Hockey Analytics: The New Power Play

New technologies are constantly appearing and proclaiming their life changing capabilities, but in reality, it can be difficult to visualize their real-word relevancy until they have gone mainstream. By that point, however, you’re often already behind the game. Big data falls into this category. It is both complex and ambiguous, and its impacts are far reaching but widely misunderstood and underestimated. Analytic systems have been around for decades, but with the new stream of valuable information being leveraged to power them, we have seen a whole new revolution in data analysis.

Case in point: the NHL.

Enabled with advanced statistics, franchises in the National Hockey League are evolving their game and strategies with deeper insights into their sport. A shift in leadership tactics has seen the addition of analytics specialists within multiple organizations in the hopes of capitalizing on the overflow of data available in today’s technologically driven world. This is nothing new, though. Baseball saw the power of statistical analytics over 20 years ago with Bill James’ sabermetrics movement, which went on to heavily influence the Oakland Athletics’ successful 2002 and 2003 MLB seasons under the helm of general manager Billy Beane – the main focus of 2011’s Moneyball starring Brad Pitt. Hockey analytics, however, aims to measure a sport that is much more difficult to quantify, but new technologies – like the possibility of microchip streaming – indicate that this is just the beginning.

Hockey Analytics quote

Data analytics in the NHL are creating a cutting edge advantage to coaching staff and executive leaders, aiding them with deciphering the best lineups, pairings, and matchups as well as developing their game strategy, driving scouting techniques, and gauging the overall health of the organization. Like in any business, the more you know, the better you can develop and prepare your organization – a concept not lost on today’s leading hockey clubs.


For the full article on the NHL’s data analytics journey, head over to, and for all you fantasy leaguers out there, “fancy stats” can help you with your draft too.


The 7 Practices of Highly Effective, Rapid Growth Businesses

There are no defined guidelines or an official rulebook for building and growing a successful business. It takes grit, a substantial amount of perseverance, and a dose of trial and error to make it in today’s business climate. Common sense rules still apply, but the wrong move or position of stagnant complacency can be deadly. Surprisingly, despite the tumultuous economy as of late, we have seen the rise of a number of super-growth organizations, businesses that have truly set themselves apart from the competition and appear to be making all the right moves. So what is their secret? In examining the strengths and successes of some of today’s rapid growth companies like GoPro, Netflix, and Yext, we have identified seven practices of highly effective businesses.

Consider this your official, unofficial rulebook to business success in the mid to late 2010s.

1. Be Value Added and Recognize Emerging Trends
First and foremost, customers want true value from you, not perceived benefits. This may seem simple enough, but what makes being a true value added organization difficult is that fact that customers are continually redefining their wants and needs. And where the customer goes, the market follows. Ultimately, this means you need to build a product or service that adds consistent and compelling value to your audience – beyond the competition – and recognizing emerging market trends can help. In the current “Car Wars” waging in a metropolitan landscape near you, the car service that will step out on top between Uber, Lyft and Hailo will be the business that best capitalizes on the point where emerging trends and customer value meet.

2. Spot Growth 
Businesses grow in two fundamental ways: to their existing customer base natively by leveraging new offerings or to new customers by moving into new markets or diversifying their portfolio. The key to success is identifying the largest potential area of growth for your organization and supporting that strategy across the business, continually reassessing the market and performance metrics.

3. Think Efficient
Hyper-growth businesses are built on a foundation of brilliant processes. Efficient and scalable, these processes enable decision makers to make timely, informed business moves based on the organization’s strategic direction to the benefit of the business, the team and the customer. Hand-in-hand with efficient processes come efficient technology solutions. It is more critical than ever that any system or platform you implement within your organization sets you up for growth, enabling the scalability and flexibility you need, when you need it.

4. Measure and Respond
Despite what some may argue, the ever ambiguous x-factor luck does not have a role in true success. Constant monitoring of performance and growth will provide insight to your path to success, allowing you to determine what is working within your organization and what simply is not so you can make adjustments as you go. You may not be able to control external forces, but you can set yourself up to react – even pro-act. This is where big data comes in to play. Data-driven technologies enable organizations to access real-time information for visibility, flexibility and responsiveness, proving that big data leads to a big market advantage.

5. Foster Focused Vision
The late, great business consultant and author Peter Drucker once said that “management is doing things right; leadership is doing the right things.” And you cannot have the former without the latter. Regardless of your superior value proposition or outstanding future growth opportunities, your organization will not grow to full success without focused leadership. A true, focused leader aligns to the company vision and drives it forward, adapting in an evolving market and proactively identifying trends.

6. Create a Following
Nothing spreads as fast as good news, except maybe bad news – and nothing is as impactful in today’s marketplace as customers sharing the word on your superior product or service. Identify your brand advocates – be they within your organization or external – in conjunction with your growth strategy and engage them through social media or traditional testimonial case studies. Creating a following of brand loyal ambassadors for your business will be your greatest differentiator on the road to success, but it is important to remember that this is a two-way dialogue. Control the story by effectively mitigating any bad press while highlighting and encouraging others to tell your story to the market. It will be your most effective marketing tool.

7. Stay Agile and Innovative
After creating and fostering an effective, rapid growth business, you may be tempted to take your foot off the gas and coast. But if there is anything we can be certain of it’s that the market can (and will) change in an instant, and today’s winners can become fast losers if they are not continually reassessing their position, their customers, and their market opportunities. Strive for innovation; keep moving and evolving. Customer’s today have more options at their fingertips than ever before, and new competition is constantly appearing – always be one step ahead of the game.

scott_kostScott Kost is the Director & Principal of Eide Bailly
Technology Consulting. With over 25 years of
experience in the IT industry, Scott’s wealth of
knowledge includes new technologies
implementation, information security and
system operations, leadership
development, and strategic planning.

Guest Blogger | Bash “Shellshock” Vulnerability: What You Need to Know Now

The media, IT security industry, and social platforms are all talking about a newly found, highly critical vulnerability named “Shellshock.” With all the hype surrounding these types of security threats, statements about this vulnerability like it “affects 50% of the internet,” “hundreds of millions of computers, servers and devices,” and is “bigger than April’s Heartbleed vulnerability” are being tossed around left and right, and frankly, it’s overwhelming. In an effort to not only promote awareness on this vulnerability but provide valuable and actionable information on the topic, we’ve brought in security expert and information technology professor Michael Ham as a guest blogger to help us truly understand what Shellshock is, what devices are impacted, and how to effectively mitigate risk.

What is Bash?

To first understand what Shellshock is, you have to understand where the vulnerability is rooted. The Shellshock vulnerability impacts a component of many Linux and Mac OS X operating systems known as the “Bash shell.” For more than 25 years, the Bash shell has provided system users and administrators with a command-line interface (CLI) to interact with their Unix-based systems. From a Windows operating system perspective, this would be the equivalent of the command prompt; the Bash CLI allows end-users to make and modify user accounts, permissions, manipulate data, and interact with the operating system in highly privileged ways.

Shellshock Vulnerability: The Basics

The Shellshock vulnerability was first reported as early as September 24 and is catching attention rapidly. The threat ultimately stems from an improper handling of global data within Unix operating systems known as environment variables; these variables are updated in a number of ways and affect how a device’s processes behave. Additional services that interact with environment variables in Unix include the Apache Web Service, OpenSSH, and DHCP, opening the vulnerability to web servers and routers.

Essentially, due to the vulnerability in these environment variables within Bash shell, attackers are able to remotely access a vulnerable system over the network and execute arbitrary command codes. If this sounds familiar it is because Heartbleed worked in a similar fashion; both are remote code execution vulnerabilities, but Shellshock allows an attacker full, outright control of a targeted system. Additionally, security experts across the industry have valued Shellshock as a high severity and low difficulty – meaning if it happens, it’s going to be bad, and it is also relatively simple for these cyber assailants to launch.

Who’s Affected?

Vulnerability disclosers are reporting that the Bash shell is vulnerable from version 1.13 to version 4.3; nearly 22 years’ worth of updates. As you can imagine, given the vast expanse of time that the vulnerability has persisted, a large number of devices are likely vulnerable to a potential attack.

The majority of devices in the spotlight fall under one of the following categories:

  • Apple Mac OS X
  • Many distributions of Linux – excluding Debian and Ubuntu which use the Dash shell
  • Embedded Unix devices, such as wireless routers

It is important to note that Windows users are not affected directly by Shellshock; however, because of the nature of Bash shell, there is always the chance that a program running on a Windows machine could run Bash and, thus, potentially be vulnerable for an attack – the two most notable being Git and Cygwin programs. Check for updates within your programs periodically.

Given the severity of this issue, many users are looking for a simple and sure-fire way of determining if their systems are affected or not.  For those running Mac OS X or Linux systems where you are able to log in and access the terminal, you may run the following command:

env x='() { :;}; echo Vulnerable’ bash -c “echo Check for updates”

If your terminal displays “Vulnerable Check for updates,” that machine is vulnerable to Shellshock.

If you receive an error message similar to this, the device is not affected:

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’

What’s the Impact?

The National Vulnerability Database, a service sponsored by the Department of Homeland Security, provides vulnerability scores based on exploitability and potential impact. As previously mentioned, Shellshock has earned a 10 ranking in both categories – the highest level of severity in their rating system.

An attacker may be able to leverage this impactful vulnerability remotely and without any credentials (unauthenticated). In the event of a successful exploitation, an attacker can create denial of service (DoS) conditions on critical services, extract sensitive data, take complete control of affected systems, and redirect network traffic to untrusted or illegitimate locations resulting in further compromise. The combination of ease of exploitation in addition to highly compromising results equates to a perfect storm that adversaries will look to take advantage of and capitalize on if users do not mitigate their risk.

What to Do?

While understanding the root of the vulnerability and the potential impacts are important, many are simply looking for a way to mitigate the associated risks. Unfortunately, being early in the discovery phase of this threat, few strategies exist to easily patch the vulnerability. As a general rule of thumb, ensure that you are running the latest versions of software and programs on your devices to best mitigate your risk. Enabling automatic updates on your devices will relieve you of this manual process, keeping you safe with the latest updates against these types of threats.

The following is a brief roundup of what can be done at this point on any affected devices:

  • Apple Mac OS X – Unfortunately, there is not yet an official patch released by Apple to address the vulnerability. Check your system updates frequently as Apple is expected to address the situation and respond accordingly in the days to come.
    • Sources have issued guides on manually updating and patching the shell in OS X. Be extremely cautious doing so, as this may lead to undesired results.
  • Linux – Patches are out for some of the well-known operating systems, such as Red Hat. Most patches appear to be released through the normal system update process.
  • Embedded Devices – Given the nature of these devices and the vulnerability itself, it is going to be difficult to determine which devices are vulnerable and which are not. Check with your devices’ manufacture for any indications on the existence of a vulnerability. They will be pressured in time to address the vulnerability and respond with appropriate patches as security researchers unveil more information about affected devices.


We will bring you more information as it is made known, but in the meantime, if you’re running Linux or OS X, install the newest security updates as they become available to keep yourself protected.

You can read more about this vulnerability from the following trusted sites:


michael_hamMichael Ham is a professor in the College of Business and
Information Systems at Dakota State University in Madison,
South Dakota where he specializes in information security,
cyber operations, and system administration.
Michael is a contracted, independent tester with Eide Bailly
Technology Consulting where he performs internal vulnerability
evaluations, external penetration testing, and social engineering


Safeguarding Trust with IT Security

We’ve all heard about the major data breaches companies both large and small have experienced as of late – from Target to Home Depot, the prevalence and size of breaches are growing. The risk of cybercrime is real and present in today’s ever-technology based life. In fact, according to a new report from the Ponemon Institute, in the last year, 43% of businesses experienced a data breach, up over 10% from the previous year. And while you may assume the compromised data is your biggest concern in the event of a security hack, the true threat is to your organization’s reputation and your ability to maintain the trust of your clients and stakeholders – although, with an average cost of $201 per stolen record in the United States, there’s a substantial financial risk to your business as well.

Trust is the currency of consumers today, and when that trust is broken, it can be extremely challenging to regain. A quality product, service or experience is only one facet of consumer trust; client satisfaction is based on their entire experience with your organization at every touch point, including how your organization safeguards that trust with an exceptional IT security strategy. It is shocking to find that 27% of businesses today do not have an established security strategy despite the steady rise in threats.

Security and privacy begins in the boardroom; it cascades over the C-suite and trickles down through the organization where it ultimately rests upon the shoulders of every single employee within your business. As you evaluate your current IT security strategy, the following are important – and often overlooked – aspects to consider.

Security Begins and Ends with Leadership  |  It is critical that you have your organization’s leadership determining the level of risk you will assume; the technology department should never lead security and privacy efforts.

Be Intentional  |  Many organizations simply put IT security tools in place and then stand back and wait for something bad to happen. Be intentional, proactive and constantly monitoring the effectiveness of your security tools so that you can continually improve process and procedures while staying ahead of risks with the latest tools and technology.

Make it a Regular Discussion  |  Security needs to be a regular aspect of every board strategy and risk assessment meeting. Board members need to be educated on what the risks are and what is being done to mitigate them.

Put the Right Tools and Policies in Place – and Monitor Effectiveness  |  Security measures may work properly in theory but fail if they are not used correctly or are altered. You must consider the human factor involved in safeguarding electronic information, and as an organization, it is important to remember that the right tools and policies are only as effective as the individuals who monitor them.

Solve for Mobile  |  Mobile devices are an integral facet of everyday life for clients and employees alike. They are also an emerging technology platform for hackers, and they pose a significant security risk within your organization. It is important to find a BYOD solution that functions correctly within your space and allows your staff and consumers to interact efficiently. Don’t be afraid of the security aspects of mobile technology; rather, manage those risks appropriately and frequently.

Train, Train, Train  |  Every employee needs to understand the risks and their role in safeguarding the trust of your clients. Regular training on policies, procedures and the human behavioral element of security is imperative, particularly during this period of rapid, evolving technological presence in the marketplace.

Test  |  Regular internal and external security testing of your tools, policies and people is truly the most effective method of assessing hidden areas of high risk within your organization. Whether you conduct these tests internally or hire a white-hat hacker to provide an additional perspective is determined by the ability and bandwidth available within your organization.

IT security is about safeguarding trust and deterring breaches. Organizations who take an intentional, proactive stance have the opportunity to drive trust and lead the industry in setting the standard for exceptional security. Ultimately, high levels of trust result in improved stakeholder satisfaction, employee retention and reduction of organizational risk – all of which are essential in today’s evolving business landscape.

mike_arvidsonMike Arvidson is the Director of Eide Bailly Technology Consulting’s
Infrastructure Services. With more than 20 years of experience in
the IT industry, Mike’s wealth of knowledge includes network
systems implementation, integrated new technologies, and
information security.


Business Analytics & Big Data: Your Golden Opportunity for Success

Big data. You hear the term all the time – in meetings, within your business network, at roundtable discussions and industry conferences – but do you really understand the concept?

Putting it simply (or, rather, as simply as possible), big data essentially refers to a set of traditional – financial records, transaction details, point-of-sale interactions – and digital information – metadata, web behavior, social exchanges – collected both internally and externally that delivers ongoing analytic discovery for your organization. It is the premium, synthetic motor oil to your engine of a business analytics system; without it, you’ll lock up trying to run on dry with flat, lifeless information.

Generating value from all these sources, however, requires powerful processing and discovery capabilities. The market today is responding with more analytics tools and functionalities than ever before, empowering users to leverage all these business facts and figures to generate genuine business insights. It’s a new approach, one that has seen the sudden demand for never-before-needed roles like data scientists and BI analysts, but even as the technology and industry progress, business users by and large aren’t capitalizing on their golden opportunity.

The statistics on leveraging the power of big data and business analytics to make better business decisions are staggering.


Whether QlikView’s dynamic, real-time visual data discovery or the newly announced “freemium” cloud-based application Watson Analytics with powerful what-if predictive insights, big data is moving into the mainstream with more innovative, easy-to-use tools. It is in your organization’s best interest to “mine for business gold” with big data analytics and gain a competitive advantage before the rest of your market cashes in on the gold rush.

darwin_braunagelDarwin Braunagel is a technology business advisor with Eide
Bailly Technology Consulting. He has more than 15 years of
experience developing and managing business and
technology strategies, with success in the selection and
implementation of ERP, CRM, Cloud, and mobile


The ERP Conundrum: Vanilla, Customized or Configured

When implementing a new ERP system or simply upgrading your current one, questions arise as to what approach best meets your organization’s business requirements. While solutions and factors vary greatly from one scenario to the next, we examined common themes in the industry and identified three common, high-level strategies for ERP system implementations: vanilla, customized, and configured.


So what are these methods, and how do they differ? When I say “vanilla,” I’m simply referring to an out-of-the-box implementation style that has little to no modification; it is the vanilla ice cream of systems with no hot fudge or fancy sprinkles. It’s simple, and often, there’s a whole other side to your sundae that you’re missing out on (but more on that later). Customized, on the other hand, refers to modifying and changing a system’s source code to such a degree that any system upgrades require additional programming and resources from your organization – think building an elaborate addition to your home and attempting to fix the cracked foundation after. And lastly, configured is an implementation style that leverages a system with inherent, built-in flexibility.

The Three Bears

I am sure everyone is familiar with the classic children’s story about an intrusive, young girl with hair of gold that trespasses on the home of three bears and proceeds to eat their dinner, break their chair, and sleep in their beds. Despite her obvious lack of social boundaries, to find an ERP system and implementation strategy that best fits your organization, I urge everyone to harness their inner Goldilocks to find the one that’s “just right.”

Vanilla | The Porridge is Too Cold

Vanilla implementation may be a viable option for small organizations with annual revenue of no more than $5M, requiring only basic accounting functionality; however, for many organizations vanilla ERP implementation requires reworking business processes. An organization may choose vanilla implementation in an attempt to ensure project success and avoid costly and complex upgrades, but this is easy implementation is not a strategic solution and the trade-offs result in inadequate functionality for many mid-market companies. Moreover, reengineering business processes requires change and adaptation by users, which may or may not be forthcoming.

Customized | The Porridge is Too Hot

Previous generations of ERP software were often accompanied by a lot of customization, and as a result, complexity and risk increased for implementation, enhancements and upgrades. Many companies have opted simply not to upgrade their existing, customized ERP system because doing so would require a substantial financial and resource commitment by the organization. In an attempt to mitigate obstacles in regards to successful ERP implementation and management, the current trend for customization is avoidance, which over the long-term, means falling short on functionality.

Keep in mind that for newer generation ERP systems the term “customization” is sometimes used as a catch-all for describing configuration and/or integration capabilities, which we’ll discuss next.

Configured | The Porridge is Just Right

Newer generation ERP systems have addressed the shortcomings of vanilla ERP implementation as well as the headaches of customizing previous generation ERP systems. Advancements targeting these issues have led to powerful configuration and integration capabilities.

Today, powerful modern ERP solutions deliver configuration functionality enabling chameleon-like adaptability that creates industry-specific ERP solutions, addressing everything from business products and processes to compliance regulations. ERP vertical offerings are pre-configured ERP systems that deliver functionality tailored to specific industries based on proven market best practices. Powerful configuration capabilities also extend beyond ERP verticals to deliver strategic implementation with unique functionality to become an organization’s true competitive advantage (for more information on that, read our latest techbITes newsletter). Also, as a general rule of thumb, the system’s source code is not altered, allowing the organization to remain on the most current version of software.

Integration is closely related to the configured style of implementation and is another key feature in finding a system that is just right. Most organizations require their ERP system to integrate – or share processes and data – with other business applications, both internal and external. Integrating with a separate, custom application may just be the solution an organization needs to meet the unique demands of a mission critical business process, and application program interface (APIs), the software gateways permitting integration into third party applications, can be the means to this end. An ERP system with an open, API-centric architecture adds functionality to the system without changing the system’s source code and, therefore, is able to sustain integration capabilities alongside system upgrades.

Experience in the Kitchen

Strategies and solutions aside, when in doubt, find a cook with experience in the kitchen to help your organization cook up an ERP porridge that is just right for you. Software is only one part of success in this equation; choosing the right ERP partner is equally as important. An experienced partner knows the ERP systems available in the market inside-out and has the expertise to optimize any and all of the functionality a particular system has to offer. Moreover, industry-specific experience is a culinary coup to look for in your search for an ERP cook, ensuring that your business’ unique requirements are considered for optimal implementation and configuration of your ERP system to deliver value both now and in the future.

stuart_tholenStuart Tholen is the Director of Eide Bailly Technology Consulting’s
Enterprise Resource Planning services. With more than 30 years of
experience in tax, audit and IT, Stuart has focused on building and
developing a consulting department to customize and integrate
business solutions for the end-user.


Creating Company Culture through Technology

Keeping in mind last week’s Labor in the Technology Industry post and the statistical proof of the blossoming potential in our field of work, organization’s may be wondering how they can capitalize on the market strength. Having a successful business and maintaining that success is a direct result of company culture, and with a great company culture comes a high level of employee retention. Ask yourself: “How do we develop the type of company culture that will attract, engage and retain the top industry talent?”

Building and enhancing culture is vital to every business, big or small. It is not a “one size fits all” situation. Depending on how you want to cultivate your company culture, certain technology tools can be utilized, such as:

  • Corporate Intranets provide tools and workspaces for employees to get work done, and provides a location to communicate company achievements and ideology.
  • Enterprise Social Networks allow employees to connect, respond, and collaborate through social structures that connect people and topics.
  • Online Brand Communities connect employees with partners, customers and would-be customers to learn about products, exchange information, and resolve issues.
  • Unified Communication Platforms leverages presence information and integrates communication tools to deliver a common user experience across devices and applications.

These tools facilitate a culture that motivates employees to engage with their coworkers on a daily basis and enjoy it. Most importantly, these technology tools help to foster a culture that results in collaboration, recognition, and trust. These three aspects serve to hold a business together and create a strong company culture.

Collaboration | In order to promote collaboration, employees need to understand that a successful business functions as a team. Every employee must work with their coworkers, in some aspect or another, to get things done. Technology tools such as a company-wide Intranet and CRM systems like Salesforce provide environments for coworkers to share files, have discussions, provide feedback, and exchange updates.

Recognition | When employees collaborate, it builds camaraderie between colleagues and within the company as a whole. This bond creates a culture of respect between employees and, therefore, greater recognition. With tools such as Yammer and SharePoint, employees are not only more aware of what their coworkers are doing but also are more likely to recognize and support their accomplishments. These technologies drive visibility and solidify connections that generate recognition.

Trust | With collaboration and recognition in place, this forms an environment that upholds professional and mutual respect between employees. When information is shared freely and openly on these technology platforms, employees expect a certain standard of trust between one another and the organization.

If technology is the solution to connecting these three key culture aspects, then the ability to leverage these tools will determine whether or not a business can create and foster a great company culture and ultimately become “the place to work.”

sandi_piatzSandi Piatz is the Director of Business Development with
Eide Bailly Technology Consulting. With more than 16
years’ experience in the technology industry, Sandi
specializes in recruitment, management, and development
of relationships, with a focus on understanding
organizations’ business objectives and aligning their
technology initiatives.


Labor in the Technology Industry

As the long holiday weekend approaches, we thought we would take a moment to reflect on the significance of Labor Day and the impact of the information technology industry.

First observed in New York City in the late 1880s and signed into congressional law 120 years ago, Labor Day celebrates the social and economic achievements of American workers to the overall strength and prosperity of our country.

The technology industry has made a substantial impact on the United Sates’ and the global economic health as a whole. Even during the 2009 recession, the industry lost only 1% of its workforce and proceeded to rebound even healthier in 2010 than the years prior according to U.S. Bureau of Labor Statistics. Between the years of 2001 and 2011, technology related employment increased by 18% despite the dot-com crash of 2000 when investors sold off large amounts of overpriced stock. In fact, the IT industry has grown by a staggering 37% since 2003, and the industry output has expanded rapidly, increasing on average 4.6% annually due to the popular implementation of complex corporate networks and computer systems.

Looking forward, projected growth for the IT industry’s output and employment is expected to exceed those of other industries, thanks in large part to new technologies like mobile platforms and cloud computing. It is an industry that is making strides in the right direction, both in technological advances that improve our day-to-day lives and in the creation of new and innovative careers.

IT Labor Statistic


sandi_piatzSandi Piatz is the Director of Business Development with
Eide Bailly Technology Consulting. With more than 16
years’ experience in the technology industry, Sandi
specializes in recruitment, management, and development
of relationships, with a focus on understanding
organizations’ business objectives and aligning their
technology initiatives.