparent.
2. Providing effective tools for administering and monitoring remote access. Permissions to access and modify systems should be very clearly granted and documented, and should be easy to revoke for any reason.
3. Working anywhere, anytime. Whether your customers’ systems are peered to an Internet backbone or connected via slow dial-up line, remote access and management should just work.
Customers are paying for someone else to do the worrying for them. Making it easy for them to forget all about you makes for a very good memory at renewal time.
Tip 2: Be Secure
Managed service providers are trusted partners and the access they have to customer systems carries a significant burden of responsibility. As a result, leaders do everything in their power to make sure the ways that they remotely access systems is as secure as possible.
To assure security, managed service leaders do the following:
1. Avoid direct connections. There should be no direct connection between the remote system and the analyst’s machine. This is important because a direct machine-to-machine connection is easier to hijack. The most secure solution is to have each machine initiate a session with a common set of network services in a physically and logically secure location, and to have those services intermediate interaction between the two machines. Obviously, a signal needs to get to the target machine since it’s unattended, but the actual live connection should still go through a server network.
2. Use strong encryption. Encryption should be at last 128 bits for practical insurance against cracking. As mentioned in the Gartner quote above, a standard such as Secure Sockets Layer (SSL) should be used so that the protection afforded by the encryption is broadly understood.
Tip 3: The Internet Isn’t Perfect. Deal With It
On an engineer’s whiteboard, the Internet looks like a pretty well organized place: Internet Protocol (IP) packets whiz from machine to machine regardless of the underlying physical transport mechanism.
Those of us who have tried to download large email attachments from hotel rooms or stream video from overseas servers know better.
While poor performance may be invisible to your customers, it will directly interfere with your analysts’ ability to do their work, and as a result will hinder the adoption of VSN technology. No expert likes sitting around waiting for a screen refresh.
Make sure your VSN works well when deployed wherever your customers may be. Test it specifically through dial-ups, satellite, ISDN, WiFi, and other less-than-perfect connections.
If you’re using a hosted service, make sure that they have Internet access points that are logically close to your customers worldwide. If you’re hosting the service yourself, make sure your IT organization can support these local points of presence.
Tip 4: Set Customer Expectations
The effectiveness of Virtual Support Networks can be its own trap, raising the expectations of customers beyond a level that’s needed or mutually profitable. And, by getting attached with the technology, users can drive its use in cases when it’s less appropriate, much as patients ask their doctors to prescribe antibiotics for the common cold. The inappropriate use of powerful technology can get in the way of its effectiveness in cases when it is the right tool.
Leaders manage—and exceed—customer expectations using a combination of techniques:
• Define clear SLAs. Whether providing a managed service or supporting unattended technology from the IT help desk, leaders define service level agreements that clearly specify the actions (and in some cases, the outcomes) of support in specific circumstances. An SLA is not just a way of enforcing a contract; it’s a tool for facilitating conversations about value with the customer.
• Keep communicating with the customer. Make sure the customer knows when VNSs are mutually beneficial—and when a brief telephone conversation will accomplish the same thing more quickly. While a VSN is an outstanding way to get access to a machine, it doesn’t help at all understanding the customer’s situation, plans, or state of mind.
• Define clear policies internally for using remote support and VSNs. If your support team is clear about when the VSN should and should not be used, they’ll be able to manage customers who immediately demand remote connectivity. This is especially true when the service is value-add, but not fully managed.
Tip 5: Be Prepared For Hard Questions
Customers who are giving you remote, unsupervised access into mission-critical applications and systems are going to ask difficult questions. They’ll come from both the business and the IT side, and will increasingly focus on their own regulatory compliance issues. The most challenging will come from companies in the healthcare industry based on the stringent nature of HIPAA regulations, but all sectors are affected by compliance.
Customer-facing staff need materials—whether scripts, bullet points, FAQs, or a knowledge base article—to help them explain the benefits to customers and overcome likely concerns about security, privacy, and changes in the resolution process. They should be coached to answer customer questions based on their needs and interests (“we’ll take less of your time”) and not their own (“I don’t have to drive all the way out to your facility anymore.”)
Questions to cover include “will I be able to see what you did?” “can you take files from my machine?” “can you put viruses on my machine?” “will your software stay on my machine and monitor my actions?” “is this spyware?” and “does this cause a breach in our firewall?”
Customers need to understand that remote support is an option, not a requirement, and that their security contract will grant rights only for certain pre-defined activities.
Leading VSN users also provide white papers and detailed security information on their web site or customer extranet to help technical people at customer sites evaluate the security of the VSN. Ideally, this is backed up with internal expertise and, as a last resort, a conference call with the vendor. Vendors should provide customers with a template white paper that can be customized and branded for the specifics of the implementation.
Tip 6: Measure Effectiveness
Most support organizations need to build an ROI and business case to justify the purchase of technology, but then fail to follow up to see what the business impact actually is. This is a mistake: without measuring effectiveness, it’s hard to validate the original assumptions, and it’s hard to identify areas for improving the return. Additionally, since there is an ongoing cost component to most VSN solutions (either internal for software or paid as a service fee for hosted solutions), this cost needs to be justified as well.
Leaders track:
1. In what percentage of incidents remote support is used
2. What the alternatives would have been to the virtual support network in these incidents (e.g., 50% would have required an on-site visit; 40% would have required a customer call-back, 10% would have required an additional escalation)
3. What the cost of a VSN incident is, and what the cost of the alternative is. Most companies look to marginal cost—that is, the cost that would have been saved by not doing the last incident in this way—rather than allocating all the fixed cost equally across all incidents.
With this data, a very simple spreadsheet model can show the financial benefit of the VSN.
One other point to keep in mind: if you’re casting the benefit of VSN in pure apples-to-apples cost savings, you need to be prepared for management to take you up on the offer, which will mean layoffs or consolidations. Most organizations focus on (a) the ability to handle new support demand without scaling headcount and (b) the ability to create new value-added offerings to drive margins.
Tip 7: Create a Dedicated Team
As with any other effort, specialization has its benefits. And the leaders we spoke with have all taken the initiative to create a dedicated team that’s focused on using the VSN. This makes them expert in the tool as well as the resolution processes that are most effective. And, if a particular type of incident pops up all of a sudden, for example, related to an OS upgrade or a virus, this team can quickly document and share best practices for dealing with it.
Tip 8: Back It Up with Remote Access
Virtual Support Networks are an excellent hammer—but that doesn’t mean that all your support problems are nails.
VSNs are ideal for unattended machines: kiosks, conference rooms, and servers. They’re also good for machines without a dedicated owner, like point of sale terminals. They are not, however, appropriate for machines that are actually “owned” by someone. Dedicated users would rightly resent and feel uncomfortable about others having transparent access to their machines, no matter how legitimate the business purpose.
In the case of user-dedicated machines, back up the VSN with Internet-based remote access. In particular, select a solution that provides fine-grain opt-in privacy, so users need only grant those rights which make sense for their support needs, whether it’s view but not drive, access to specific applications, or logins to specific user accounts.
Tip 9: Keep Good Records
All public enterprises have a regulatory requirement to manage their IT resources, and all businesses have a right to know what actions their service providers are taking. This is especially true in today’s hostile security environment, in which a single badly managed technology asset could compromise the security of the entire enterprise network.
Clean audit trails are a must-have for managed service providers. Unfortunately, these are often easier said than done.
Files that are transferred and executed, or scripts that are run, can be logged in an audit trail conventionally. But many of the actions taken over a VSN work through a graphical user interface, for which a simple audit trail won’t suffice: “mouse moved to 125, 765, double clicked, moved to…” isn’t helpful.
In the case of actions taken through the desktop or GUI of a computer system the audit trail needs to include a complete session record of the activities and displays. This needs to be maintained so that customers have secure access to it, but others don’t. Also, the identities of the authenticated users taking the actions must be stored as well.
Good audit trails and session recordings will simplify compliance, increase confidence, simplify debugging, and cover you should questions arise about support practices.
Tip 10: Pick the Right Technology Partner
Most of the practices described in the previous nine tips require some technology support, as well as people and process management. After reviewing them, make sure that your business requirements capture the points that are most important to your organization. These will typically include:
1. Certified security and security architecture
2. Breadth of functionality for unattended operation
3. Auditing and session recording functionality
4. Performance over the Internet, including low-bandwidth and unreliable links
5. Effective management tools and reporting
An additional consideration is whether to select a software solution or a hosted solution. Software solutions are appealing from a control standpoint, but their total cost of ownership can be surprisingly high, given the challenges involved in creating a worldwide network that supports VSN functionality. The following table summarizes some of the trade-offs between hosted and licensed solutions:
Software Solutions
Hosted Solutions
Control
Global, highly available network
Ability to be integrated
Low starting costs
Cost predictability (vendor, not TCO)
Ability to scale to demand spikes
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment