Digital Transformation Pitfalls—And How to Avoid Them

Digital Transformation Pitfalls—And How to Avoid Them


Digital Transformation Pitfalls—And How to Avoid Them

Digital Transformation Pitfalls—And How to Avoid Them

Digital transformation is a broad term that refers to the use of digital technologies to accelerate business performance. Although at its most basic level, digital transformation entails movement from paper-based systems to digital, the connectivity enabled by cloud computing, along with technologies like AI and mobile devices, have created a world of possibilities for companies in terms of customer reach and satisfaction.

Enticed by these possibilities, many companies have jumped eagerly into digital transformation, only to find disappointment. It is estimated that as many as 70% of digital transformations fail, at least in their initial implementation1. To help your business avoid the costly failures other companies have experienced, we’ve compiled the following list of common missteps to avoid when planning and implementing your digital transformation:

Lack of Clear Goals

Digital transformation is not an end in itself; it is a process that should be targeted at improving your company’s capabilities to accomplish one or more specific business goals. Such goals are often primarily tied to enhancing customer experience, but they may also be aimed at improving cross-departmental communication, improving collaboration with external partners, increasing operational efficiency, or reducing costs. When digital transformation efforts are not aligned with specific goals, an expensive failure is almost a certainty. Revlon’s high-profile digital transformation debacle of 2018 was partially due to lack of clear vision for the project, and their stock fell 6.9% in the 24 hours after the failure was publicly announced2.

What to Do About It

  • Establish specific business goals that digital transformation can enable
  • Develop IT strategy that clearly links new technologies with specific business goals
  • Get business leaders and technology leaders “on the same page” regarding digital transformation goals and strategy

Choosing the Wrong Technology

This mistake can result when digital transformations lack specific goals, but it can also occur if you become infatuated with a specific technology just because it strikes your fancy. Some refer to this as “shiny object” syndrome, and any of us can be prone to it. However, it is essential that the tech you implement aligns closely with your identified goals for digital transformation, making it vital that you set aside any personal biases and choose the best-fit technology for your goals.

What to Do About It

  • Use team-based decision-making to prevent undue imposition of any one individual’s biases
  • Consider pros and cons of multiple solutions, technologies
  • Include external consultant for an outside perspective

Ignoring Change Management Elements

The term “digital transformation” has an almost magical feel, but don’t let the mystique of the terminology fool you into thinking that the technology itself is all your company needs to be transformed. Digital transformation is a fundamentally human process, and we humans are creatures of habit. For some employees, habits related to current technology are hard to break, and you might see resistance or pushback to new technologies. Do not underestimate the risks of this pitfall—employee resistance to new tech is the #1 barrier to successful digital transformation3.

What to Do About It

  • Enlist “early adopter” employees as change agents to encourage new tech adoption
  • Involve employees in every phase of the digital transformation
  • Make sure employees understand how the new tech will benefit them

Trying to Do Too Much Too Fast

Digital transformation is a complex process that needs to be completed thoroughly to succeed. The pressure to produce quick results has led many firms down the road to failure, as rushing the process can mean that employees are not sufficiently trained, and new systems are not tested thoroughly enough to identify glitches or points of failure. Even large companies like Haribo have had to learn this lesson the hard way. Their rushed digital transformation in 2018 resulted in supply chain issues that caused a 25% drop in sales4.

What to Do About It

  • Create a realistic roadmap that includes time for all required phases, including staff training
  • Prioritize your business goals rather than trying to do “everything” in one fell swoop
  • Include sufficient time for systems testing before going live

Allocation of Insufficient Resources

This digital transformation misstep dovetails with the pitfall discussed previously, but it is an important issue to consider separately as well. Digital transformations cannot be completed in a half-hearted way by skimping on resources, which can happen even in resource-heavy environments. Hewlett-Packard’s famous digital transformation fail in 2004 is a prime example. Insufficient resource planning and poor coordination across departments resulted in the company losing about 5 times what it invested in its digital transformation5.

What to Do About It

  • Create a realistic budget that includes costs of testing, training, and maintaining new systems
  • Determine a realistic timeline that allows for all phases and occasional setbacks
  • Consider external consultation to accurately scope and structure the project

NexusTek provides executive-level technology leadership services, strategic IT consulting and assessment, and ongoing managed IT services to support customers’ digital transformations from initial conception and planning all the way through implementation, testing, and maintenance.

Is your business ready to advance into new realms of possibility through digital transformation?


1. Deloitte. (2020). Digital transformation: Are people still our greatest asset?

2,5. Global Digital Assurance. (2022, May 18). 5 high-profile digital transformation fails.

3. Economist Intelligence Unit. (2018). In brief: Managing the pace of technological change.

4. Kimberling, E. (2021, April 8). Top 10 digital transformation failures of all time, selected by an ERP expert witness. Third Stage Consulting Group.

Are Your IoT Devices Leaving the Door Open for Hackers?


Are Your IoT Devices Leaving the Door Open for Hackers?

Quick Quiz:

  1. Could smart light bulbs in your office provide threat actors an entryway into your IT network?
  2. Could a fish tank thermometer be a portal hackers exploit to steal your customers’ financial information?
  3. Could your smart fridge be part of a botnet used to launch distributed denial-of-service (DDOS) attacks?

Undeniably, these scenarios read like some sort of fever dream, like a dystopian novel written in 1993 when the World Wide Web was still young and full of mystery.

But in 2023, these scenarios are reality. Harnessing the global connectivity we now take for granted, the internet of things (IoT) has taken the world by storm, with a multitude of smart gadgets that feed our insatiable hunger for convenience, pique our curiosity about the leading edge of tech, and dazzle us, honestly, just by being plain “cool.” The enticing frontiers of tech often come with their risks, however, and with IoT, cybersecurity risks are significant for both individuals and businesses.

How Do IoT or “Smart” Devices Create Cybersecurity Risks for Businesses?

If your business uses IoT devices like smart thermostats, wearable technologies, smart assistants, or internet-accessible security cameras or doorbells, to name just a few, your entire IT network may be subject to cybersecurity risks common to such devices. These security risks emerge from factors including:

  • Poor or Limited Security Measures: Many smart devices are developed to meet cost and efficiency imperatives. The downside to such emphasis is often a lack of attention to security features. This can create cyber vulnerabilities due to issues like lack of encryption, substandard authentication processes, or failure to provide timely security updates.
  • Default User Credentials: IoT devices are often programmed with default usernames and passwords that do not meet strong password criteria. For example, manufacturers may designate default credentials that are well-known, that can be easily guessed, or that could be quickly unlocked by hackers using a password cracker. Although end users do have the option to change device credentials upon initial installation, many users fail to do so. This makes their IoT devices essentially an “unlocked front door” to their entire IT network.
  • Lack of Firmware Updates: As with any technology, IoT devices may have unidentified security vulnerabilities that are only discovered after they are released to the market. Standard practice for technology manufacturers is to release security updates as soon as possible to patch vulnerabilities that threat actors may exploit. However, although some IoT manufacturers may release regular firmware updates to fix these issues, there are still many that do not adhere to this well-established procedure for supporting customer cybersecurity. This leaves consumers in the difficult position of trying to identify which manufacturers they can rely on for updates, and which they cannot.
  • Substandard Encryption: Encryption, the process through which data is converted into a secret code that conceals the information it contains, is often insufficient in IoT devices. The result of poor encryption is that it makes it easier for threat actors to intercept and decipher user data that is transmitted over networks. This leads to serious privacy concerns.
  • Data Privacy Issues: Many users or businesses are unaware that IoT devices collect large amounts of data once they are deployed. If users are not fully aware of what data is being collected or how it will be used, they are clearly not empowered to make judgments with regard to data privacy. Importantly, if such data falls into the wrong hands—which the previous bullet established as a distinct possibility—it can place businesses, employees, and other entities in the business ecosystem at risk of identity theft or other privacy-related issues.
  • Physical Vulnerabilities: Finally, because IoT devices are often installed in public spaces or in easily accessible locations throughout the workplace, this makes them prone to tampering by malicious actors. Physically tampering with an IoT device can degrade its security, creating a window of opportunity for hackers looking for a way into the business’ IT network.

Protecting Your Business Against IoT Cybersecurity Risks

Given the above vulnerabilities, how is a business to proceed if it chooses to use smart devices in the workplace? Following are recommendations for protecting your business against IoT device-related cybersecurity risks:

  • Cybersecurity Assessment: Given the complexity and variability of IoT device cyber risks, most small and medium-sized business (SMB) leaders benefit from the counsel of a cybersecurity expert when addressing IoT-related cyber risks. To get a comprehensive picture of your organization’s security, with full attention to how any IoT devices may be affecting your security posture and how to secure each one, there is no substitute for a professional assessment.
  • Password Policy: An absolute must with IoT devices is that you establish a policy that requires changing default credentials upon installation. Furthermore, as with your devices and applications, your business should have mandatory password criteria that are communicated via a clear policy. For example, the policy should stipulate that all passwords meet requirements related to length, uppercase and lowercase letters, numbers, and symbols.
  • Firmware Updates: As with any updates, firmware updates for IoT devices must be installed promptly. When considering the addition of new smart devices to your network, do your homework and identify manufacturers with good track records related to firmware updates.
  • Decommission Unsecured Devices: For those IoT devices that are not secure due to physical tampering or lack of firmware update availability, the safest choice is to remove them from your network and replace them with devices that can be secured.
  • Security Policy: IoT devices have become so commonplace that employees may use them in the workplace without thinking to notify IT. To counter this risk, communicate clear policies to employees regarding use of IoT devices in the workplace.
  • Multi-Layered Cybersecurity: Because IoT devices sit within a larger IT network, their compromise may open the door to malicious activity that spreads throughout the network. A multi-layered cybersecurity program contributes to the overall security of your entire network through monitoring and alerting functions that help you to identify, halt, and remediate any emerging threats in real-time.

Providing expert cybersecurity assessments, cybersecurity policy consultation, and a wide range of cybersecurity services and solutions, NexusTek has supported SMBs to maintain IT excellence for over 25 years.

Need guidance on securing IoT devices? Consult with a cybersecurity expert today.

Quiz Answers:

  1. Yes, this is possible. See this source for more information.
  2. Yes, this has occurred. See this source for more information.
  3. Yes, this has occurred. See this source for more information.

Sharpen Your Competitive Advantage: Using IT to Differentiate Your Business


Sharpen Your Competitive Advantage: Using IT to Differentiate Your Business

It goes without saying that, in highly competitive markets, small and medium-sized businesses (SMBs) need to carve out a niche in which they outshine their competitors. Many SMBs hone their competitive advantage by focusing exclusively on development of innovative products or services. Offering a superior product is a fabulous way of differentiating your business, but an angle that SMBs often ignore is use of IT infrastructure to enhance competitive advantage.

Your IT may seem like a given, like a set of tools that merely help you get through the day’s tasks. But the truth is that IT has grown into a monumental strategic resource for businesses of all sizes. Indeed, IT has become so tightly intertwined with business strategy that some experts propose that all businesses are now technology businesses.


Ways to Use IT to Enhance Competitive Advantage

Enhance Your Online Presence:

Today’s customers use online platforms to conduct pre-purchase research like never before. Many SMBs continue to use outdated and sluggish websites, but the customers of today are looking for more. In fact, 79% of customers report that they would be less likely to return to an online site if they weren’t happy with its speed1. In other words, slow websites lose customers. Getting the right foundational IT infrastructure can help you to develop a website that is modern, fast, and intuitive for customers. Expanding your online presence into social media channels gives you an edge as well, as customers are increasingly using social media to learn about and engage with brands.

Offer E-commerce Options:

Adding e-commerce options is an excellent way of expanding your customer base and taking a larger share of the market. Today’s buyers are picky about their purchasing channels, and 40% of consumers say that they won’t buy from a company that doesn’t offer their preferred channel2. With 55% of customers reporting a preference for fully online or hybrid (i.e., combination of in-store and online) shopping, adding online options is a great way of attracting customers away from your competitors3.

Offer Innovative Payment Options:

In addition to preferred buying channels, today’s customers also want to be able to use their preferred payment method when making a purchase. The options for payment methods have exploded over the last several years, and include solutions like digital wallets, contactless payments, and mobile payment solutions. Having multiple payment options simplifies the checkout process for your customers and enhances their experience with your brand.


Personalize the Customer Experience:

Customer relationship management (CRM) platforms allow businesses to retain information about customers that can be used to create a personalized experience. Importantly, 75% of customers say they are more likely to buy from companies that recognize them by name, know their purchase history, and suggest new products based on their purchase history4. Customers will want to be assured that their personal information does not fall into the wrong hands, so a multi-layered cybersecurity regimen is a must.


Improve Speed and Accuracy of Service:

The speed and accuracy of your service can set you apart from competitors. Take advantage of solutions like cloud-based project management platforms, collaboration and communication applications, and automation software to amplify productivity while reducing costs. Your business can also optimize supply chain management through the use of IT solutions to manage inventory tracking and logistics, improving both speed and accuracy of order fulfillment.


Add Self-Service Options to Website:

Although customers appreciate and expect companies to provide live communication with company representatives for certain types of questions, for some types of inquiries, customers now show a strong preference for self-service options. Specifically, 68% of customers prefer using self-service options to conduct foundational research and to get answers to simple questions5. Such options might take the form of self-service portals on your website, or various fact sheets or knowledge bases that they can access online independently.

By taking advantage of the plethora of modern technologies available today, SMBs can differentiate themselves, elevate customer experience, boost operational efficiency, and gain a competitive edge in the market.

NexusTek helps SMBs to strengthen their competitive advantage by providing strategic IT consulting, best-in-class cybersecurity solutions, modern workplace applications, top-tier cloud solutions, and managed IT to keep your infrastructure running smoothly.

Would you like to talk with an expert about using IT to strengthen your competitive advantage?


  1. Wilson, A. (2022). Why site speed is so important: Conversions, loyalty, and Google search ranking. Shopify.,users%20by%20up%20to%2027%25
  2. (2019). State of the connected customer, third edition.
  3. Haller, K., Wallace, M., Cheung, J., & Gupta, S. (2022). Consumers want it all: Hybrid shopping, sustainability, and purpose-driven brands. IBM.
  4. (2022, August 15). How customer experience drives digital transformation.
  5. (2019). State of the connected customer, third edition.

What Is a Managed Services Provider?


What Is a Managed Services Provider?

A managed services provider is a company that manages other companies’ IT infrastructure to the degree that they require. Managed IT services are used by businesses of all sizes, from small, local companies all the way through large, multinational corporations. As this variety in usage suggests, managed services providers often tailor their services to meet the needs of organizations across a range of variables. We’ll discuss some of the most important variables in the sections below.

Fully Outsourced vs. Co-Managed IT: “Who Manages What?”

Managed services providers that offer customizable services will work with customers to establish a distribution of responsibility that best fits the customer’s needs and preferences. Many small and medium-sized businesses (SMBs) lack internal IT staff, and for such organizations, fully outsourcing their IT management to a managed services provider is often the ideal choice.

In the fully outsourced arrangement, the managed IT company would handle everything from start to finish, like installing new hardware and software, keeping up with software patches, adding new users, helping employees to troubleshoot and resolve tech problems, and so on. When SMBs outsource their IT fully, the managed services provider basically functions as their IT department.

Another common scenario is the company that has IT employees but prefers to outsource specific portions of their routine infrastructure management. The possibilities here are endless. One SMB may be in good shape to manage their on-premises infrastructure, but they may lack the in-house expertise to manage workloads in the cloud. For them, co-managed IT, in which they outsource only their cloud infrastructure management, might make the most sense.

Yet another SMB may have one or two senior IT leaders on board who handle everything from strategic IT planning to password resets. IT leaders in this position often find themselves so burdened with routine IT tasks that they have insufficient time for strategic activities, which is detrimental to the future growth of the business. For this company, a co-managed IT relationship that frees up the internal IT team’s time would be optimal. For example, they might choose to outsource time-consuming tasks like patch management and help desk support to the managed services provider, keeping all other IT tasks in-house.

Onsite vs. Remote Support: “Where Exactly Is Managed IT…Managed?”

Many SMBs are surprised to learn that the IT infrastructure of today can often be fully managed remotely. Through use of specialized software, engineers can “remote into” a business’ IT environment, giving them the access they need to perform routine tasks as well as diagnostics. This applies to both on-premises and cloud-based infrastructure.

Of course, some managed services tasks must be completed onsite. For example, installation of hardware and networking must be completed by an onsite engineer. In addition, some businesses prefer the human touch of in-person IT service, which onsite engineers provide. However, not all managed IT companies offer both onsite and remote IT services; this varies from one managed service provider to the next.

Dedicated Engineers vs. Rotating Engineers: “Who’s Going to Answer When I Call?”

Managed services providers may also differ in terms of the engineers that assist their customers. Some customers prefer to work with a dedicated engineer who knows their business and people well. The dedicated engineer might make onsite visits or provide remote support, but the bottom line is that the company can turn to the same engineer for support time after time. Some managed service providers offer a dedicated engineer option, while others do not.

With rotating engineers, a customer receives support from multiple engineers. Although this arrangement lacks the familiarity of the dedicated engineer, customers can still receive knowledgeable and detailed support, provided that the managed services provider maintains a thorough customer environment database. If the service provider is not organized in this way, customers may find themselves having to reacquaint a new engineer with their IT environment every time they call for support.

Benefits of Managed Services: “What’s in It for Me?”

After reviewing the above, you might already be gaining a sense of how partnering with a managed services provider can benefit a business. But here are a handful of the most impactful benefits:

Reduce costs: Many SMBs find that it is less costly to outsource to a managed IT services provider than to manage their own in-house IT team, especially when the costs of high IT turnover are factored into the equation.

Fill holes in internal expertise: SMBs typically have few if any IT staff, and partnering with a managed services provider is a handy way of bringing in IT expertise that may be missing within their own teams.

Increase productivity: An overarching aim of managed IT is to keep a business’ infrastructure running reliably, or in other words, to prevent or reduce system downtime that cuts into employees’ productivity.

Bundle IT costs: Because some managed services providers also provide other necessary services, like cybersecurity and cloud hosting, SMBs can benefit from the convenience of working with a single provider for most if not all of their IT needs.

Free up time for higher-value tasks: By outsourcing routine, time-consuming IT management tasks to a managed services provider, top IT leaders like CIOs and IT directors can free up time in their schedules to attend to the strategic aspects of IT planning, which makes use of their specialized knowledge in ways that are more valuable to the business in the long term.

Offering customizable co-managed and fully outsourced IT plans, with dedicated remote and onsite engineers available, NexusTek provides managed services that are tailored to the needs of SMBs.

Would you like to explore how managed IT services could benefit your business?

You’ve Decided to Move to the Cloud…What’s Next?


You’ve Decided to Move to the Cloud…What’s Next?

If your business has decided to make the switch to a cloud-based infrastructure, your “why” is probably pretty straightforward. With benefits like quick scalability, high reliability, reduced total cost of IT ownership, and flexibility to work from anywhere, cloud-based infrastructure is becoming the model of choice for enterprises and smaller businesses alike.

But when it comes to the “how” of switching to the cloud, that gets a bit more complicated. Although many small and medium-sized businesses (SMBs) choose to outsource their cloud migration to experienced technology professionals, it is still important for decision-makers to understand the migration process at a high level before making the plunge.

If you’re weighing the decision to go cloud-first but are hazy on the migration process, this article is for you. In the following sections, we review the major steps of moving to the cloud.

Discovery: Compile a full accounting of your IT resources.

The first step is fairly intuitive. If you are going to move your workloads to the cloud, you need to start with a complete list of all software and data your business uses, with notes on where each is stored. This means taking a full account of your on-premises servers and applications as well as any workloads currently running in the cloud.

Be aware that “shadow IT” is an increasingly common phenomenon, meaning that there may be employees or departments that are using applications that were never officially approved by your IT team or decision-makers. Any shadow IT should be included in your accounting. This is also a great time to start thinking about which applications are business-critical—and need to be accessed anywhere—and which applications you’d prefer to keep on-premises.

Connectivity: Make sure you have sufficient bandwidth.

This is an often-overlooked consideration but an important one. When you move to the cloud, your employees will be accessing their various business applications over the internet, rather than via your on-premises network. This means that the volume of data flowing through your internet connection will suddenly spike. Make sure you have an internet connection that can handle that volume to avoid slowing your operations to a crawl.

Cloud Models: Weigh your options.

When we talk about “the cloud,” it can sound monolithic, as though it’s one huge, pooled resource. But the truth is that the cloud is not a single environment. There are a variety of cloud providers, cloud models, and service types, and choosing the right arrangement for your business can be complex.

First of all, consider the difference between public and private cloud. Public cloud refers to multi-tenant environments where different users share space on the same servers. Private cloud refers to single-tenant environments, in which servers are dedicated to individual accounts or users.

You should also consider whether your business wishes to move entirely to the cloud or keep some applications and data onsite (i.e., a hybrid cloud model). Furthermore, think about whether your in-house IT staff have the time and experience to remotely manage your new cloud environment, or whether it makes more sense to task the cloud provider with managing your cloud infrastructure.

Risk Analysis: Identify possible issues that may impact migration success.

It is important to understand, at least conceptually, that relationships or “dependencies” exist between your applications. In essence, certain applications depend on other applications to function properly. These relationships are important to map out before attempting to migrate to the cloud because specific relationships may not be present or possible in the new cloud environment. If this issue is not identified before the attempted migration, then you will find that the affected applications won’t function properly or at all.

Compatibility issues can have a similar effect. As pointed out above, the cloud is not a single environment. Some cloud environments may use different operating systems and APIs than your business uses on-premises. Trying to run your workloads in such a mismatched environment would result in significant performance issues or even application failure.

Compliance: Make sure the new cloud environment measures up.

If your business is subject to data privacy and security regulations, you might be concerned about whether the cloud meets your compliance standards. The positive news is that cloud environments—when managed effectively—can meet the rigorous requirements of compliance standards like HIPAA, GDPR, and FINRA. When selecting a cloud provider, make sure they understand your regulations and are willing to complete agreements or other documents to support your compliance.

Security: Update your security strategy and policy.

When you switch to a cloud-first approach, your security strategy needs to change too. Your data will no longer be contained within the perimeter of your onsite infrastructure; it will now be located in a remote data center and accessed over the internet from endpoints like laptops, mobile phones, or tablets.

This diffuse network requires a different type of cybersecurity strategy since you now have to “guard the door” of every endpoint and user that connects to your network. A security program that adheres to principles of zero trust is highly recommended for a cloud-based environment, as it makes it harder for bad actors to get into your systems and limits the damage they can do if they do penetrate your network.