Issue link: https://nebusinessmedia.uberflip.com/i/639966
www.wbjournal.com February 15, 2016 • Worcester Business Journal 21 A fter a relatively mild start to the winter, Central Massachusetts has been hit by significant winter storms since early February. After clearing snow from walkways, parking lots and driveways for safety reasons, businesses need to be concerned about the buildup of snow on their rooftops, where enough pressure can lead to damage or – in rare instances – a collapse with disastrous results. With some proactive removal, companies can avoid this fate. Here are 10 steps to follow: 10. Make an initial assessment Identify the primary structural elements on the roof, then remove snow in that area to prevent unbalanced snow loading. 9. Target an area Start off smartly by designating a few areas on the ground where you plan to dump the snow. 8. What FEMA says The Federal Emergency Management Agency says that at least two inches of snow should be left on the roof to avoid causing potential damage to roofing materials and structure. 7. A roof is no place for equipment It's a bad idea to use gas or electric powered snow-removal equipment. Damaging the roof membrane is worse than a speedy job, not to mention safety issues. 6. Ice breakers and ice picks Avoid using any ice breakers, picks or other sharp tools. Always use non- metallic or plastic shovels. Roof shingles are especially delicate in freezing temps. 5. Get the drift If possible, shovel off drifted snow accumulated around windows, building slopes, parapets and around equipment. Remember, the colder it is, the lighter the snow will be to lift. 4. Avoid a lawsuit For commercial or tenant claims and especially relating to the clearing of walkways, poor snow removal can be worse than letting it be. A court ruled that liability can arise from "negligent performance of a voluntary undertaking." 3. Buildings have lungs, too Clear snow away from all vents, exhaust pipes, building exits, fire escapes, drain downspouts, gutters, service ladders and HVAC equipment. 2. Tell someone your plan If you cannot recruit a helper to join you, alert people of your task in case of an emergency. 1. To shovel or not Snow can develop into a thick ice crust too hard to shovel and not worth risking personal injury. Because roofs are designed to handle distributed weight loads, roof collapses are rare. n Scott Lacourse is a director at Needham-based Enservio, a provider of contents claim software, payments solutions, inventory and valuation services for property insurers. By Michelle Drolet Michelle Drolet is CEO of Towerwall, a data security services provider in Framingham. You may reach her at michelled@ towerwall.com. 10 Things I Know About... Deal with roof snow before it becomes more expensive KNOW HOW 10. A hedge against a breech A virtual chief information security officer can serve as security consul or as an interim CISO to fill the gaps during a planned information-technology security policy review. Better to be safe than sorry. 9. High talent at low costs As a temp hire, a vCISO offers flexibility and cost controls. He/she can help build programs, conduct employee training, draft security policies and set standards for compliance mandates. 8. Bridge the divide Most small and midsize businesses do not have senior security talent on call. Having someone conversant in identifying and analyzing threats, creating strategic security plans and ensuring compliance requires the right level of expertise. 7. Help companies succeed Cisco reported only 29 percent of organizations have a CISO. Businesses with a CISO recorded the highest levels of confidence in their security stance in terms of optimization and clarity. 6. Finding the shoe that fits For small to midsize businesses, it doesn't make sense to invest in a full-time CISO. A virtual one delivers a pay-as-you-go option and specialty skills required to draft a strategic security plan for a sound future. 5. How to contract There's no universal standard for hiring a vCISO. Set up a retainer for a number of hours, contract on a per-project basis, or buy a chunk of hours to use as needed. 4. What to look for A qualified vCISO will be up to speed on the latest best practices, with experience in conducting risk assessments, penetration testing, intrusion detection and other key services. Should also have ability to train internal security staff. 3. Comparative costs A contract rate for virtual CISOs is 35-to-40 percent of the average salary for a full- time information security person. 2. Trust in leadership Many companies are forced to spend an increasing proportion of budget on cleaning up after a breach. A vCISO can be invaluable as a firefighter and leader. Don't wait until a breach occurs; prevention is better than cure. 1. Who needs them Businesses with access to personal consumer data or companies in regulated industries, or with proprietary intellectual property, or with data security concerns are the best candidates for a vCISO. T he military is regimented and systematic, with tried-and-true operational practices. Can these themes of discipline, accountability and responsibility translate into the world of business? Here are three ways to tap into your best business self with lessons learned from the rank and file: Invest resources wisely. Brian Tracy at BNI.com advises against armies — or companies — spreading themselves too thin. Energy, like money or manpower, is a precious commodity. "Economy of force means that you expend only the resources necessary to achieve the objective — not more," he writes. "Be very selfish when deciding how you are going to use yourself. Keep asking, 'How important is this?' and, more important, 'How important is this to me?'" Surprise your foes/competitors. This can be done, for instance, with a new product release via stealth, ambiguity or deception, writes Eric K. Clemons and Jason A. Santamaria at Harvard Business Review. "Denying critical information to the enemy minimizes or even eliminates the threat of retaliation," they write. According to the article, Microsoft relies on ambiguity when it announces upgrades. Competitors have no choice but to respond to every potential change. "Because it never implements all of the announced changes," the article states, "Microsoft incurs costs only for those features that it actually upgrades." Consider guerilla warfare. In uncertain markets, companies should identify opportunities to attack. Unless they mobilize and strike quickly, companies could lose their window of chance, writes Charles Rathmann in an article at LinkedIn.com. "The goal is not so much to gain territory as much as it is to make the status quo uncomfortable for an opponent … Why is guerilla strategy becoming more important? … changes in technology. An investment in a technology now may be worth less in the future as another, disruptive, technology takes its place," writes Rathmann. n 101: MILITARY STRATEGY IN BUSINESS >> BY SUSAN SHALHOUB Special to the Worcester Business Journal Hiring a vCISO BY SCOTT LACOURSE Special to the Worcester Business Journal