HIPAA Auditor Involved in Own Data Breach

Who audits the auditor? 

Check out Identity Finder’s recent post about the HIPPA auditor that was responsible for their own breach.  HIPAA Auditor Involved in Own Data Breach.  What seems to be a recurring song these days is how these organizations tend to minimize the value and impact of the data loss.  The data did not contain this or that or some other statement designed to offset its political impact.

Many nefarious people take the time to collect information from separate sources and combine the data to build a complete profile of someone’s identity.  This information is available to the highest bidder.  Just name your price.

Corporate identity theft is now a lot like what we technology people tell people about disk drives and other hardware.  It is not about if it will fail, it is about when it will fail.

No one is exempt.  Of course some organizations are bigger targets, but everyone needs to start addressing the potential for data loss.  Fire drills save lives.  Written Information Security Plans (WISP) save companies that would otherwise have no alternative than bankruptcy.

With so much information available online and the mounting number of data breaches there has to be a better solution.   Dolvin works with industry experts Cyber Security Auditors & Administrators (CSA2) to assess and manage your security risk.  Contact us today to see how we are different.

Understanding ERP Software Solutions

The software industry is sometimes just as bad as any other group that is trying to make their quarterly quota.  There are some people and organizations that really do care if the solution is a good one.  After all who really benefits from a poor fit?

I read recently in one of Jeffrey Gitomer’s books (Customer Satisfaction is Worthless, Customer Loyalty is Priceless) that customers will talk to their associates, friends and neighbors in response to your response to their issues/complaints.  3- If you do a good job, 10- If you do a great job, 25- If you do bad job, 50- If you get into an argument.

Point being, is not that your customer’s always right, it is more about how your acknowledge their issues.  Treat them like you would like to be treated.

Enterprise Resource Planning (ERP) software solutions should be based on understanding the real business needs.  The solutions can be found if you know what you are trying to solve and what you want to achieve.  We talk about the pain or gain of a solution.  We talk about the budget and monies needed to address the problems.  Where will the money come from?  What return (ROI) can you expect on your investment.  What will the Total Cost of Ownership (TCO) be?  Who makes the final decision and, by the way, what does he/she want? 

What is the CEO’s vision of the future?

Any given ERP solution will have a number of great functions and features.  Question:  Are they related to the challenges you are trying solve?  A great feature may be nice, but what if only one person uses that expensive option?  Will the solution help to integrate your enterprise?  Will your over burdened people ultimately become more efficient and be able to process more orders?

Are you trying to replace an outdated system?  Are you trying to consolidate separate systems?  Do you not have any formal system?  Is Excel your system?  Are you trying to use the software to solve business issues that really should be addressed by management? 

No software is a solution to poor business practices.  It will, however, help keep you organized and provide a structure to operational efficiencies.  That is of course, if you are willing to learn new ways to do the “same old job”.

Do not rush the analysis phase.  This is where your advisor delivers his or her value.  What environment do you have?  What technical skills do your users have?  Software is like any tool.  Give a carpenter a hammer and he can build walls, give him a pair of pliers and he will give you “that look”.  Have you documented your current processes?  Has each of your users listed every task they perform, every report they use?

Function/Feature is not nearly as important as Challenge/Solution.  Just ask yourself which impacts the bottom line quickest.  Dolvin works with their partners to deliver solutions.  Contact us today to see how we are different.

What is ERP?

What is ERP?

Michael Dortch has written a succinct article on Focus Research’s web site about exactly what an Enterprise Resource Planning (ERP) solution used to be considered for Manufacturing companies and how that has evolved to serve organizations of all types today.

“Enterprise” is really the key word as Michael points out.  A central repository of shared information to enable faster decision making with the right information at the right time. 

Management needs current information at their fingertips in order to respond to their dynamic markets.  Production control needs real-time information to manage the shop floor.  Sales managers need timely information to direct their sales force.

As mentioned in the article ERP selection can be a daunting task.  We encourage you to read the article and then contact us to see how we can help you filter the volume of information available.  Dolvin is here to help.

Data Breach Response Best Practices

Data Breach Response Best Practices

Cyber Security Auditors & Administrators (CSA2) web page addresses data breaches and the best practices to address your risk exposure.

With so many breaches occurring each year, what happens if your company experiences a breach?  Most large companies are taking the necessary measures to prevent security breach incidents.  Breaches have almost become business as usual.  It is a “numbness” of sorts.  We hear so much about data loss, that is seems ordinary.

Ordinary of course until it happens to your organization.  No organization is immune.  Breaches can be accidental or intentional.  Regardless of how they occur, preventative measures, no matter how advanced the security technology is or extensive the resources are, offer no guarantees.

Breaches can also be costly events when you factor in losses such as lost business, fines and litigation costs, lost shareholder value and reputation damage.  The single largest cost component is the loss of business from a tarnished reputation. 

What distinguishes one breach from another is the post-breach response.  Like a fire drill, preparedness makes the difference.  Open communication with those affected is critical.  No one likes to be left in the dark.  If breaches are common today, the response and respect to those affected make the difference of survival. 

CSA2 works with organizations to help them prepare and maintain a Written Information Security Plan (WISP) and offer solutions to protect that plan from its own breach with their proprietary WISP-Vault.

Dolvin Consulting in partnership with CSA2 offers comprehensive risk analysis and management solutions.  Contact us to see how we can help.

Key questions and considerations for ERP selection.

Key questions and considerations for ERP selection.

There are many factors to consider before purchasing an Enterprise Resource Planning (ERP) software solution.

How complicated is the implementation?  Who will be responsible and is there a dedicated project manager assigned to your project?  Are you converting from another system or starting from scratch?

How easy is the software system to use?   A serious evaluation of how people from all levels in the organization will access the information is a necessity.  This includes top management who might want to start with executive dash-boards, sales team both internal and external, customer service, shop floor data collection.  Do not forget your suppliers and customers. While many people still like to call your customer service department, many more prefer the self serve method from the Internet at a time that is convenient to them.

Are you a global or domestic organization?  Are your customers and/or suppliers domestic or international?  Do you need multi language support either for external contacts or internal workers?

What are your organizations top needs?  Financial management, operational management, manufacturing planning and execution, supply chain management, integrated contact management?  What will your needs include 3-5 years in the future?  Will your system grow with your needs?

So why would anyone consider new software?  Many look to ERP solutions to provide the structure to improve operational efficiency, reduce inventory levels, and increase revenue flow.  Coordination of work force efforts, easier access to key information needed to manage the enterprise.

Be the doctor for your organization.  Find out where the pain comes from.  That area is related to the business problems you should be addressing with an ERP solution.  The questions you ask and the answers you receive will help you determine if the fit is appropriate. 

Remember that you will be reviewing how well your Enterprise will utilize the software.  ERP solutions are typically organized in modules that correspond to either a department or functional role of your organization.  Some examples might be the Finance department which will utilize the Accounts Payable, Accounts Receivable, and General Ledger applications.  A functional role might include purchasing, procurement, receiving, and the supply chain. 

Bottom line, you will need to manage expectations at all levels in your organization.  Everyone will need to “see” the future and it will take a good deal of coordination.  The implementation is typically now the single greatest investment component.  In today’s world many organizations are already running lean.  Having cut costs for the last several years, improving the operational efficiency is the logical choice to remain competitive.  This also means that the staff now does more work with less manpower.  Implementing a new solution takes time and resources, which typically requires everyone to do “extra” work. 

Six months afterwards, you will wonder why it took you so long to commit.  Change, “they say”, is the hardest thing to deal with, but the end result will often justify the effort.

We are here to help.  You do not need to navigate the uncertain waters of change alone.  Dolvin Consulting works with industry experts VAI and IBM to define and understand your challenges.  Contact us today to find out how we can help you.

Identity Finder Team Blog | 7 Sources of Data Breaches You’ll Never Hear About: Your Phone

Identity Finder Team Blog 7 Sources of Data Breaches You’ll Never Hear About: Your Phone

Remember when you cell phone was a telephone?  Today many of us use smart phones that contain a lot of personal information, that if lost, would cause some sleepless nights.  Think of what would happen if you lost your wallet.  Now multiply that by a factor of 10 and you have an idea about the information on your phone.

Upgrading, replacing, loosing, or donating your phone can have significant consequences.  Cleaning out your old data and performing a factory default reset are minimums.  You need to contact your manufacturer and/or service provider to learn the best practice procedure to take.  Newer phones have software that can remotely lock and erase all information in your phone, if it becomes lost or stolen.

As written in the Identity Finder blog: The Law of Portable Device Breaches says that the risk of losing a device, and the information thereon, is directly proportional to its portability. In real terms, this means that you’re more likely to leave your cell phone at the bar than your desktop computer.

We can be our own worst enemies when it comes to data privacy and breaches.  Dolvin Consulting works with Industry leader Cyber Security Auditors & Administrators (CSA2) to provide comprehensive risk analysis and management. 

We are here to help.  Contact Dolvin today to see how we can help your organization develop and implement a cost effective data security solution.

Business Intelligence Done Right.

Business Intelligence Done Right.

One of the great benefits of any Enterprise Resource Planning (ERP) solution is the creation of a central repository of information that is shared across the enterprise.  Unfortunately different users from different departments have growing needs that over time inevitably lead to the creation of silos of information.

Silos of information start out small and grow over time and become more and more disconnected with the source.  A simple spread sheet with a pivot table to allow a sales manager to evaluate his on-time performance.  That data is useful and is copied by someone else to create some other report, then copied again and again.  Any report should be based on data that is not more than one or at most two steps from the original.  Data that can be refreshed easily so that it is current and accurate.

Good business intelligence tools connect directly to the source data and offer drill-down capabilities to the source.  If you want to know why the third quarter sales are off, then you have the ability to “see” the source data and draw the correct conclusion of the reported results.

Almost all Business Intelligence (BI) solutions allow you to create dashboards and/or reports of strategic information.  A critical factor is the ability to refine the data to give the right information to the decision makers in a timely manner so that smart business decisions can be made to better operational efficiencies.

Dolvin Consulting has strategic partnerships with Business Intelligence Solution providers.  Contact us to learn which solutions meet your challenges.

What problems do you hope to resolve with a new ERP solution?

What problems do you hope to resolve with a new ERP solution?

One of the many important questions you should try to answer before purchasing a new Enterprise Resource Planning (ERP) solution is:  What business problems are you trying to solve/resolve?

Of course it is important to be able distinguish between a business process and strategic issue.  Business processes are usually quantifiable.  For example, if we integrate our separate systems and reduce the overhead associated with inventory transactions, we become more efficient and can expect operational savings.  If we automate receiving with barcodes and wireless devices, we can increase the timeliness of information the customer service department uses to satisfy customer inquiries.  Add an order verification step to the Pick-Pack-Ship process to increase the accuracy of your shipments. 

These examples are only a small fraction of the questions you should discuss with your ERP consultant.  Your consultant is the person that can help translate and compare your challenges with industry solutions to drive efficiency in your organization. 

Strategic issues are less quantifiable and tend to be more big-picture.  If you are not a C-Level person, then ask your CEO what his or her dream is for your organization.  The CEO of any organization knows this explicitly and has specific goals to achieve it in a specific time frame.  For example, to be the biggest supplier in the region or sole global source provider, etc.

An ERP solution will only fulfill a strategic mission if the strategic issues are broken down into the supporting business issues.  Failure to do this will leave a lot of people disappointed. You may end up replacing some manual processes with automated solutions in order to increase productivity, but wind up falling short of the strategic mission.

To get started you and your consultant need to define what exactly where you strategically expect your business to be in the future, then break that goal down into specific business areas that can be improved.  Then match those business process improvements with ERP solutions.  After which you can compare how each solution fits the culture of your organization. 

ERP solutions are inherently complex as the strategic initiative.  Dolvin Consulting uses its partnerships with VAI and IBM to help you define and implement a solution with a great return on investment (ROI) that will enable you to achieve your strategic goals.

Click here to contact us at Dolvin.

Five Years of Cyberattacks Against 14 Countries: Operation Shady RAT - HotHardware

Five Years of Cyberattacks Against 14 Countries: Operation Shady RAT - HotHardware

This is an interesting read in security related issues.  Most people know now that many organizations from everywhere it seems have been collecting information on you.  Now just imagine some one or group took those separate pieces of information and put them together. 

Think about it.  There is no undo button.  More than likely someone had or could put together all the information they needed to target you or steal from you. 

In their research (click on article link above), McAfee gained access to one specific Command & Control server used by the hackers, and examined logs from the system. It determined that the hackers infected computers by first sending targeted emails to individuals in the companies or organizations. Once again, the weak link in security were human beings.


You do not have to be a security expert to understand that we ourselves (human beings) are the root of our own problems.  Cyber Security Auditors & Administrators (CSA2) have strategic partnerships with industry experts to help organizations of all sizes create Written Information Security Plans (WISP).  These plans are not only required, but they give you a defensible position to help with the government regulators.

Plan ahead, be prepared.  Contact Dolvin today to find your solution.

Compare 11 Leading ERP Solutions 119 Ways

Compare 11 Leading ERP Solutions 119 Ways

Inside-ERP has released an easy to read table document comparing several Enterprise Resource Planning (ERP) solutions.  The guide compares several leading solutions side-by-side and contains:

• The 11 leading vendors and products in the mid-market and enterprise ERP space
• The 119 key features that differentiate the top ERP solutions on the market
• Which features are supported by each vendor, and who delivers!
• Pricing and contact information for easy vendor evaluation and purchasing

This type of guide is a handy reference to start with.  It falls short in two specific ways.  One, there are many solutions in the marketplace and they may not have selected the ones you are interested in comparing.  Second, this is only a high level document. 

I know of no one that would be able to look at the chart and decide that one solution is best or if the listed solutions should even be considered.  Selecting a solution that will integrate your entire organization takes time, takes effort, and needs a guide to navigate the clutter.

An ideal solution would be like shopping for equipment on-line.  Use some criteria to filter the choices down to a select few, the select and compare.  You would still need to have a guide to help wade through the jungle, but at least you would be looking at something relevant.

Dolvin works with companies in the Manufacturing, Distribution and select Retail industries.  Let us share our expertise and partnerships to help you find the right solution.

Integration is the underlying strength of any ERP system.

Enterprise Resource Planning (ERP) systems help companies streamline their operations by providing a unified repository of information, improved information flow and sharing, and consistency of data.  Collaboration is the goal. 

Getting to the point where an organization is unified and redundant systems are reduced or eliminated presents the real challenge.  It is like exercising.  We all know we should do it regularly, but are we committed every day? 

To be effective an ERP implementation will have a module for every department or functional role in an organization.  This means each of these departments will need to learn a new way of performing their tasks.  These tasks may be more involved so the integrated data is collected.  A system will only be as good as data given it.  Some data capture can be automated reducing workload.  This transition is a critical phase in any implementation.  It is why Training and Implementation typically contribute 50% to the ERP budget.

From the top executive to last person paid.  Everyone needs to understand that the new solution will provide integrated reporting, inventory management and tracking, from suppliers, manufacturing, distribution, and customer delivery.  The result is a more competitive, agile, and financially strong organization.  Important results in any economy, but critical in today’s world.

Question:  Who pays each and every person in a company?  Answer: Not the person’s signature on the check.  It is the customer.  The customer purchases the product, receives the correct shipment, and pays the invoice.  When you have a fully integrated system you can improve customer satisfaction.  Reducing or eliminating shipment errors, delivering on-time, having the ability to answer your customer’s inquiry with the right information in a timely manner helps transition a satisfied customer who might repeat their order to a loyal customer that will repeat their business and go out of their way to recommend you.

Dolvin partners with industry experts VAI and IBM to deliver solutions that transform your business making it more competitive.  Please contact us today to find out how we can help you achieve your goals.