Tag Archives: Tucson

About 1599 days ago Business Software

Tech Talk: Contractor Automates Scheduling

Roadrunner Drywall is a residential drywall contracting firm based in Phoenix but with offices also in Tucson, Ariz., and Las Vegas. Shane Mustoe, vice president and co-owner, tells IncTechnology.com that the firm, which has 310 employees, cut costs and better managed time for work crews when it automated scheduling and replaced its old dry erase board. Elizabeth Wasserman: In your line of work, is it difficult to manage projects and keep track of where your crews are? Shane Mustoe: That’s exactly the problem we were having. Drywall contracting is a little different than most trades. Drywall stocking is only done by stockers, who go to a work site and deliver the right amount of drywall. Then we have a crew of drywall hangers, an average of about four guys, who go out to the site and hang the drywall. When they’re done, there is usually some debris or scrap left over so another crew goes out with a dump truck and takes all that out of the way. Then we have drywall tapers and finishers, an average of four people on that crew as well. They go out and tape the seams and get ready for texture. In the west, we put a texture on everything when it’s complete. So then we schedule a texture crew to go out spray the texture on the drywall or hang the texture. When it’s dry, we have crew sand all the texture, clean the window frames and get the drywall ready for the painters. We often have seven different crews to schedule for one job. It’s pretty common to have 15 different employees go through one house. Wasserman: How did you used to keep track of these crews? Mustoe: We used dry erase marker boards. We had a 30-foot-long wall filled with dry erase marker boards and we would hand write the name of the job, the lot number, the date the job stocked, etc. Each phase of the job would be along the top of the board. We’d use different colors for supervisors. It was hard to keep track of the different jobs. The job flow is at different rates, depending on the size of the job. We couldn’t keep it in date order or alphabetical order. There was no way to constantly index them because they would finish at different times. It was hard to see visually where we needed a crew of hangers or tapers. We would have to go over each individual job and figure out who was needed where, who was working, and what jobs needed what crews. We had some supervisors try taking Polaroid pictures of the boards and take them out into the field. It was getting that crazy. Wasserman: What did you decide to do? Mustoe: My brother found something in a magazine about Alpha Software and their online database development solutions. There was a package for $99 so I figured I would try it. A week later I had created a scheduling application, which was wonderful, and I went in to our supervisors and said, “Here’s how you do it. But go ahead and still keep track of everything on the dry erase board. I don’t want to take a risk.” I went in a few days later and noticed they weren’t using the dry erase board anymore. They said, “We don’t need that anymore.” It allowed them to sort jobs by whether they needed hangers or tapers. They could look for jobs only on a certain side of town. We could put them in alphabetical order. It saved us countless hours every day in scheduling and it was much more accurate. Then they started asking for some other things. There are small houses and there are big houses. It would be nice if we knew how many sheets of drywall we used in each house. We had all that information in a paper file. So we just started entering that data in our Alpha Software database. We realized that all that information was coming from estimating. So I went back to the very beginning starting with estimating and wrote an estimating program with the software. Now, when we are awarded a job we electronically move the takeoff information to a job file. Then when the builder is ready to have us start the drywall, we send the material portion of the file to the supplier, the scheduled start date goes on the supervisors’ report, the material budget goes to payables, and the labor budget goes to payroll.  When the supervisor enters the name of the employee or vendor into the schedule, this name shows up at payroll and payables so the correct person or vendor gets paid for that job and the correct budget amount is already there as well.  When the job is marked as complete by the supervisor, it appears at Accounts Receivables as “ready to bill.”  As you can see the data is never entered more than once from estimating through accounting. Each employee is unknowingly adding information to each job that continues the flow of information onto the next employee. Wasserman: What kind of results have you seen? Mustoe: It’s really given us a leg up on our competition. Most of our competitors are still doing things with dry erase marker boards or with a pen and pad. Some have gone to multiple different software programs. By working with only one program that flows like this, we are able to do more work with less administrative employees.  We now invite builders into our office to show them how we operate.  They are generally impressed enough that they feel more confident in our estimates and our ability to schedule their job within their desired completion dates. This directly translates into more sales for us. 

About 4156 days ago Data Security

Creating a Cyberdefense

E-Strategies Worried that terrorists might attack U.S. computer systems next? A few simple precautions will go a long way toward protecting your company. Even before last September’s terrorist attacks, the law firm of Lewis and Roca LLP was hypercautious about safeguarding its sensitive digital documents. In fact, compared with other small companies in the law firm’s home city of Phoenix and other law firms nationwide, Lewis and Roca seemed not just security-conscious but, well, a tad security-paranoid. For instance, accessing the firm’s sophisticated client extranet had always required using a tool that constantly generated new personal-access numbers. And the firm’s network automatically logged off users whose keyboards were idle for more than 60 minutes. But that was before September 11. Afterward, like their counterparts at other businesses nationwide, Lewis and Roca executives worried even more about the possibility of unseen intruders infiltrating their computer systems. So the 51-year-old firm, which also maintains branch offices in Tucson and Las Vegas, immediately had an in-house team focus more closely on reviewing the firm’s entire data-protection arsenal. The law firm’s biggest priority, of course, is protecting the physical safety of its 350 employees, says chief operating officer Robert S. McCormick. To that end, Lewis and Roca has increased surveillance and security in all its buildings. But shielding its confidential records from theft, damage, or deletion also remains what McCormick calls a top “ethical and legal responsibility.” Lewis and Roca is far from alone in reconsidering its whole spectrum of data security. And under the circumstances, the firm is hardly overreacting. “Right now I don’t think it’s possible to be too worried” about safeguarding records, says Weston Nicolls, a former National Security Agency executive who is chief information security officer at Telenisus Corp., a provider of managed Internet infrastructure services based in Chicago. Nicolls’s concerns are shared by Michael A. Vatis, director of the Institute for Security Technology Studies at Dartmouth College. In a report released just after September 11, Vatis warned that attacks on U.S. computers were “extremely likely” as part of larger, coordinated terrorist actions launched in retaliation for U.S. military strikes. Federal officials apparently agree. Three days after the September terrorist attacks, the FBI’s National Infrastructure Protection Center issued a formal advisory warning of possible vigilante activity online. A few weeks later, the Bush administration appointed longtime White House counterterrorism coordinator Richard Clarke to the newly created job of cyberspace security adviser. Clarke has repeatedly warned Congress and U.S. businesses about the potential for a “digital Pearl Harbor” in which distant assailants would invade and damage the country’s computer networks and telecommunications systems. The good news is that there were no reports of widespread cyberterrorism in the weeks immediately following the suicide hijackings. But as the Dartmouth report points out, previous political conflicts — for instance, clashes between India and Pakistan — have led to “cyberattacks” in those countries. So as U.S. military action continues overseas, Americans need to be highly alert for a possible new wave of virtual warfare, with both distant and domestic hackers trying to deface or crash Web sites, disseminate computer viruses, and break into vulnerable networks to steal, corrupt, or delete information. Osama bin Laden’s shadowy, computer-literate followers aren’t the only potential assailants. “Even more likely are cyberattacks by sympathizers of the terrorists, hackers with general anti-U.S. or anti-allied sentiments, and thrill seekers lacking any political motivation,” the Dartmouth report warns. In other words, companies should consider cyberterrorism not just possible but probable. They should also prepare accordingly, just as a California company might plan its response to an earthquake or a power failure and an East Coast business might protect its systems and data against a likely blizzard or hurricane. That means taking stock now to determine what’s sufficiently safeguarded and what’s still vulnerable — and having an IT staffer or outsourcer make corrections immediately. “Once you’re attacked is not the time to think about how to respond,” says Mark Schertler, vice-president of networking and security services at Primitive Logic Inc., a consulting firm in Sausalito, Calif. “You should have a recovery plan in place. You should have discrete and diverse service providers so that if one gets attacked, you can still operate. And if you’re relying on the Internet for revenue, you should have redundant sources to connect to it.” What’s the minimum computer protection for small businesses? For starters, virus-scanning programs. Self-installed software that detects and stops both viruses and worms can cost as little as $100. Once the software is installed, companies should assign someone to update the protection programs at least once a week — but preferably daily — to protect against the latest nasty attack. “It’s like an arms race,” says Schertler. “New viruses are coming out all the time.” A second must-have: a firewall, or shield, between the company’s internal systems and the Internet, to prevent unauthorized intrusions. The cost for that ranges from less than $50 for a home-based business to thousands of dollars for large companies with many remote users and massive amounts of confidential or valuable information. Next, companies of all sizes should regularly back up all systems. Small companies may be able to get by with weekly backups; businesses of, say, $10 million or more in annual revenues should invest in technology that will take a data snapshot daily. Both should stash the stored data off-site. (Nicolls of Telenisus suggests using a bank vault.) Every company should also make plans to run its networks from another location if necessary. Growing companies may also want to invest in a virtual private network (VPN), which provides far-flung employees, business partners, customers, and vendors with a secure tunnel into a business’s internal computer system. They should also add security software to their road warriors’ portable equipment, such as laptops and personal digital assistants. (See ” Laptop Insecurity,” Inc, March 15, 2001.) Users of Microsoft’s Windows operating system may want to consider upgrading to the new Windows XP operating system for its built-in firewall, enhanced virus protection, and capability for encrypting files both on the desktop and in transit over the Internet. For businesses of all sizes, Primitive Logic’s Schertler, who like Nicolls is a former NSA official, recommends two other security precautions that together cost precisely nothing. First, require employees to use “strong passwords,” made-up phrases that would-be intruders can’t guess or decipher, by running programs that automatically test passwords with common words or names. “Mix up letters and symbols to create something you wouldn’t find in a dictionary,” says Schertler, something like “drB613Jzx.” Second, assign someone on staff to act as your in-house point person for software-vendor updates. That way, your company will get regular reminders about such things as upgrades and patches, which crop up over time. Some security breaches, particularly those on Web sites, happen simply because nobody has the responsibility for retrieving the remedy for a security hole. Lewis and Roca already had many of those precautions in place. But after the terrorist attacks, the firm looked even harder for potential weak spots. Its in-house security team renewed its interest in how the firm controlled access to its systems, including its public Web site and client extranet. Team members also reviewed the firm’s virus-scanning capability, as well as its plans for preserving digital records during a natural — or terrorist-caused — disaster. In direct response to the World Trade Center attack, they even researched ways to salvage paper records. “The pictures of legal documents floating through the streets of lower Manhattan made us aware that recovery of electronic data alone may not be sufficient,” says chief operating officer McCormick. “We may want to consider technologies that will provide us with electronic images of our paper documents and files.” At the same time, the law firm, like many other small businesses, realizes its security-improvement process will never be finished. “It’s fluid, it’s evolving,” McCormick says. “We’re learning new things day by day as the situation changes.” In fact, on the day McCormick made those comments, his firm had just launched a new security initiative to investigate ways to monitor incoming mail for evidence of explosives, anthrax spores, or other potentially deadly materials. The firm also advised employees about ways to protect and preserve data on their own home computers, as well as ways to secure office E-mail and voice mail. Yet despite widespread concern about cyberterrorism, the FBI’s data indicate that most security problems originate within a company’s walls, either by accident or by design. For that reason, experts also recommend that companies monitor their networks for unauthorized remote access, set alarms to indicate large deletions of files, and remove ex-employees’ access to computer, E-mail, and even voice-mail systems as soon as they’re out the door. As security expert Nicolls puts it, “Unfortunately, people can still screw up the very best technology you can buy.” Anne Stuart is a senior writer at Inc. Computer and Internet Security Resources COMPUTER SECURITY WARNINGS AND ADVISORIES FBI’s National Infrastructure Protection Center www.nipc.gov CERT Coordination Center, Carnegie Mellon University (Funded by U.S. Department of Defense) www.cert.org The System Administration, Networking, and Security Institute www.sans.org COMPUTER SECURITY INFORMATION AND TRAINING Computer Security Institute www.gocsi.com FREE TIPS ON PREVENTING SECURITY PROBLEMS AND CYBERTERRORISM ATTACKS Telenisus Corp. www.telenisus.com REPORT PREDICTING CYBERATTACKS DURING THE U.S. WAR ON TERRORISM The Institute for Security Technology Studies, Dartmouth College www.ists.dartmouth.edu/ISTS/counterterrorism/cyber_attacks.htm Hands On 48 Hours: How do you eliminate bureaucratic bottlenecks? Siamak Farah, CEO of InfoStreet, a $1.8-million developer of corporate intranets in Tarzana, Calif., wants his 15 staffers to take initiatives and run with them — as opposed to waiting for a manager’s approval. So in early 2000 he inaugurated “the 48-hour rule.” “If an employee comes up with an idea or proposal and submits it to his or her superior, the superior has two working days to respond,” he explains. If a manager doesn’t respond within 48 hours, then the employee can proceed under the assumption that the manager has granted approval. Farah says the rule has “done wonders” for decision making and initiative taking. And what if, perchance, a manager is away for two days? Nothing changes. Absentees must delegate the decision making to a second-in-command. –Ilan Mochari The Whole New Business Catalog Inc Query: How Do I Get to the Next Level? Best of the Net: B-School Brains Creating a Cyberdefense Stop the Net, I Want to Get Off Let’s Make A Deal The Unkindest Cut of All Please e-mail your comments to editors@inc.com.