Fortinet completed a case study about the technology solutions Batteries + Bulbs chose on Leeward Business Advisors advice.
While in-house development is a key part of Batteries Plus Bulbs’ strategy, Lehman’s team does not hesitate to use third parties to perform specific functions or to supplement the internal team during specific projects. Cybersecurity is one area where the company has relied on service providers for close to a decade. “Franchisees want secure and compliant systems, and we do not want to pretend that we have the in-house expertise to make that happen,” Lehman contends.
Two years ago, Batteries Plus Bulbs’ contract with its managed security service provider (MSSP) was coming up for renewal, and the team knew they needed to update the way they approached security.
“We engaged our legacy provider eight years ago, at a time when retail organizations were scrambling to meet new security requirements,” Lehman recalls. Specifically, versions 2.0 and 3.0 of the Payment Card Industry Data Security Standard (PCI DSS), released in 2010 and 2014, introduced new, more stringent standards for merchants.
Specifically, Batteries Plus Bulbs appreciated the fact that LeewardBA has both security operations center (SOC) and network operations center (NOC) capabilities and uses the fully integrated security solutions of the Fortinet Security Fabric. “The Batteries Plus Bulbs team saw the value in our broad capabilities,” says Michael Polzin, CEO at LeewardBA. “Our ability to dynamically support the desktop infrastructure, switching, and the wireless infrastructure in addition to the SOC was a huge advantage.”
Deploying Comprehensive Security
The LeewardBA solution is built on FortiGate next-generation firewalls (NGFWs) installed at each store. The FortiOS operating system underlying the NGFW technology also enables all other Fortinet Security Fabric solutions—including third-party solutions developed by Fabric Partners—to be seamlessly integrated. All Fortinet solutions are backed by comprehensive, artificial intelligence (AI)-enabled threat intelligence from FortiGuard Labs. And LeewardBA has access to other sources of threat intelligence that have also been integrated into the Security Fabric.
One welcome feature of the FortiGate NGFWs is FortiGate Secure SD-WAN functionality, which the company uses to connect its 740 stores to the headquarters. This robust software-defined wide-area network (SD-WAN) technology enables the company to safely use the public internet to scale network traffic, rather than relying solely on expensive multiprotocol label switching (MPLS) circuits. “Managing this part of the solution enables LeewardBA to ensure network performance as well as security,” says Jason Klein, CTO for LeewardBA.
Another feature of FortiGate NGFWs that Batteries Plus Bulbs is taking advantage of is intent-based segmentation. “For PCI compliance reasons, our register network is separated from the rest of the infrastructure,” Lehman explains. “Being able to take advantage of the dynamic trust models in the FortiGate makes this segmentation even more robust.”
LeewardBA also manages instances of FortiManager VM and FortiAnalyzer on behalf of Batteries Plus Bulbs. “These tools enable us to provide centralized management from a single pane of glass, detailed reporting, workflow automation, and trends analysis,” says Klein. “This enables the in-house team to get a complete picture of their security posture at a glance, at any time.”
In addition to the consolidation accomplished to date, the FortiOS platform and the Fortinet Security Fabric provide the flexibility to add myriad additional security features in the future—all seamlessly integrated with centralized visibility and control. “The flexibility and scalability of the solution was a big selling point for Batteries Plus Bulbs,” says Peter Van Opens, a client success manager at LeewardBA.
Starting to See Tangible Benefits
The deployment was rather complex, given the number of point products being retired and the number of separate franchise groups Lehman’s team supports. Batteries Plus Bulbs and LeewardBA moved at a deliberate pace and recently completed the rollout. “We are now working on final fine-tuning for this project and planning for next steps,” Klein says. And while specific results are not available yet, the company is beginning to see benefits.
Perhaps the most visible benefit to Lehman’s staff was a greatly increased level of visibility of the company’s security posture and infrastructure. “We were often in the dark with our prior solution,” Lehman remembers. “Our prior MSSP did not provide us with actionable insights about what risks we faced or what we could do about them.”
“Now we have security information by glancing at a screen, and we can drill down to any level of detail we need,” says Dan Dugan, vice president of IT for Batteries Plus Bulbs. “We can take a more proactive stance to managing security. This gives us confidence that we are equipped to manage security threats for the next 5 to 7 years.”
Another benefit is the flexibility of the Fortinet solution. “I was pleased with the many ports the Fortinet devices have,” Lehman says. “This gives us the flexibility to add services in the future without having to rearrange the infrastructure.”
One example of this flexibility is that stores have been able to set up a separate wireless protocol specifically for testing smartphones and tablets that are brought in for repair. “We need to isolate customer devices from company devices,” Lehman explains. “So, it is prudent to be able to have a dedicated testing protocol.”
Controlling costs is another benefit of the LeewardBA/Fortinet solution. “This wound up being a cost-neutral project,” Lehman relates. “When we set up the security infrastructure eight years ago, franchisees starting paying a cybersecurity fee that they had not paid before, and this was frustrating for many of them. The new solution does not increase their fees, yet it delivers much more robust security and performance.”
Finally, Batteries Plus Bulbs now has a scalable solution that makes adding additional security products and services very easy. “Having a single provider gives us economies of scale, and we know that services we add later will be compatible,” Lehman asserts. “Some of what will happen in the future is unknown today, but we have the depth and breadth in our security architecture to provide protection from whatever comes along.”
Managing expenses is key to a successful business. To do that, you need to understand the actual Total Cost of Ownership (TCO) of your investment. Making your financial decision on purchase price alone is a losing strategy, and this is especially true when deciding what technology and computer equipment to purchase.
Consider the duration and detailed services provided. Most consumer PCs only come with a limited one-year warranty. PCs should be expected to last three years for business use and should have a warranty that matches.
The default warranty on most PCs requires that you pack up the unit and ship it back for repair. This means someone you don’t know has access to the data on your system and your business is without a computer. With some mail-in repairs taking two to four weeks, these are large concerns.
Instead, an ideal warranty on a business PC should provide next day, on-site repair. Downtime, shipping, and any repair costs are important factors to consider when calculating your TCO.
If you are buying a PC from an online retailer or local electronics store, you can expect it to come loaded with “bloatware”. This is the industry term for pre-installed software and apps that your business does not need. Their existence on your computer can slow it down and make you more susceptible to viruses and malware.
Additionally, those PCs will not have all the software tools specific to your business installed. This means you either must take up your own time getting the computer ready for business or pay an IT provider a steep hourly rate to complete the configuration. These expenses should also be considered in your TCO.
security and backup
Don’t forget other monthly services that are critical to safe PC operations. Those include a proper subscription for antivirus, malware, and data backup. Skipping out on those services to save a few more bucks could lead to a catastrophic business loss. Finalize your TCO by adding in the cost of monthly subscription services for security and backup.
Calculating the TCO for a PC purchase can take time and might be overwhelming. That makes it seem much easier to buy the hot deal of the month PC and take your chances. As a business leader, you know you need to make sound financial decisions and you also have to allocate your time to priority business tasks.
Surprises aren’t something that should be accepted when it comes to making good financial decisions. Overpaying for your business’s technology can severely impact your bottom line and limit your ability to invest your profit in growing your business.
Use this guide to calculate expenses related to technology ownership you might be forgetting about. Before you make technology purchases, compare the TCO of your current situation and that of the proposed purchase.
but wait, there's more
There is a lot more to consider before making technology investments. Watch for future blogs on the difference between consumer-class and business-class equipment, what a warranty should cover, unlimited vs. hourly support, and more. We would love to know what else you want to learn about. Please share your ideas through the "Ask Me" survey on this page.
At my first ‘real’ job in Information Technology (IT) I worked within a team of people assembling, configuring, and shipping large computer orders for companies like Abbott Laboratories. Orders were piling up and customers were waiting weeks to receive their new computers. I knew there had to be a faster way.
I could not stand the thought of customers’ waiting so long to get their orders filled. I proposed instead of each technician working on a small batch of orders, we follow an assembly line approach. In a few days we were cranking out pallets of fully configured computer systems, we eliminated the backlog and most orders were fulfilled the same or next day.
It was a seemingly triumphant moment, until I was called into the manager’s office. I had literally worked myself out of a job. Still, I did not regret doing the right thing for our customers. Luckily, they had another role for me to fill and similarly, it needed some mindful efficiency applied.
I continued my self-led training and successfully gained professional industry certifications in Microsoft Server technologies which led to a job in the IT department at Allstate Insurance Company.
During my nine years at Allstate I continued to apply my passion for customer experience and process efficiency. I continued to push back anytime I felt it could be done better. They were not always keen on my questions, but they humored me. I believed if my team was fully read into the business needs and goals, we could design a better solution at a lower cost. We did, reducing project costs by millions of dollars. I learned to take the time to fully understand the business needs, then design the RIGHT solution.
Training and life lessons came together for me and a light bulb went on. Long before it was a corporate buzz word, I was practicing servant leadership. I found ways to support my employees in their entirety, no more “leaving your baggage at the door” when coming to work. We built a team culture that was genuinely supportive and was not limited to dealing with 9 to 5 issues. That made us a strong team and a force to be reckoned with.
We learned to ask WHY a lot! Unbeknownst to me, this was a revolutionary way to manage IT. I was honestly doing what I thought was right in each situation.
it is the same everywhere
After accepting a role on a newly formed IT operations consulting practice with Microsoft and consulting for over 130 companies in eight different countries, I came to learn just how forward thinking my approach really was.
As I settled into a life of full-time jet setting with Microsoft, I had another illuminating moment. Regardless of geography, size, or industry, businesses tend to suffer from the same types of technology challenges. The issue with solving these challenges in large fortune 500 companies is the time it takes to undo so many years of layer upon layer of problems.
Oh, and the culture. Most fortune 500 companies have not gotten the memo about servant leadership. They spend a lot of time, and a lot of money, talking at each other about who’s problem it is to solve the problem.
The technology was not the prevalent issue across these companies. The issue was a lack of consistency, misalignment of solutions to needs, and complexity for the sake of “that’s the way we have always done it”.
maybe smaller is better
I departed Microsoft and took a role with a much smaller IT company that served small business customers. I wanted to know if the same issues were at play in companies without the layers of bureaucracy, without 100 years of built up denial, and without the multi-million dollar technology budgets.
The answer is yes, the same problems exist, and no one was solving these issues for them. I found the average small business IT service provider was gleefully intent to sell their customers anything and everything. Sometimes ten of them, just for good measure.
Instead of helping meet business needs, these IT providers were adding to the complexity, driving inconsistency, feeding into the misalignment. Not one to sit by and watch a problem grow without a solution, I left after a year.
doing the right thing
It was time to take my twenty years of insight and experience and so something impactful with it.
Working with two business partners, Leeward Business Advisors was created. We laid out a five-year business plan, filed our articles of incorporation, put $500 in our new business checking account, and started knocking on doors.
six years later
Our team meets with executives and owners, learns about their business, identifies their needs, helps them prioritize, and provides value-aligned solutions. Sometimes the solution is to reduce technology, manage it differently, and improve their process.
We have found a way to create a complete package of IT services that is consistent, without complexity, and readily aligned to most business needs. The result is Leeward Elite.
Leeward Elite is more than a product or service. It is the culmination of over 25 years of experience and insights, it is delighted employees that serve with a passion, it is the right solution without complexity, it is an outstanding experience that delivers great value, and fits comfortably into a small business budget.
Twenty-five years ago, I stood back and looked at a backlog of computer shipments, envisioned an array of disappointed customers, and instinctively modernized the process to solve the problem. Today, our team oversees thousands of computer systems, dozens of processes, and hundreds of requests a day all with the aim of solving the problem and delighting our customers.
In the future, I will cover the importance of business-class vs. consumer-class hardware, servant leadership, cybersecurity, what small businesses need to know when considering their technology needs and more. The goal of this blog is not to convince you to purchase Leeward Elite. It is to share information and help you grow your business!
Of course we are always happy to discuss whether or not Leeward Elite is the right tool for you and invite you to reach out if you would like to learn more about our services.
You can dive deeper into Leeward Elite on our website: LeewardElite.com.