Blog
← Back to Blog
September 10, 2016 general

Five Years in Business: Robell Technologies Anniversary

Today, September 10, 2016, marks five years since Robell Technologies was established in Arizona. Five years of keeping dental practices, law firms, medical offices, and accounting firms secure and operational.

Five years isn't a long time in the IT business, but it's long enough to have learned some important lessons about what actually works for small professional practices.

What We've Learned

Small Practices Have Unique Needs

When we started in 2011, we noticed that most IT companies either focused on large enterprises or treated small practices like they were just smaller versions of big companies. That doesn't work.

A dental practice with 10 computers doesn't need enterprise-grade everything. But they do need enterprise-level security for patient data. They need systems that work reliably without dedicated IT staff. They need support that understands their workflow and terminology.

Over five years, we've learned to right-size solutions for small practices. Not overbuilding, not underprotecting, but finding the appropriate balance for each practice's size, budget, and risk profile.

Healthcare and Professional Services Are Different

Dental, medical, legal, and financial practices have regulatory requirements that retail stores and restaurants don't. HIPAA for healthcare. State bar ethical obligations for law firms. SEC requirements for financial advisors.

These regulations aren't just checkboxes. They affect how you design systems, what security controls you implement, how you handle backups, and what you do when things go wrong.

We've spent five years learning these regulations and how to implement them practically for small practices.

Prevention Beats Emergency Response

Our first year, we spent a lot of time responding to emergencies. Servers crashing, ransomware infections, data loss, network outages. We got good at emergency response.

But we realized emergency response, while necessary, isn't the best service we can provide. Prevention is better. Over the past five years, we've shifted toward proactive monitoring, regular maintenance, security hardening, and helping practices avoid emergencies in the first place.

We still do emergency response when needed. But our goal is to make emergencies rare.

Training Matters as Much as Technology

You can have the most secure network and the best backup system, but if staff click phishing emails and share passwords over text messages, you're not actually secure.

We've learned that staff training is as important as technical controls. People need to understand why security policies exist, what threats are real, and how to recognize suspicious activity.

Training doesn't have to be complicated or expensive. Brief, regular sessions focused on practical topics work better than annual marathon training days.

Communication Is Critical

Technical competence matters, but so does communication. Practice owners need to understand what we're recommending and why, without getting overwhelmed by technical jargon.

We've learned to translate technical issues into business language. Instead of "your RAID array has degraded redundancy," we say "one of your backup hard drives failed, and we need to replace it soon to maintain protection."

Clear communication builds trust and helps practices make informed decisions about their IT investments.

What's Changed in Five Years

Cloud Everything

In 2011, cloud services were new and practices were skeptical. Email in the cloud? Practice management software hosted remotely? File storage on someone else's servers?

In 2016, cloud services are mainstream. Practices have discovered that cloud systems can be more reliable and secure than on-premise solutions. The question isn't "should we use cloud services?" but "which ones and how?"

Ransomware Went Mainstream

Ransomware existed in 2011, but it was rare. In 2016, it's a constant threat. We see ransomware attempts weekly, targeting healthcare practices specifically because they can't afford downtime.

This has changed how we approach security. Backups need to be isolated from production networks. Email filtering needs to catch phishing attempts. Staff need to recognize suspicious attachments.

Mobile Devices Everywhere

In 2011, smartphones were becoming common but tablets were new. Practice workflows were desktop-centric.

In 2016, everyone has smartphones. Tablets are standard for patient education and digital forms. Doctors access patient records from phones. This creates security challenges (lost devices, personal devices mixing with work data) that require thoughtful policies and technical controls.

Compliance Requirements Increased

HIPAA enforcement has gotten more serious. The Omnibus Rule in 2013 increased penalties and expanded who's covered. State breach notification laws have multiplied.

For professional services, cybersecurity is increasingly part of ethical obligations. Law firms need to protect client data. Financial advisors have SEC cybersecurity requirements.

Compliance isn't just about avoiding fines. It's about protecting clients and maintaining trust.

What Hasn't Changed

Backups Are Still Essential

Five years ago, we emphasized backups. In 2016, we still emphasize backups. Technology changes, threats evolve, but the fundamental importance of good backups hasn't changed.

Ransomware, hardware failures, human error, natural disasters - backups protect against all of them. Every practice needs automated backups, offsite storage, and regular testing.

Password Security Is Still a Problem

Despite five years of security awareness, weak passwords and password reuse remain major vulnerabilities. "Password123" is still common. People still write passwords on sticky notes.

We're making progress with password managers and multi-factor authentication, but password security requires ongoing attention.

People Are the Weakest Link

Technical controls matter, but most security breaches start with human mistakes. Clicking phishing emails, falling for social engineering, misconfiguring systems, skipping security updates.

This hasn't changed in five years and probably won't change in the next five. Human error is inevitable. Good security accounts for this through training, technical controls that limit damage from mistakes, and quick detection and response when errors occur.

What We're Focused On

Proactive Security

We're investing in monitoring systems that detect problems before they become crises. Network monitoring, security event logging, automated alerting. The goal is to catch issues early when they're easy to fix.

Better Training Programs

We're developing training materials specifically for dental practices, law firms, and medical offices. Not generic security training, but content that addresses the specific threats and workflows of professional practices.

Realistic Compliance

HIPAA compliance doesn't have to be overwhelming. We're focused on helping practices implement security that meets regulatory requirements without unnecessary complexity or cost.

Long-Term Relationships

Some of our clients from 2011 are still with us in 2016. That's what we want: long-term relationships where we understand each practice deeply and can provide increasingly valuable service over time.

Thank You

Five years in business means five years of practices trusting us with their IT infrastructure, their data security, and their business continuity. That trust is something we work to earn every day.

To our clients: thank you for your business and your patience as we've learned and grown.

To practices we haven't worked with yet: if you're looking for IT support that understands healthcare and professional services, we'd welcome the opportunity to help.

Here's to the next five years of keeping Arizona practices secure and operational.