Tag: IT management

01 Sep 2021
FIs Must Plan Ahead for IT Projects to Get Hardware in Time

FIs Must Plan Ahead for IT Projects to Get Hardware in Time

FIs Must Plan Ahead for IT Projects to Get Hardware in Time

The coronavirus pandemic has fueled ongoing inventory and material shortages in a number of industries and IT is no exception. Many components, such as servers, routers, firewalls, network switches, phones, keyboards, microphones, webcams, and more are still in relatively short supply. We’re seeing lead times for hardware delivery lasting four to six months—and the situation could get worse with the Delta variant. So, it’s crucial for financial institutions to plan ahead when ordering IT equipment.

There’s a combination of factors driving these hardware shortages and delivery delays. With more people working from home, there’s an increased need for hardware, and the rise in demand for electronic devices has placed an extra load on the semiconductor industry. Semiconductors, commonly referred to as computer chips or chips, are a core element in almost everything electronic. The semiconductor market is also consolidated with only three manufactures who can produce the most advanced chips. These factors account for some of the reasons why chips are becoming scarce during a time of heightened demand. Currently, semiconductor lead times are stretching to more than 20 weeks—almost three times the pre-pandemic norm, according to Bloomberg.

Another key factor in hardware shortages is the just-in-time production (JIT) model that many companies, including those that manufacture chips, use to turn out small batches of products instead of creating huge inventories. While this lowers their production costs, it can cause supply chain problems when there’s a rapid surge in demand. Employee shortages worsened by the pandemic have only helped to strain hardware supply chain output even further.

If you’re planning to make upgrades or replace any end-of-life (EOL) equipment, you should order it now to help ensure your institution gets what it needs in time. Another issue is not about ordering the hardware; it’s about having time to properly execute the implementation. For instance, if you need new servers, routers, or phone systems, you need ample lead time to design the project, sufficient time for deployment, and additional time to ensure everything works properly post-implementation. Thinking ahead will make the hardware acquisition and implementation much easier to manage in the long run.

Potential Impact of Not Planning Ahead

Lack of effective planning for hardware purchases could result in serious complications. For instance, if you need a new phone system, you might not be able to secure phones, switches, and routers in time for your scheduled implementation. The delivery delay could be several months which not only impacts deployment but also results in a disruption to your current business functions.

In addition, a delay in installing new equipment could lead to security problems. Often, the new version of software will not install on old hardware, which could leave your institution using obsolete software that doesn’t get the appropriate patches and updates. So, actively researching any EOL issues that could lead to this problem is critical, (Incidentally, Microsoft Server 2012 is coming up on its EOL.)

Keeping hardware and software properly updated is also a matter of regulatory compliance for financial institutions. Management should implement policies, standards, and procedures to identify assets and their EOL time frames to track assets’ EOLs and to replace, or upgrade, the asset, according to the FFIEC Examination Handbook’s Architecture, Infrastructure, and Operations booklet. The guidance states, “Failure to maintain effective identification, tracking, and replacement processes could have operational or security implications (e.g., unavailable or unapplied security updates [patches] that make technology vulnerable to disruption).”

The bottom line is: If you need any IT equipment, it could be months before it’s available. So, plan your project accordingly and order the hardware as soon as possible to ensure the success of your implementation timeline. If you need assistance with researching lead times on hardware such as servers, routers, firewalls, network switches, and more or would like support with EOL products and planning for what is ahead, Safe Systems has experts on hand to help.

05 Nov 2020
How Banks and Credit Unions Can Maintain Business Continuity to Achieve Effective IT Management

How Banks and Credit Unions Can Maintain Business Continuity to Achieve Effective IT Management

How Banks and Credit Unions Can Maintain Business Continuity to Achieve Effective IT Management

Banks and credit unions of all sizes experience some level of turnover or unexpected absence that can affect internal positions. When the IT administrator role is impacted, it can cause the most disruption, especially for smaller community institutions, as many have limited resources and may rely on only one employee in the role. When an IT administrator leaves, he or she takes with them the institutional knowledge and expertise gained through working with the FI’s unique IT infrastructure and network management processes. To lessen the impact, it’s up to the institution to effectively build continuity into its IT strategy and pay attention to the strategic decisions being made by the IT team.

In a recent Safe Systems webinar, we discussed the importance of continuity in IT and ensuring effective management of the network through transition periods. In this blog post, we highlight three key areas of focus to achieve continuity and keep the institution operating efficiently.

1. Strategic Decisions

We have seen financial institutions fall victim to the “power of one”, where the IT admin has all the knowledge and authority to make IT strategic decisions alone. Then when they leave, the rest of the institution doesn’t have a clear view of what’s been done to the network and how to properly maintain it.

Some IT admins prefer to try new technologies and add more automation to the institution’s processes. While others might stick to their comfort zone and not push for new IT tools. While it’s important to provide an appropriate level of autonomy to the IT admin, it is critical to also have a system of checks and balances in place and to examine the benefits and consequences of these decisions closely to ensure the institution has the right tools to succeed .

2. Strategic Management

For IT personnel to be successful, it is important to outline what your institution wants the IT admin to accomplish and let them know what success will look like when they achieve these goals. Some key questions to consider include: What are the desired outcomes you’re expecting from IT? Is the goal to spend their time and budget on efficiency projects, redundancy projects, or security projects? In other words, what is your tolerance for downtime, security risks, or ineffective and slower processes? How will these goals be measured?

Once these expectations are established, the IT admin should be given the freedom to do what they need to do to achieve the institution’s goals but there should also be a clear chain of command to provide oversight and to evaluate their work.

You do not want to let an employee’s expertise (or lack thereof) impact your technology or for the institution’s security to be affected negatively. Define clear objectives for your IT personnel, whether that’s uptime, recovery time objectives (RTOs), redundancy, budgeting, or specific controls you’d like to have in place to ensure the institution is operating securely.

3. Strategic Plan

Make sure the expectations and objectives you set for IT personnel align with your strategic plan. According to the Federal Financial Institution Examination Council (FFIEC), “strategic IT planning should address long-term goals and the allocation of IT resources to achieve them. Strategic IT planning focuses on a three- to five-year horizon and helps ensure that the institution’s technology plans are consistent and aligned with the institution’s business plan. Effective strategic IT planning can ensure the delivery of IT services that balance cost and efficiency while enabling the business units to meet the competitive demands of the marketplace. The IT strategic plan should address the budget, periodic board reporting, and the status of risk management controls.”

When discussing the strategic plan with management, it’s important to identify the key areas of improvement and provide information on price, level of risk, and what exactly the institution is trying to accomplish. Sometimes having an outside perspective can help push key initiatives along and get them into the budget for the year ahead.

To learn more, download the recording of our webinar, “Understanding The Lifecycle of the IT Administrator: Ensure Effective Management of Your Network.”